IIS 6.0 & Apache Tomcat with the Jk 1.2 Connector

7 08 2009

Our company website will be undergoing a facelift, and the new site design is being done by a 3rd party in which we’ll be integrating the site with.   The new developers are mainly .NET developers, so we’ll have to convert some of our front-end web servers to IIS.  However, most of our existing back-end infrastructure is java based, which leads me to the topic of this post.  This is mainly to document the steps that I took to get our pre-production IIS servers talking to our back-end app servers that are running some tomcat and jboss instances to serve up the dynamic content of our site.

Setup:

  • IIS 6.0 (Windows Server 2003)
  • Java JRE 6 update 14
  • Tomcat 6.0.18
  • JK 1.2.28 Connector

Step 1 – Install Java

Step 2 – Configure $JAVA_HOME environment variable

  • Right-click My Computer ->Properties ->Advanced ->Environment Variables
  • New System Variable -> set JAVA_HOME to “C:\Program Files\Java\jre6″ (or path to your java install)

Step 3 – Install Tomcat

Step 4 – Set permissions on C:\tomcat directory

  • Add the following users to the NTFS security tab for this directory and ensure permissions propagate down to child directories
  • Network Service
  • IIS_WPG
  • Internet Guest Account(<machine_name>\IUSR<machine_name>)
  • Current admin user (if not already added)
  • Give them all privileges

Step 5 – Download the Jk Connector (isapi_redirect.dll) plugin

  • Download plugin here.
  • Look for the file named “isapi_redirect-1.2.28.dll” and download it to C:\tomcat\ISAPI
  • Rename “isapi_redirect-1.2.28.dll” to “isapi_redirect.dll”

Step 6 – Create the C:\tomcat\ISAPI\isapi_redirect.properties file

  • Contents of this file should contain the following:
# Configuration file for the Jakarta ISAPI Redirector
#
# The path to the ISAPI Redirector Extension, relative to the website
# This must be in a virtual directory with execute privileges
extension_uri=/jakarta/isapi_redirect.dll
#
# Full path to the log file for the ISAPI Redirector
log_file=C:\tomcat\logs\isapi_redirect.log
#
# Log level (debug, info, warn, error or trace)
log_level=info
#
# Full path to the workers.properties file
worker_file=C:\tomcat\conf\workers.properties
#
# Full path to the uriworkermap.properties file
worker_mount_file=C:\tomcat\conf\uriworkermap.properties

Step 7 – Create the C:\tomcat\conf\workers.properties file

  • Contents of this file should contain the following (for now):
# workers.properties.minimal -
#
# This file provides minimal jk configuration properties needed to
# connect to Tomcat.
#
# The workers that jk should create and work with
#
#
worker.list=wlb,jkstatus
#
#
# Defining a worker named ajp13w and of type ajp13
# Note that the name and the type do not have to match.
#
worker.ajp13w.type=ajp13
worker.ajp13w.host=localhost
worker.ajp13w.port=8009
#
#
# Defining a load balancer
#
#
worker.wlb.type=lb
worker.wlb.balance_worker=ajp13w
#
#
# Defining status worker
#
#
worker.jkstatus.type=status

Step 8 – Create the C:\tomcat\conf\uriworkermap.properties file

  • Contents of this file should contain the following (for now):
# uriworkermap.properties - IIS
#
# This file provides sample mappings for example wlb
# worker defined in workermap.properties.minimal
# The general syntax for this file is:
# [URL]=[worker name]
#
#/admin/*=wlb
#/manager/*=wlb
/examples/*=wlb
#
#/servlets-examples/*=wlb
# Optionally filger out all .jpeg files inside that context
# For no mapping the url has to start with (!)
#
#!/servlets-examples/*.jpeg=wlb
#
#
# Mount jkstatus to /jkmanager
# For production servers you will need to
# secure the access to the /jkmanager url
#
/jkmanager=jkstatus

Step 9 – Configure IIS – jakarta Virtual Directory

  • Open IIS Manager
  • Right-click on the website and create new Virtual Directory
  • Name the virtual directory “jakarta”
  • Point the path to C:\tomcat\ISAPI
  • Set the Virtual Directory permissions to Read, Run scripts, and Execute (first 3 options)

Step 10 – Configure IIS – Add ISAPI filter to the website

  • Right-click on website
  • Go to ISAPI Filters tab
  • Click Add
  • Name it “tomcat ISAPI”
  • Point the executable path to C:\tomcat\ISAPI\isapi_redirect.dll
  • Apply / OK

Step 11 – Configure IIS – Add a Web Service Extension for the tomcat connector

  • Right-click on Web Service Extensions
  • Add new Web Service extension, name it “tomcat ISAPI”
  • Point Web Service extension path to C:\tomcat\ISAPI\isapi_redirect.dll
  • Set extension status to Allowed
  • Apply / OK

Step 12 – Restart IIS

  • Start ->Run ->iisreset

Step 13 – Test tomcat connector against localhost

  • Point your browser to

http://localhost:8080/examples/servlets/servlet/HelloWorldExample

  • If you see “Hello World!” then your local tomcat instance is serving up .jsp’s via IIS

Step 14 – Replace .properties files with company specific .properties files

Troubleshooting

  • If you don’t see a green arrow after adding the isapi_redirect.dll to the wesite properties-> ISAPI filters tab, the that means IIS is not loading the module. Double check all your .properties files for syntax errors, and also check that the isapi_redirect.dll files and corresponding .properties file have the correct permission (IIS user added to security)
  • Check eventvwr
  • Check IIS logs in C:\WINDOWS\system32\LogFiles
  • Check in C:\tomcat\logs\isapi_redirect.log

Caveats

  • Check who IIS is running as (ApplicationPool->Properties->Identity)
    Add that user to security tab of isapi_redirect.dll and siapi_redirect.properties files with all permissions (and to parent folders) (for donbest this is Network Service user and IIS_WPG)… Had to do this to get IIS 6 to load the isapi_redirect.dll correctly (get the green arrow)
  • If you’re getting HTTP 500 errors, try running www service in IIS 5.0 isolation mode (Web Sites->Properties->Service->isolation mode)
  • Avoid spaces in pathnames of tomcat directories
  • Add <machine_name>/IUSR_<machine_name> to NTFS security tab for all ISAPI/* related files (this prevents authentication dialogue window when clients try to access jsp or other files via the tomcat connector)

References


Comments : Leave a Comment »
Tags: , ,
Categories : Uncategorized


Follow

Get every new post delivered to your Inbox.