Iis – How to configure IIS to send JSP requests to Tomcat

iistomcat

I have a web application written mainly in JSP and servlet. I use Tomcat 7.0.26 as my application server. I want this application to run via IIS, though I can run it using Tomcat.

By searching the Web, I learned that I have to map index.jsp to the IIS script directory in such a way that when the IIS server receives a JSP request, it forwards that request to the Tomcat server.

How do I configure this behavior?

Best Answer

Check this howto: http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html

Related Solutions

Tomcat – JSP / Tomcat / Apache setup overview on Fedora Core

Yes, most often Tomcat is chained to a webserver such as httpd, communicating via the ajp protocol. httpd is not capable of functioning as a servlet container and compiling JSP's, but Tomcat has poor performance serving static content (such as images) over HTTP. By chaining the two together, you get the best of both worlds. For development, most people don't care too much about Tomcat's static content performance so they go directly to port 8080.

For development on Fedora (if you want to test fronting Tomcat):

install the httpd package
install the tomcat6 package
Edit /etc/httpd/conf.d/proxy_ajp.conf and uncomment/create an appropriate ProxyPass line
Drop your .war into /var/lib/tomcat6/webapps/

For production on Fedora:

install httpd and tomcat6 packages
install mod_jk (you may need to download and compile this from the Tomcat website)
configure mod_jk per its documentation

(YMMV on whether Fedora's upgrade cycle is too quick for a production server)

Ssl – How to configure Apache/Tomcat to trust internal Certificate Authorities for server-to-server https requests

I assume that you have already exported the CA certificate to a file, such as "internal-ca.pem". Also, I assume that it is Tomcat who initiates the SSL connection to the IIS server.

You ~~can~~ must use the Java keytool to import the certificate into the Java keystore that is being used by your Tomcat engine. The keystore for CA certs is $JAVA_HOME/jre/lib/security/cacerts. So to import your new internal-ca.pem certificate into this keystore, you would use:

$JAVA_HOME/bin/keytool -importcert \
  -keystore $JAVA_HOME/jre/lib/security/cacerts \
  -file /path/to/internal-ca.pem  \
  -trustcacerts -alias internal-ca-1

The default password for the keystore is: changeit

Verify that your cert is in the keystore:

$JAVA_HOME/bin/keytool -list \
  -keystore $JAVA_HOME/jre/lib/security/cacerts -v | less

Test the connection to the server:

openssl s_client -CAfile /path/to/internal-ca.pem -connect server:port

This should give you, near the end of its output:

Verify return code: 0 (ok)

If you want to test the trust from within Tomcat, you will have to write some test code to do it. Sorry, I don't know any Java. :-)

Best Answer

Related Solutions

Tomcat – JSP / Tomcat / Apache setup overview on Fedora Core

Ssl – How to configure Apache/Tomcat to trust internal Certificate Authorities for server-to-server https requests

Related Topic