Managed Hosting



IIS to Tomcat Connector
Project Home Blog Forums Known Issues Screenshots External Project Link Contact Project

Author: Bilal (All RIAForge projects by this author)
Last Updated: December 8, 2016 8:22 AM
Version: 1.0.28
Views: 403,160
Downloads: 40,446
Demo URL: http://boncode.net/connector/webdocs/
License: Apache License, Version 2





-- Hands-down the easiest connector to deploy for IIS to Tomcat connectivity -- ;o) Simply download, unblock, run setup.

This is the modern method of connecting IIS and Apache Tomcat. Most likely to use a Railo, Lucee or JSP driven backend.
The BonCode AJP (Apache JServ Protocol version 1.3) Connector uses already existing pathways to connect to Apache Tomcat.
The AJP implementation is generic and will work to connect IIS with any AJP server such as Jboss, web-methods, Jetty etc.
In general it is a preference question how you connect IIS to Tomcat, though, there are several advantages with the BonCode connector vs the old ISAPI connector:
•   no ISAPI code, IIS6 vestiges or backward compatibility elements needed
•   does not block or hinder IIS functionality or slows unrelated requests
•   all managed code for IIS7+ using the modern extensibility framework
•   works on IIS5.1, IIS6 and IIS7, IIS7.5, IIS8+ (Windows XP through Windows 10, Windows Server 2003-2012)
•   speed, throughput, and stability improvements
•   configuration in IIS UI
•   no virtual directories and virtual mappings needed
•   configuration can be inherited to sub-paths and virtual sites
•   easy install/uninstall
•   support partial stream sending to browser (automatic flushing) with faster response to client
•   support both 32/64 bit of Windows with same process and files
•   transfer of all request headers
•   build-in simple-security for web-administration pages (Tomcat, Railo, OpenBD, ColdFusion)
•   IP6 support
•   Additional HTTP headers data is passed to Tomcat servlet container (previously unavailable)
•   Improved transfer of SSL data to Tomcat servlet container
•   Support improved translation of load balancer headers to determine correct client IP
•   Support client fingerprint mechanism for use with safer sessions
•   Support for Adobe Coldfusion 10,11 AJP dialect
•   Support for Lucee, Railo, and OpenBD CFML Engines
•   Support for alternate Path-Info header transmission via AJP

If you were using a proxy or URL rewrite engine you would also benefit from:
•   Fully integrated SSL to Servlet container
•   Tomcat threading awareness (will not overload Tomcat and drop connections unnecessarily)
•   Your servlets and scripts will receive correct HTTP header/URL/IP information for processing
•   reduced traffic and processing on both IIS and tomcat sides
•   allows you to connect to multiple tomcat instances from within one IIS site without interfering with ISAPI connector, e.g. Shibboleth and ColdFusion 10/Railo

YouTube Videos:



Version 1.0.28 Updates:
* Add: additional stack trace to windows event log
* Upd: continue spooling data even after an unallowed header change has been attempted by servlet code

Version 1.0.27 Updates:
* Add: optional logging of connection issues to Windows log if a Log Source is available
* Add: allways log full stack trace in log file when any type of logging is enabled
* Add: additional system error condition catches throughout comm cycle
* Add: when we encounter stream read errors and null buffers, we will retry to read stream instead of throw exception
* Add: suppress logging certain errors when Tomcat is stopped before IIS to avoid confusion
* Add: suppress client disconnect errors (thread aborted)
* Upd: installer change information text, remove requirement to select a handler
* Upd: Adobe Coldfusion ExpandPath() with invalid path will no longer throw exception but return invalid path
* Fix: error when IIS site instance IDs were set to a value higher than 32767, now the max value is: 4294967295 (UInt32)

Version 1.0.26 Updates:
* Add: Flushing priority. When both time and byte flushing are specified, we will first wait for time, then use either time or byte markers
* Add: Setting DocRoot for manual HTTP x-tomcat-docroot override, in cases where Tomcat is running on Linux
* Add: Block client HTTP headers that match connector generated HTTP headers

Version 1.0.25 Updates:
* Add: New setting for ModCfmlSecret
* Add: Installer setting file can accept requestSecret and modCfmlSecret parameters

Version 1.0.24 Updates:
* Add: New setting RequestSecret to support Tomcat requiredSecret setup. A shared secret can be used to secure the AJP connection.
* Add: Cache of settingfile reads
* Add: New setting EnableAggressiveGC for more frequent Garbage Collection. Users transferring large number of bytes, e.g. images and file assets through the connector rather than through IIS.
* Add: Installer can now install site-specific handlers
* Upd: Changed default for HeaderBlacklist to decrease the size of initial packet. The HTTP headers URL,SERVER_SOFTWARE,SERVER_NAME, and SERVER_PROTOCOL will no longer be automatically transferred.
* Fix: Correct virtual direcotry listing when Site Ids where manually changed by users

Version 1.0.23 Updates:
* Fix: IIS InstanceId determination on certain computers would throw errors.
* Fix: Windows 2012 flexgateway receiving out of order packets.
* Fix: Windows 2012 flexgateway empty packets from tomcat would cause connection abort.

Version 1.0.22 Updates:
* Add: new HTTP header x-webserver-context when EnableHeaderDataSupport setting is turned on. Will contain the IIS site context. Used with mod_cfml this can assist in auto creation of Tomcat contexts.
* Upd: disable connection pool by default (MaxConnections=0). Most reports of bugs were related to this due to misunderstanding of setting.

Version 1.0.21 Updates:
* Upd: only mark threads with error HTTP 400 and above to be reset. Previously reset any non HTTP 200 thread.
* Add: added new x-vdirs header that will transmit IIS virtual directory mappings when EnableHeaderDataSupport setting is turned on. Additional permissions need to be assigned to connector for this to work.

Version 1.0.20 Updates:
* Add: on connection error with forward URL we will forward error information to error page, when setting TomcatConnectErrorURL is populated, URL attributes : errorcode & detail will be added to target request
* Add: on connection error without forward URL we will use error code 502 for any connection errors that need to be displayed.
* Add: support for Lucee CFML engine and add Lucee administrator security

Version 1.0.19 Updates:
* Fix: exception during raw header translation when custom HTTP headers are introduced with duplicate names
* Add: Support X509 client certificates via AJP attributes in addition to HTTP headers
* Add: new setting SkipIISCustomErrors for stopping IIS from displaying error pages when servlet returns error status.
* Add: new setting LogIPFilter to selectivly log client streams, supports regex

Version 1.0.18 Updates:
* Fix: Dominic's fix for Empty (null) Headers. When headers are transferred with null values instead of empty string error would be thrown.
* Add: Set HTTP error code for Connection Errors with Tomcat included as stub in this version
* Upd: Improve error messages for connection problems on local and remotes
* Upd: Changed name reference of setting [FlushThreshold] to [FlushThresholdTicks] to clarify that we use time ticks.
* Add: Added new setting [FlushThresholdBytes]. This will start spooling buffer after the byte threshold is reached. Aid in streaming large files via Tomcat.
* Add: Allow BIN directory and Setting files to be located on UNC path so servers can share libraries and configuration.
* Add: Expanded log file name generation so that a shared setting file among multiple servers does not produce write contention.
* Add: Concurrent connection count estimate in log file with log level 2 (experimental)
* Upd: Added back the PacketSize default when you switch to Adobe mode that was removed in 1.0.15, it will be set to 65531 bytes (Adobe hard-coded default value)
* Add: When buffering whole content switch from chunked transfer-type to fixed-length transfer for non binary data
* Upd: Remove automatic IIS side redirect for any 30x status and use Tomcat directive instead
* Upd: Installer does no longer remove IIS features automatically without confirmation or in silent mode
* Fix: Adobe specific AJP13 file path extension would fail with Unicode path name requests

Version 1.0.17 Updates:
* Fix: 404 redirect by connector could leave stream cache to be reused on the connection.
* Add: New Setting (FPHeaders) to determine HTTP headers used for client fingerprint.
* Add: Included logger changes from Igal: Log file time stamp and debug log method
* Upd: Change the default log file name and extension to BonCodeAJP13Connection[yyyyMMdd].log
* Upd: Internal class cleanup
* Fix: Handle exception when determining Physical Path in case invalid virtual path references are passed



Manual Installation instructions are in the PDF within the project download package.

Using automated installer contained in package is recommended though.

As usual any feedback is appreciated.

Last Update:

Version 1.0.28 Updates:
* Add: additial stack trace to windows event log
* Upd: continue spooling data even after an unallowed header change has been attempted by servlet code

Please see boncode site for later versions:


.net framework 3.5
IIS 5.1, 6, 7, 7.5, 8, 8.5 (Windows XP through Windows 2008r2)
tomcat 5,6,7, or 8

Lucee application server or Adobe ColdFusion

Issue Tracker:

This project has an external bug tracker. You can find it here:

Source Control Access:

This project hosts its source control at an external location: