Managed Hosting



IIS to Tomcat Connector
Project Home Blog Forums Known Issues Screenshots External Project Link Contact Project

Author: Bilal (All RIAForge projects by this author)
Last Updated: January 6, 2016 5:48 PM
Version: 1.0.26
Views: 210,718
Downloads: 28,549
Demo URL: http://boncode.net/connector/webdocs/
License: Apache License, Version 2


-- Hands-down the easiest connector to deploy for IIS to Tomcat connectivity -- ;o) Simply download, unblock, run setup.

This is the modern method of connecting IIS and Apache Tomcat. Most likely to use a Railo, Lucee or JSP driven backend.
The BonCode AJP (Apache JServ Protocol version 1.3) Connector uses already existing pathways to connect to Apache Tomcat.
The AJP implementation is generic and will work to connect IIS with any AJP server such as Jboss, web-methods, Jetty etc.
In general it is a preference question how you connect IIS to Tomcat, though, there are several advantages with the BonCode connector vs the old ISAPI connector:
•   no ISAPI code, IIS6 vestiges or backward compatibility elements needed
•   does not block or hinder IIS functionality or slows unrelated requests
•   all managed code for IIS7+ using the modern extensibility framework
•   works on IIS5.1, IIS6 and IIS7, IIS7.5, IIS8+ (Windows XP through Windows 10, Windows Server 2003-2012)
•   speed, throughput, and stability improvements
•   configuration in IIS UI
•   no virtual directories and virtual mappings needed
•   configuration can be inherited to sub-paths and virtual sites
•   easy install/uninstall
•   support partial stream sending to browser (automatic flushing) with faster response to client
•   support both 32/64 bit of Windows with same process and files
•   transfer of all request headers
•   build-in simple-security for web-administration pages (Tomcat, Railo, OpenBD, ColdFusion)
•   IP6 support
•   Additional HTTP headers data is passed to Tomcat servlet container (previously unavailable)
•   Improved transfer of SSL data to Tomcat servlet container
•   Support improved translation of load balancer headers to determine correct client IP
•   Support client fingerprint mechanism for use with safer sessions
•   Support for Adobe Coldfusion 10,11 AJP dialect
•   Support for Lucee, Railo, and OpenBD CFML Engines
•   Support for alternate Path-Info header transmission via AJP

If you were using a proxy or URL rewrite engine you would also benefit from:
•   Fully integrated SSL to Servlet container
•   Tomcat threading awareness (will not overload Tomcat and drop connections unnecessarily)
•   Your servlets and scripts will receive correct HTTP header/URL/IP information for processing
•   reduced traffic and processing on both IIS and tomcat sides
•   allows you to connect to multiple tomcat instances from within one IIS site without interfering with ISAPI connector, e.g. Shibboleth and ColdFusion 10/Railo

YouTube Videos:


Version 1.0.26 Updates:
* Add: Flushing priority. When both time and byte flushing are specified, we will first wait for time, then use either time or byte markers
* Add: Setting DocRoot for manual HTTP x-tomcat-docroot override, in cases where Tomcat is running on Linux
* Add: Block client HTTP headers that match connector generated HTTP headers

Version 1.0.25 Updates:
* Add: New setting for ModCfmlSecret
* Add: Installer setting file can accept requestSecret and modCfmlSecret parameters

Version 1.0.24 Updates:
* Add: New setting RequestSecret to support Tomcat requiredSecret setup. A shared secret can be used to secure the AJP connection.
* Add: Cache of settingfile reads
* Add: New setting EnableAggressiveGC for more frequent Garbage Collection. Users transfering large number of bytes, e.g. images and file assets through the connector rather than through IIS.
* Add: Installer can now install site-specific handlers
* Upd: Changed default for HeaderBlacklist to decrease the size of initial packet. The HTTP headers URL,SERVER_SOFTWARE,SERVER_NAME, and SERVER_PROTOCOL will no longer be automatically transferred.
* Fix: Correct virtual direcotry listing when Site Ids where manually changed by users

Version 1.0.23 Updates:
* Fix: IIS InstanceId determination on certain computers would throw errors.
* Fix: Windows 2012 flexgateway receiving out of order packets.
* Fix: Windows 2012 flexgateway empty packets from tomcat would cause connection abort.

Version 1.0.22 Updates:
* Add: new HTTP header x-webserver-context when EnableHeaderDataSupport setting is turned on. Will contain the IIS site context. Used with mod_cfml this can assist in auto creation of Tomcat contexts.
* Upd: disable connection pool by default (MaxConnections=0). Most reports of bugs were related to this due to misunderstanding of setting.

Version 1.0.21 Updates:
* Upd: only mark threads with error HTTP 400 and above to be reset. Previously reset any non HTTP 200 thread.
* Add: added new x-vdirs header that will transmit IIS virtual directory mappings when EnableHeaderDataSupport setting is turned on. Additional permissions need to be assigned to connector for this to work.

Version 1.0.20 Updates:
* Add: on connection error with forward URL we will forward error information to error page, when setting TomcatConnectErrorURL is populated, URL attributes : errorcode & detail will be added to target request
* Add: on connection error without forward URL we will use error code 502 for any connection errors that need to be displayed.
* Add: support for Lucee CFML engine and add Lucee administrator security

Version 1.0.19 Updates:
* Fix: exception during raw header translation when custom HTTP headers are introduced with duplicate names
* Add: Support X509 client certificates via AJP attributes in addition to HTTP headers
* Add: new setting SkipIISCustomErrors for stopping IIS from displaying error pages when servlet returns error status.
* Add: new setting LogIPFilter to selectivly log client streams, supports regex

Version 1.0.18 Updates:
* Fix: Dominic's fix for Empty (null) Headers. When headers are transferred with null values instead of empty string error would be thrown.
* Add: Set HTTP error code for Connection Errors with Tomcat included as stub in this version
* Upd: Improve error messages for connection problems on local and remotes
* Upd: Changed name reference of setting [FlushThreshold] to [FlushThresholdTicks] to clarify that we use time ticks.
* Add: Added new setting [FlushThresholdBytes]. This will start spooling buffer after the byte threshold is reached. Aid in streaming large files via Tomcat.
* Add: Allow BIN directory and Setting files to be located on UNC path so servers can share libraries and configuration.
* Add: Expanded log file name generation so that a shared setting file among multiple servers does not produce write contention.
* Add: Concurrent connection count estimate in log file with log level 2 (experimental)
* Upd: Added back the PacketSize default when you switch to Adobe mode that was removed in 1.0.15, it will be set to 65531 bytes (Adobe hard-coded default value)
* Add: When buffering whole content switch from chunked transfer-type to fixed-length transfer for non binary data
* Upd: Remove automatic IIS side redirect for any 30x status and use Tomcat directive instead
* Upd: Installer does no longer remove IIS features automatically without confirmation or in silent mode
* Fix: Adobe specific AJP13 file path extension would fail with Unicode path name requests

Version 1.0.17 Updates:
* Fix: 404 redirect by connector could leave stream cache to be reused on the connection.
* Add: New Setting (FPHeaders) to determine HTTP headers used for client fingerprint.
* Add: Included logger changes from Igal: Log file time stamp and debug log method
* Upd: Change the default log file name and extension to BonCodeAJP13Connection[yyyyMMdd].log
* Upd: Internal class cleanup
* Fix: Handle exception when determining Physical Path in case invalid virtual path references are passed

Version 1.0.16 Updates:
* Add: Security to block access to WEB-INF and META-INF path on any site when remote access to Admin is disabled
* Add: installer block WEB-INF and META-INF access automatically using IIS facilities for all websites during automated install

Version 1.0.15 Updates:
* Upd: For CF10 remove packet size setting from AdobeMode operation. Now using default tomcat packet size. If you used with CF10 please remove the packetSize attribute in tomcat server.xml before applying this version.
* Fix: SSL Key size transfer in HTTP Attributes used wrong data type
* Fix: Handle Tomcat bug that would result in packets being sent after tomcat already had declared end of transmission (EndResponse)
* Add: Workaround for Tomcat Bug that would introduce null data

Version 1.0.14 Updates:
* Add: display more error details when processing call on localhost vs remote
* Add: installer display warning if there is an installer.settings file and the setup is started interactively by user
* Fix: UTF-8 headers in URi would not transfer correctly
* Add: error handling when ColdFusion 10 tomcat instance sends zero byte packages
* Add: detect log file contention when multiple connector instances are running
* Add: Setting LogFile to specify a different log file name from default

Version 1.0.13 Updates :
* Add: secure Adobe CF10 CFIDE admin paths when setting EnableRemoteAdmin is set to False

Version 1.0.12 Updates :
* Fix: installer iteration of web sites would duplicate site names
* Add: Support Windows 8 / Windows Server 2012
* Add: Support for .net 4 / .net 4.5
* Add: installer detect if .net framework 4/4.5 is installed and skip .net 3.5
* Add: installer detect if Windows 8 / Server 12: install .net 4.5 feature/extensibility/asp.net
* Add: installer add default documents on IIS7/IIS8 for selected handlers (index.jsp/index.cfm)
* Add: installer expanded uninstall to remove additional configuration and features

Version 1.0.11 Updates:
* Fix: IIS request timeout before tomcat timeout would leave data in tcp stream cache that would be displayed in next connection when using connection pool
* Fix: Exposing ColdFusion 10 Webservices calls (cfc remoting) caused packet order error and IIS exception
* Add: Added setting (EnableClientFingerPrint) for simple client fingerprinting calculations, result in HTTP header xajp-clientfingerprint

Version 1.0.10 Updates:
* Fix: Handle exception thrown when required protocol information is not supplied by client
* Upd: Logging format changes. Reshuffled log levels. Added HTTP Headers explicit logging (3)
* Upd: Update to Manuals
* Add: Do not add prefix to inbound Uri if the specified prefix is already at the beginning of Uri

Version 1.0.9 Updates:
* Fix: Adobe PathRequest packets for absolute paths and relative path that are different from document path
* Upd: Update Manuals
* Upd: Remove duplicate HTTP headers
* Add: Support for Adobe ColdFusion 10 file upload data packet order
* Add: Support for AllowPartiallyTrustedCaller in the .net assembly so connector can be run with restricted permissions
* Add: Support for EMC Documentum chunked file transfers
* Add: retranslate header names and cases from IIS standard to original client supplied (RAW) format when possible

Version 1.0.8 Updates:
* Fix: More Adobe ColdFusion 10 release version adjustments, added setting to switch into Adobe mode
* Upd: Update Manuals



Manual Installation instructions are in the PDF within the project download package.

Using automated installer contained in package is recommended though.

As usual any feedback is appreciated.

Recent Blog Entries:

Last Update:

Version 1.0.26 Updates:
* Add: Flushing priority. When both time and byte flushing are specified, we will first wait for time, then use either time or byte markers
* Add: Setting DocRoot for manual HTTP x-tomcat-docroot override, in cases where Tomcat is running on Linux
* Add: Block client HTTP headers that match connector generated HTTP headers


.net framework 3.5
IIS 5.1, 6, 7, 7.5, 8, 8.5 (Windows XP through Windows 2008r2)
tomcat 5,6,7, or 8

Lucee application server or Adobe ColdFusion

Issue Tracker:

64 Gateway: Generic Connector Communication Error Open 05/04/16 3:55 AM
63 how to configure iis deel with statistic source ,tomcat deal with the others Closed 01/27/16 5:44 AM
62 Export to csv Closed 01/06/16 5:51 PM
61 Add setting for DocRoot override Fixed 01/06/16 5:50 PM
60 Doesn't work with HTTP resource. Closed 11/06/15 12:45 PM

View All Issues

To enter issues for this (or any other) project, you must be logged in.

Source Control Access:

This project hosts its source control at an external location: