Search This Blog

Monday, January 31, 2011

IIS7 and tomcat– basic setup

Every now and again I have to setup IIS and tomcat, this usually involves a gap of a year or so, so for my own sanity I have made some notes on how it sits together. Most of the issues involve jumping IIS versions.

I am assuming that the tomcat service is configured correctly, and I will only detail the tomcat to IIS setup.

We must download the ISAPI_rediect.dll ISAPI filter for IIS. ensure you have the correct version for your architecture (x86/x64).

http://apache.mirror.aussiehq.net.au//tomcat/tomcat-connectors/jk/binaries/

Extract the files into a location on the webserver, you will pointing a virtual directory at this location further on.

I love diagrams as it helps me visualise what is going on. So I have drawn a diagram to aid this

image

IIS

To get tomcat and IIS communicating we have to load an isapi filter into IIS that will handle the communications.

In my example I will be applying the isapi filter to a specific website in IIS, however you could if you wish add it at the server level and it will handle all sites within IIS.

First we have to tell IIS to allow the ISAPI filter. This is down at the server level within the ISAPI and CGI Restrictions.

image

Ok so now we go the site we want to allow the ISAPI filter to run on. And go to the ISAPI filters.

image

While still in the website in IIS, we need to add a virtual directory called Jakarta and point it to the path of isapi_redirect.dll.

image

Now click on the virtual directory and go to Handler Mappings,  click “Edit Feature Permissions” and check “execute”

Ok so we have configured IIS. We now have to configure the properties files that are used by the dll.

Now the redirector can utilise the registry or configuration files. I will cover the config files as this allows you to run multiple redirectors with various configs.

Now in the same folder there should be a file called isapi_redirect.properties. This file provides the filter with its initial config.

isapi_redirect.properties
It gives the virtual directory location of the DLL withiin the website.
extension_uri

logfile location and log level
# Full path to the log file for the ISAPI Redirector
log_file=<physical path>\logs\isapi_redirect.log

# Log level (debug, info, warn, error or trace)
log_level=info

And the path to a couple of other properties files

# Full path to the workers.properties file
worker_file=<physical path>\conf\workers.properties.minimal

# Full path to the uriworkermap.properties file
worker_mount_file=<physical path>\conf\uriworkermap.properties
rewrite_rule_file=<physical path>\conf\rewrites.properties

As you can see I have placed the config files into a subfolder conf and the logs in logs folder, but they can exist anyway really.

So the dll uses this initial config file to provide further setup details.

rewrites.properties
I will ignore the rewrites.properties file as I don’t use it, but it basically allows you to rewrite the url.

uriworkermap.properties
This file tells the extension (isapi_redirect.dll) what constitues a valid request to pass to tomcat. In my case I want everything sent to the website

/*=worker1

So the wildcard means send everything to worker1. No whats worker1?

workers.properties.minimal

The worker is the process that actually communicates to the tomcat process. The workers.properties.minimal file contains the setup for the worker processes. I have only one called worker1 and it set up to call tomcat using ajp13 on port 8009 (usual port).

worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009

The worker will send the request to tomcat and then handle the response back to IIS.

Once these have all been configured, ensure the tomcat process is running. Restart the website in IIS and everything should work.

I reference these blogs/pages which provide further excellent info.

http://jspors.blogspot.com/2009/01/setting-up-64-bit-tomcat-6-on-iis7.html

http://tomcat.apache.org/connectors-doc/reference/iis.html

http://apache.mirror.aussiehq.net.au//tomcat/tomcat-connectors/jk/binaries/


Share/Bookmark

Thursday, January 27, 2011

windump (the windows version of tcpdump (linux)

I have had to look at some networking issues, and have found a great utility for the windows environment.

Its exactly the same as tcpdump for linux.

http://www.winpcap.org/windump/

However to get this working you will need WinPcap

http://www.winpcap.org/default.htm

Once installed this is a great tool to watch network traffic.

You can specify IP addresses, subnets, ports, interfaces and combinations of. I provide a few examples, but the documentation is great. And as I said its the equivalent of tcpdump, so commands should work the same.

Watch a particular subnet
windump -n net 192.168.11.0 mask 255.255.255.0

Watch a particular IP and port
windump -n host 192.168.1.226 and tcp port 443

Watch two particular IPs
windump -n host 192.168.11.10 or host 192.168.1.226

Watch a two particular IPs on ports 80 and 443
windump -n (host 192.168.11.10 and (tcp port 80 or 443)) or (host 192.168.1.226 and (tcp port 80 or 443))

List interface and numbers. You need the number to specify an interface to listen on.
windump –D

Watch a particular IP on a particular interface.
windump -i 4 -n host 192.168.17.35

To exclude parameters just append with an exclamation

Watch a particular IP and all traffic except on a specific port

windump -n host 192.168.1.226 and tcp port !443


Share/Bookmark

Thursday, January 13, 2011

Running Powershell script from command line

Recently I had to try and schedule some PowerShell scripts. However running the script proved difficult.

Searching the web I found many references indicating the issue was because of spaces in the path of the script. The solution was to use the ampersand .

http://technet.microsoft.com/en-au/library/ee176949.aspx

powershell.exe &'c:\my scripts\test.ps1'

However this did not work. It would just open the PS prompt. In the end I eventually found the solution was this

powershell.exe “&'c:\my scripts\test.ps1'”

Now I believe it works because of the way parameters are split and passed to PowerShell. See this article.
http://poshoholic.com/2007/09/27/invoking-a-powershell-script-from-cmdexe-or-start-run/

Further references.
http://keithhill.spaces.live.com/blog/cns!5A8D2641E0963A97!6058.entry


Share/Bookmark