Managed Hosting



IIS to Tomcat Connector (Active)
Project Home Blog Forums Known Issues Screenshots External Project Link Contact Project

Author: Bilal (All RIAForge projects by this author)
Last Updated: May 13, 2015 10:46 AM
Version: 1.0.23
Views: 153,744
Downloads: 22,250
Demo URL: http://boncode.net/connector/webdocs/
License: Apache License, Version 2


-- Hands-down the easiest connector to deploy for IIS to Tomcat connectivity -- ;o) Simply download, unblock, run setup.

This is the modern method of connecting IIS and Apache Tomcat. Most likely to use a Railo, Lucee or JSP driven backend.
The BonCode AJP (Apache JServ Protocol version 1.3) Connector uses already existing pathways to connect to Apache Tomcat.
The AJP implementation is generic and will work to connect IIS with any AJP server such as Jboss, web-methods, Jetty etc.
In general it is a preference question how you connect IIS to Tomcat, though, there are several advantages with the BonCode connector vs the old ISAPI connector:
•   no ISAPI code, IIS6 vestiges or backward compatibility elements needed
•   does not block or hinder IIS functionality or slows unrelated requests
•   all managed code for IIS7 using the modern extensibility framework
•   works on IIS5.1, IIS6 and IIS7, IIS7.5, IIS8+ (Windows XP through Windows 8.1, Windows Server 2003-2012)
•   speed, throughput, and stability improvements
•   configuration in IIS UI
•   no virtual directories and virtual mappings needed
•   configuration can be inherited to sub-paths and virtual sites
•   easy install/uninstall
•   support partial stream sending to browser (automatic flushing) with faster response to client
•   support both 32/64 bit of Windows with same process and files
•   transfer of all request headers
•   build-in simple-security for web-administration pages (Tomcat, Railo, OpenBD, ColdFusion)
•   IP6 support
•   Additional HTTP headers data is passed to Tomcat servlet container (previously unavailable)
•   Improved transfer of SSL data to Tomcat servlet container
•   Support improved translation of load balancer headers to determine correct client IP
•   Support client fingerprint mechanism for use with safer sessions
•   Support for Adobe Coldfusion 10,11 AJP dialect
•   Support for Lucee, Railo, and OpenBD CFML Engines
•   Support for alternate Path-Info header transmission via AJP

If you were using a proxy or URL rewrite engine you would also benefit from:
•   Fully integrated SSL to Servlet container
•   Tomcat threading awareness (will not overload Tomcat and drop connections unnecessarily)
•   Your servlets and scripts will receive correct HTTP header/URL/IP information for processing
•   reduced traffic and processing on both IIS and tomcat sides
•   allows you to connect to multiple tomcat instances from within one IIS site without interfering with ISAPI connector, e.g. Shibboleth and ColdFusion 10/Railo

YouTube Videos:


Version 1.0.23 Updates:
* Fix: IIS InstanceId determination on certain computers would throw errors.
* Fix: Windows 2012 flexgateway receiving out of order packets.
* Fix: Windows 2012 flexgateway empty packets from tomcat would cause connection abort.

Version 1.0.22 Updates:
* Add: new HTTP header x-webserver-context when EnableHeaderDataSupport setting is turned on. Will contain the IIS site context. Used with mod_cfml this can assist in auto creation of Tomcat contexts.
* Upd: disable connection pool by default (MaxConnections=0). Most reports of bugs were related to this due to misunderstanding of setting.

Version 1.0.21 Updates:
* Upd: only mark threads with error HTTP 400 and above to be reset. Previously reset any non HTTP 200 thread.
* Add: added new x-vdirs header that will transmit IIS virtual directory mappings when EnableHeaderDataSupport setting is turned on. Additional permissions need to be assigned to connector for this to work.

Version 1.0.20 Updates:
* Add: on connection error with forward URL we will forward error information to error page, when setting TomcatConnectErrorURL is populated, URL attributes : errorcode & detail will be added to target request
* Add: on connection error without forward URL we will use error code 502 for any connection errors that need to be displayed.
* Add: support for Lucee CFML engine and add Lucee administrator security

Version 1.0.19 Updates:
* Fix: exception during raw header translation when custom HTTP headers are introduced with duplicate names
* Add: Support X509 client certificates via AJP attributes in addition to HTTP headers
* Add: new setting SkipIISCustomErrors for stopping IIS from displaying error pages when servlet returns error status.
* Add: new setting LogIPFilter to selectivly log client streams, supports regex

Version 1.0.18 Updates:
* Fix: Dominic's fix for Empty (null) Headers. When headers are transferred with null values instead of empty string error would be thrown.
* Add: Set HTTP error code for Connection Errors with Tomcat included as stub in this version
* Upd: Improve error messages for connection problems on local and remotes
* Upd: Changed name reference of setting [FlushThreshold] to [FlushThresholdTicks] to clarify that we use time ticks.
* Add: Added new setting [FlushThresholdBytes]. This will start spooling buffer after the byte threshold is reached. Aid in streaming large files via Tomcat.
* Add: Allow BIN directory and Setting files to be located on UNC path so servers can share libraries and configuration.
* Add: Expanded log file name generation so that a shared setting file among multiple servers does not produce write contention.
* Add: Concurrent connection count estimate in log file with log level 2 (experimental)
* Upd: Added back the PacketSize default when you switch to Adobe mode that was removed in 1.0.15, it will be set to 65531 bytes (Adobe hard-coded default value)
* Add: When buffering whole content switch from chunked transfer-type to fixed-length transfer for non binary data
* Upd: Remove automatic IIS side redirect for any 30x status and use Tomcat directive instead
* Upd: Installer does no longer remove IIS features automatically without confirmation or in silent mode
* Fix: Adobe specific AJP13 file path extension would fail with Unicode path name requests

Version 1.0.17 Updates:
* Fix: 404 redirect by connector could leave stream cache to be reused on the connection.
* Add: New Setting (FPHeaders) to determine HTTP headers used for client fingerprint.
* Add: Included logger changes from Igal: Log file time stamp and debug log method
* Upd: Change the default log file name and extension to BonCodeAJP13Connection[yyyyMMdd].log
* Upd: Internal class cleanup
* Fix: Handle exception when determining Physical Path in case invalid virtual path references are passed

Version 1.0.16 Updates:
* Add: Security to block access to WEB-INF and META-INF path on any site when remote access to Admin is disabled
* Add: installer block WEB-INF and META-INF access automatically using IIS facilities for all websites during automated install

Version 1.0.15 Updates:
* Upd: For CF10 remove packet size setting from AdobeMode operation. Now using default tomcat packet size. If you used with CF10 please remove the packetSize attribute in tomcat server.xml before applying this version.
* Fix: SSL Key size transfer in HTTP Attributes used wrong data type
* Fix: Handle Tomcat bug that would result in packets being sent after tomcat already had declared end of transmission (EndResponse)
* Add: Workaround for Tomcat Bug that would introduce null data

Version 1.0.14 Updates:
* Add: display more error details when processing call on localhost vs remote
* Add: installer display warning if there is an installer.settings file and the setup is started interactively by user
* Fix: UTF-8 headers in URi would not transfer correctly
* Add: error handling when ColdFusion 10 tomcat instance sends zero byte packages
* Add: detect log file contention when multiple connector instances are running
* Add: Setting LogFile to specify a different log file name from default

Version 1.0.13 Updates :
* Add: secure Adobe CF10 CFIDE admin paths when setting EnableRemoteAdmin is set to False

Version 1.0.12 Updates :
* Fix: installer iteration of web sites would duplicate site names
* Add: Support Windows 8 / Windows Server 2012
* Add: Support for .net 4 / .net 4.5
* Add: installer detect if .net framework 4/4.5 is installed and skip .net 3.5
* Add: installer detect if Windows 8 / Server 12: install .net 4.5 feature/extensibility/asp.net
* Add: installer add default documents on IIS7/IIS8 for selected handlers (index.jsp/index.cfm)
* Add: installer expanded uninstall to remove additional configuration and features

Version 1.0.11 Updates:
* Fix: IIS request timeout before tomcat timeout would leave data in tcp stream cache that would be displayed in next connection when using connection pool
* Fix: Exposing ColdFusion 10 Webservices calls (cfc remoting) caused packet order error and IIS exception
* Add: Added setting (EnableClientFingerPrint) for simple client fingerprinting calculations, result in HTTP header xajp-clientfingerprint

Version 1.0.10 Updates:
* Fix: Handle exception thrown when required protocol information is not supplied by client
* Upd: Logging format changes. Reshuffled log levels. Added HTTP Headers explicit logging (3)
* Upd: Update to Manuals
* Add: Do not add prefix to inbound Uri if the specified prefix is already at the beginning of Uri

Version 1.0.9 Updates:
* Fix: Adobe PathRequest packets for absolute paths and relative path that are different from document path
* Upd: Update Manuals
* Upd: Remove duplicate HTTP headers
* Add: Support for Adobe ColdFusion 10 file upload data packet order
* Add: Support for AllowPartiallyTrustedCaller in the .net assembly so connector can be run with restricted permissions
* Add: Support for EMC Documentum chunked file transfers
* Add: retranslate header names and cases from IIS standard to original client supplied (RAW) format when possible

Version 1.0.8 Updates:
* Fix: More Adobe ColdFusion 10 release version adjustments, added setting to switch into Adobe mode
* Upd: Update Manuals

Version 1.0.7 Updates:
* Fix: Non default large PacketSizes (over 32KB) would cause arithmetic errors
* Fix: Adobe ColdFusion 10 release version adjustments
* Upd: Update Manuals

Version 1.0.6 Updates:
* Add: setting file location in version identification. Also identify whether defaults are used or setting file data.
* Add: auto-correction for Path-Info (xajp-path-info) to RFC3875 standard
* Upd: Accesses to administrator when deployed as war is not allowed when “disable remote access” is selected

Version 1.0.5 Updates:
* Add: Installer allow unlocking of IIS sub configurations (sub path)
* Add: PacketSize option to support non-default transfer packet sizes

Version 1.0.4 Updates:
* Add: path prefix setting to allow mapping of a given IIS site root to designated tomcat application
* Fix: Installer Windows 2003 and Windows XP 64-bit asp.net references

Version 1.0.3 Updates:
* Add: Connector Version identifier through local URL parameter call (BonCodeConnectorVersion=yes)
* Add: Installer enable flush option
* Add: Installer enable client IP detection
* Add: Installer scripted support for uninstall directory

Version 1.0.2 Updates:
* Fix: reading of port from setting file
* Add: vendor (Adobe) specific AJP extensions

Version 1.0.1 Updates:
* Add: installer option for header data support
* Add: Settings for HTTP Status Codes option, ErrorRedirectURL, TCPClientErrorMessage, TCPStreamErrorMessage
* Add: Automatic connection recovery after tomcat has been restarted while IIS is still running.
* Add: Error message displays for different connection errors occur (rather than empty screens).
* Edit: In global install mode. Change settings directory from system32 to windows.

Version 1.0 Updates:
* Add: script support for installer for automated deployments

Version 1.0rc Updates:
* Add: installer deploy in GAC mode
* Add: installer configure tomcat server.xml if on same server

Version Updates:
* Add: setting to show suppressed headers (AllowEmptyHeaders). The connector skips headers that do not have data to speed processing. Set to true to send empty headers as well.
* Add: setting to send path info in alternate http header (PathInfoHeader). This is to bypass tomcat bug with AJP path-info transfer.
* Fix: Remove default for ResolveRemoteAddrFrom (HTTP_X_FORWARDED_FOR). Will now need to be explicitly set to be enabled.

Version Updates:
* Fix: extend timeout for socket so that longer timeouts in IIS Application Pool do not result in closed socket errors
* Add: automatic translation of client IPs to account for intermediaries (load balancers and proxies), e.g. HTTP_X_FORWARDED_FOR to REMOTE_ADDR automatic rewrite
* Add: Strong signing of assemblies so project can be placed in GAC (Global Assembly Cache)

Version Updates:
* Add: Improve http flush detection, add network stream behavior in addition to timer.
* Fix: Zero content tomcat packages would cause display of error message in browser.
* Fix: ignore binary transfers that contain AJP protocol magic markers would lead to empty screen.

Version Updates:
* Fix: correct transfer of non-standard headers without the http prefix added by IIS
* Fix: compatibility with Axis1 projects
* Add: no longer force conversion of text to UTF8. Will pass directly content as is to browser from tomcat regardless of content-type declaration.
* Add: Setting [ForceSecureSession] to force secure session via SSL. Will automatically exchange secure session cookies and force all communication over SSL to the Webserver.
* Add: Settings for timeout tcp/ip connections are exposed and can be changed by user.

Version Updates:
* Fix: separate AJP attributes from headers. All present optional http attributes are transferred even if not processed by tomcat.
* Fix: Recognize misordered packets from Tomcats (out of order GET BODY CHUNK) and provide proper response. This would result in blank screen.
* Add: add new setting to transfer optional header (x-tomcat-docroot) note capitalization
* Add: automatically fix wrong content-length declaration if content is missing. Fill in empty characters where content is missing. This is not correct but will continue browser processing.
* Fix: Use of System Timer would leak memory when thread was destroyed
* Fix: AJP protocol header server and port designations send to servlet container were incorrect when IIS and tomcat were remoted.
* Add: HTTP header Blacklist and Whitelist options in settings file
* Fix: Correct flush protocol detection problem so HTTP flushes can be detected and spooled to browser.

Version Updates:
* Add: Installer update. Installation of .net framework feature as option for windows 7 and windows 2008+
* Add: User friendly error messages when we cannot connect to Apache Tomcat

Version Updates:
* Fix: JSP response.sendRedirect() call uses HTTP 302 redirect. Would lead to timeout.
* Fix: Specific issues with Jetbrains TeamCity application implementation and protocol behavior (AJAX)
* Fix: Stop waiting on tomcat when redirect directive is given
* Fix: Handle Railo vs. tomcat native variances in File upload behavior with and without redirects.

Version Updates:
* Fix: gzip compression handling from servlets. Set correct content encoding.
* Fix: install on IIS7 did not write setting file
* Add: Updated troubleshooting information in Manuals

Version Updates:
* Fix: Change FlushThreshhold defaults to handle graphics pushed by script files better with IE, e.g. gif.cfm / png.cfm etc.

Version 0.9.2 Updates:
* Fix: Issues with UTF-8 conversion from double byte regions
* Fix: Forced Disconnect mode was not enabled when MaxConnections was set to zero, references to old connections would be maintained unnecessarily
* Add: Automatic release of all connection when settings file is changed

Version 0.91 Updates:
* Added automated installer beta (all windows versions from XP on)
* Added thread throttling to not overwhelm tomcat with request. Now allows forcing reconnect for every request if so desired
* Updated documentation with trouble shooting section


Manual Installation instructions are in the PDF within the project download package.

Using automated installer contained in package is recommended though.

As usual any feedback is appreciated.

Recent Blog Entries:

Last Update:

Version 1.0.23 Updates:
* Fix: IIS InstanceId determination on certain computers would throw errors.
* Fix: Windows 2012 flexgateway receiving out of order packets.
* Fix: Windows 2012 flexgateway empty packets from tomcat would cause connection abort.


.net framework 3.5
IIS 5.1, 6, 7, 7.5, 8, 8.5 (Windows XP through Windows 2008r2)
tomcat 5,6,7, or 8

Lucee application server or Adobe ColdFusion

Issue Tracker:

55 Very high memory used by w3wp process Open 05/20/15 10:57 AM
47 Failed:Nothing received from the tomcat. Closed 05/13/15 10:51 AM
54 Generic Connector Communication Error \ Flex Integration Fixed 05/13/15 10:49 AM
53 Connection to Tomcat has been closed. Tomcat may be restarting Closed 04/24/15 8:05 AM
50 Generic Connector Communication Error Closed 03/31/15 9:22 AM

View All Issues

To enter issues for this (or any other) project, you must be logged in.

Source Control Access:

This project hosts its source control at an external location: