I have an ASP.NET application that receives requests from a client software and the request headers contain a "request 100-continue".
I want to override IIS auto-response to request-100 header so that I can use the other headers to authenticate the user (or not) and send a proper response depending on the state (100 continue for authenticated obviously) or a proper error message.
The way we have accomplished this type of thing, and I believe a common approach is to create an HTTP Module - Modules are called on every request that is made to your app as part of the request pipeline and has access to life-cycle events throughout the request. You can examine each requests and take action such as performing your authentication, and changing the headers based on the request. They also let you examine the outgoing response and modify it.
Notes From http://msdn.microsoft.com/en-us/library/bb398986.aspx a great resource if you are new to modules.
Hope this Helps!