IIS & Enfold Proxy
This page mainly applies when you are running Enfold Proxy (EP) with Plone and using Active Directory authentication.
Here is a diagram that shows how Internet Information Services (IIS) interacts with Enfold Proxy (EP), Plone and Active Directory (AD) when you are using NTLM Authentication.
Enfold Proxy is not actually involved with providing authentication; EP's main job is to translate URLs from Plone and to arrange for cached copies of web resources to be available so IIS doesn't have to keep requesting them from Plone.
Several things are worth pointing out about this diagram.
In two cases (2b and 4b), Enfold Proxy is returning cached content.
If you are using Plone for authentication (and not Active Directory), you would be using cookie-based authentication (which takes place mainly in Plone). Therefore, separate requests would have to go to Plone (specifically for cookies-based login). These arrows are not shown here.
The main goal of Enfold Proxy is to reduce the number of 4A,5 and 6 requests and instead to use as many 2b and 4b requests as possible.