I dont know if I get the question 100%, but will try to give it a try
Based on your rules, you are checking to see if the request is authenticated against MCP, if they are "Authentication.IsAuthenticated" will be set to true, and the subsequent rules will not fire.
If the request fails to authenticate against MCP settings, then the method list is cleared (at that point I think it would be empty because MCP shouldnt add anything to it). Next you hit the NTLM rule, MWG adds NTLM to the method list and continues on.
Then you hit the last rule and it fires because Authentication.IsAuthenticated equals false. Since there is an "Authenticate" action, the MWG will look at the items in the MethodList and return a response based on what is in the method list.
Does that help?
chanks for the reply, The rule works perfect. I got an info to build this. I´m just looking for the source, perhaps i got it from the community or support, i do not know. Just looking for the information source. :-)