IIS to Tomcat Connector (Active)
Project Home • Blog • Forums • Screenshots • External Project Link • Contact Project
Author: Bilal (All RIAForge projects by this author)
The latest versions of the connector can be downloaded from the BonCode site:
The RIAforge site is no longer maintained.
-- Hands-down the easiest connector to deploy for IIS to Tomcat connectivity -- ;o) Simply download, unblock, run setup.
This is the modern method of connecting IIS and Apache Tomcat. Most likely to use a Railo, Lucee or JSP driven backend.
The BonCode AJP (Apache JServ Protocol version 1.3) Connector uses already existing pathways to connect to Apache Tomcat.
The AJP implementation is generic and will work to connect IIS with any AJP server such as Jboss, web-methods, Jetty etc.
In general it is a preference question how you connect IIS to Tomcat, though, there are several advantages with the BonCode connector vs the old ISAPI connector:
• no ISAPI code, IIS6 vestiges or backward compatibility elements needed
• does not block or hinder IIS functionality or slows unrelated requests
• all managed code for IIS7+ using the modern extensibility framework
• works on IIS5.1, IIS6 and IIS7, IIS7.5, IIS8+ (Windows XP through Windows 10, Windows Server 2003-2012)
• speed, throughput, and stability improvements
• configuration in IIS UI
• no virtual directories and virtual mappings needed
• configuration can be inherited to sub-paths and virtual sites
• easy install/uninstall
• support partial stream sending to browser (automatic flushing) with faster response to client
• support both 32/64 bit of Windows with same process and files
• transfer of all request headers
• build-in simple-security for web-administration pages (Tomcat, Railo, OpenBD, ColdFusion)
• IP6 support
• Additional HTTP headers data is passed to Tomcat servlet container (previously unavailable)
• Improved transfer of SSL data to Tomcat servlet container
• Support improved translation of load balancer headers to determine correct client IP
• Support client fingerprint mechanism for use with safer sessions
• Support for Adobe Coldfusion 10,11 AJP dialect
• Support for Lucee, Railo, and OpenBD CFML Engines
• Support for alternate Path-Info header transmission via AJP
If you were using a proxy or URL rewrite engine you would also benefit from:
• Fully integrated SSL to Servlet container
• Tomcat threading awareness (will not overload Tomcat and drop connections unnecessarily)
• Your servlets and scripts will receive correct HTTP header/URL/IP information for processing
• reduced traffic and processing on both IIS and tomcat sides
• allows you to connect to multiple tomcat instances from within one IIS site without interfering with ISAPI connector, e.g. Shibboleth and ColdFusion 10/Railo
Version 1.0.28 Updates:
* Add: additional stack trace to windows event log
* Upd: continue spooling data even after an unallowed header change has been attempted by servlet code
Version 1.0.27 Updates:
* Add: optional logging of connection issues to Windows log if a Log Source is available
* Add: allways log full stack trace in log file when any type of logging is enabled
* Add: additional system error condition catches throughout comm cycle
* Add: when we encounter stream read errors and null buffers, we will retry to read stream instead of throw exception
* Add: suppress logging certain errors when Tomcat is stopped before IIS to avoid confusion
* Add: suppress client disconnect errors (thread aborted)
* Upd: installer change information text, remove requirement to select a handler
* Upd: Adobe Coldfusion ExpandPath() with invalid path will no longer throw exception but return invalid path
* Fix: error when IIS site instance IDs were set to a value higher than 32767, now the max value is: 4294967295 (UInt32)
Version 1.0.26 Updates:
* Add: Flushing priority. When both time and byte flushing are specified, we will first wait for time, then use either time or byte markers
* Add: Setting DocRoot for manual HTTP x-tomcat-docroot override, in cases where Tomcat is running on Linux
* Add: Block client HTTP headers that match connector generated HTTP headers
Version 1.0.25 Updates:
* Add: New setting for ModCfmlSecret
* Add: Installer setting file can accept requestSecret and modCfmlSecret parameters
Version 1.0.24 Updates:
* Add: New setting RequestSecret to support Tomcat requiredSecret setup. A shared secret can be used to secure the AJP connection.
* Add: Cache of settingfile reads
* Add: New setting EnableAggressiveGC for more frequent Garbage Collection. Users transferring large number of bytes, e.g. images and file assets through the connector rather than through IIS.
* Add: Installer can now install site-specific handlers
* Upd: Changed default for HeaderBlacklist to decrease the size of initial packet. The HTTP headers URL,SERVER_SOFTWARE,SERVER_NAME, and SERVER_PROTOCOL will no longer be automatically transferred.
* Fix: Correct virtual direcotry listing when Site Ids where manually changed by users
Version 1.0.23 Updates:
* Fix: IIS InstanceId determination on certain computers would throw errors.
* Fix: Windows 2012 flexgateway receiving out of order packets.
* Fix: Windows 2012 flexgateway empty packets from tomcat would cause connection abort.
Version 1.0.22 Updates:
* Add: new HTTP header x-webserver-context when EnableHeaderDataSupport setting is turned on. Will contain the IIS site context. Used with mod_cfml this can assist in auto creation of Tomcat contexts.
* Upd: disable connection pool by default (MaxConnections=0). Most reports of bugs were related to this due to misunderstanding of setting.
Version 1.0.21 Updates:
* Upd: only mark threads with error HTTP 400 and above to be reset. Previously reset any non HTTP 200 thread.
* Add: added new x-vdirs header that will transmit IIS virtual directory mappings when EnableHeaderDataSupport setting is turned on. Additional permissions need to be assigned to connector for this to work.
Version 1.0.20 Updates:
* Add: on connection error with forward URL we will forward error information to error page, when setting TomcatConnectErrorURL is populated, URL attributes : errorcode & detail will be added to target request
* Add: on connection error without forward URL we will use error code 502 for any connection errors that need to be displayed.
* Add: support for Lucee CFML engine and add Lucee administrator security
Version 1.0.19 Updates:
* Fix: exception during raw header translation when custom HTTP headers are introduced with duplicate names
* Add: Support X509 client certificates via AJP attributes in addition to HTTP headers
* Add: new setting SkipIISCustomErrors for stopping IIS from displaying error pages when servlet returns error status.
* Add: new setting LogIPFilter to selectivly log client streams, supports regex
Version 1.0.18 Updates:
* Fix: Dominic's fix for Empty (null) Headers. When headers are transferred with null values instead of empty string error would be thrown.
* Add: Set HTTP error code for Connection Errors with Tomcat included as stub in this version
* Upd: Improve error messages for connection problems on local and remotes
* Upd: Changed name reference of setting [FlushThreshold] to [FlushThresholdTicks] to clarify that we use time ticks.
* Add: Added new setting [FlushThresholdBytes]. This will start spooling buffer after the byte threshold is reached. Aid in streaming large files via Tomcat.
* Add: Allow BIN directory and Setting files to be located on UNC path so servers can share libraries and configuration.
* Add: Expanded log file name generation so that a shared setting file among multiple servers does not produce write contention.
* Add: Concurrent connection count estimate in log file with log level 2 (experimental)
* Upd: Added back the PacketSize default when you switch to Adobe mode that was removed in 1.0.15, it will be set to 65531 bytes (Adobe hard-coded default value)
* Add: When buffering whole content switch from chunked transfer-type to fixed-length transfer for non binary data
* Upd: Remove automatic IIS side redirect for any 30x status and use Tomcat directive instead
* Upd: Installer does no longer remove IIS features automatically without confirmation or in silent mode
* Fix: Adobe specific AJP13 file path extension would fail with Unicode path name requests
Version 1.0.17 Updates:
* Fix: 404 redirect by connector could leave stream cache to be reused on the connection.
* Add: New Setting (FPHeaders) to determine HTTP headers used for client fingerprint.
* Add: Included logger changes from Igal: Log file time stamp and debug log method
* Upd: Change the default log file name and extension to BonCodeAJP13Connection[yyyyMMdd].log
* Upd: Internal class cleanup
* Fix: Handle exception when determining Physical Path in case invalid virtual path references are passed
Version 1.0.16 Updates:
* Add: Security to block access to WEB-INF and META-INF path on any site when remote access to Admin is disabled
* Add: installer block WEB-INF and META-INF access automatically using IIS facilities for all websites during automated install
Version 1.0.15 Updates:
* Upd: For CF10 remove packet size setting from AdobeMode operation. Now using default tomcat packet size. If you used with CF10 please remove the packetSize attribute in tomcat server.xml before applying this version.
* Fix: SSL Key size transfer in HTTP Attributes used wrong data type
* Fix: Handle Tomcat bug that would result in packets being sent after tomcat already had declared end of transmission (EndResponse)
* Add: Workaround for Tomcat Bug that would introduce null data
Version 1.0.14 Updates:
* Add: display more error details when processing call on localhost vs remote
* Add: installer display warning if there is an installer.settings file and the setup is started interactively by user
* Fix: UTF-8 headers in URi would not transfer correctly
* Add: error handling when ColdFusion 10 tomcat instance sends zero byte packages
* Add: detect log file contention when multiple connector instances are running
* Add: Setting LogFile to specify a different log file name from default
Version 1.0.13 Updates :
* Add: secure Adobe CF10 CFIDE admin paths when setting EnableRemoteAdmin is set to False
Version 1.0.12 Updates :
* Fix: installer iteration of web sites would duplicate site names
* Add: Support Windows 8 / Windows Server 2012
* Add: Support for .net 4 / .net 4.5
* Add: installer detect if .net framework 4/4.5 is installed and skip .net 3.5
* Add: installer detect if Windows 8 / Server 12: install .net 4.5 feature/extensibility/asp.net
* Add: installer add default documents on IIS7/IIS8 for selected handlers (index.jsp/index.cfm)
* Add: installer expanded uninstall to remove additional configuration and features
Version 1.0.11 Updates:
* Fix: IIS request timeout before tomcat timeout would leave data in tcp stream cache that would be displayed in next connection when using connection pool
* Fix: Exposing ColdFusion 10 Webservices calls (cfc remoting) caused packet order error and IIS exception
* Add: Added setting (EnableClientFingerPrint) for simple client fingerprinting calculations, result in HTTP header xajp-clientfingerprint
Version 1.0.10 Updates:
* Fix: Handle exception thrown when required protocol information is not supplied by client
* Upd: Logging format changes. Reshuffled log levels. Added HTTP Headers explicit logging (3)
* Upd: Update to Manuals
* Add: Do not add prefix to inbound Uri if the specified prefix is already at the beginning of Uri
ADDITIONAL VERSION HISTORY IN DOWNLOAD PACKAGE
END OF VERSION HISTORY
Manual Installation instructions are in the PDF within the project download package.
Using automated installer contained in package is recommended though.
As usual any feedback is appreciated.
Recent Blog Entries:
6/24/15 Using multiple instances of connector inside one IIS site
6/16/15 Upgrading Railo or Lucee Connector Version
7/6/12 Version 2 Thoughts
6/30/12 Using BonCode connector with Adobe ColdFusion 10
6/30/11 IIS 7.5 and Error with System.Web.AspNetHostingPermission
Version 1.0.28 Updates:
* Add: additial stack trace to windows event log
* Upd: continue spooling data even after an unallowed header change has been attempted by servlet code
Please see boncode site for later versions:
.net framework 3.5Source Control Access:
IIS 5.1, 6, 7, 7.5, 8, 8.5 (Windows XP through Windows 2008r2)
tomcat 5,6,7, or 8
Lucee application server or Adobe ColdFusion
This project hosts its source control at an external location:
Adobe and the Adobe product names are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.