Search This Blog

Monday, January 31, 2011

IIS7 and tomcat– basic setup

Every now and again I have to setup IIS and tomcat, this usually involves a gap of a year or so, so for my own sanity I have made some notes on how it sits together. Most of the issues involve jumping IIS versions.

I am assuming that the tomcat service is configured correctly, and I will only detail the tomcat to IIS setup.

We must download the ISAPI_rediect.dll ISAPI filter for IIS. ensure you have the correct version for your architecture (x86/x64).

Extract the files into a location on the webserver, you will pointing a virtual directory at this location further on.

I love diagrams as it helps me visualise what is going on. So I have drawn a diagram to aid this



To get tomcat and IIS communicating we have to load an isapi filter into IIS that will handle the communications.

In my example I will be applying the isapi filter to a specific website in IIS, however you could if you wish add it at the server level and it will handle all sites within IIS.

First we have to tell IIS to allow the ISAPI filter. This is down at the server level within the ISAPI and CGI Restrictions.


Ok so now we go the site we want to allow the ISAPI filter to run on. And go to the ISAPI filters.


While still in the website in IIS, we need to add a virtual directory called Jakarta and point it to the path of isapi_redirect.dll.


Now click on the virtual directory and go to Handler Mappings,  click “Edit Feature Permissions” and check “execute”

Ok so we have configured IIS. We now have to configure the properties files that are used by the dll.

Now the redirector can utilise the registry or configuration files. I will cover the config files as this allows you to run multiple redirectors with various configs.

Now in the same folder there should be a file called This file provides the filter with its initial config.
It gives the virtual directory location of the DLL withiin the website.

logfile location and log level
# Full path to the log file for the ISAPI Redirector
log_file=<physical path>\logs\isapi_redirect.log

# Log level (debug, info, warn, error or trace)

And the path to a couple of other properties files

# Full path to the file
worker_file=<physical path>\conf\

# Full path to the file
worker_mount_file=<physical path>\conf\
rewrite_rule_file=<physical path>\conf\

As you can see I have placed the config files into a subfolder conf and the logs in logs folder, but they can exist anyway really.

So the dll uses this initial config file to provide further setup details.
I will ignore the file as I don’t use it, but it basically allows you to rewrite the url.
This file tells the extension (isapi_redirect.dll) what constitues a valid request to pass to tomcat. In my case I want everything sent to the website


So the wildcard means send everything to worker1. No whats worker1?

The worker is the process that actually communicates to the tomcat process. The file contains the setup for the worker processes. I have only one called worker1 and it set up to call tomcat using ajp13 on port 8009 (usual port).


The worker will send the request to tomcat and then handle the response back to IIS.

Once these have all been configured, ensure the tomcat process is running. Restart the website in IIS and everything should work.

I reference these blogs/pages which provide further excellent info.


Thursday, January 27, 2011

windump (the windows version of tcpdump (linux)

I have had to look at some networking issues, and have found a great utility for the windows environment.

Its exactly the same as tcpdump for linux.

However to get this working you will need WinPcap

Once installed this is a great tool to watch network traffic.

You can specify IP addresses, subnets, ports, interfaces and combinations of. I provide a few examples, but the documentation is great. And as I said its the equivalent of tcpdump, so commands should work the same.

Watch a particular subnet
windump -n net mask

Watch a particular IP and port
windump -n host and tcp port 443

Watch two particular IPs
windump -n host or host

Watch a two particular IPs on ports 80 and 443
windump -n (host and (tcp port 80 or 443)) or (host and (tcp port 80 or 443))

List interface and numbers. You need the number to specify an interface to listen on.
windump –D

Watch a particular IP on a particular interface.
windump -i 4 -n host

To exclude parameters just append with an exclamation

Watch a particular IP and all traffic except on a specific port

windump -n host and tcp port !443


Thursday, January 13, 2011

Running Powershell script from command line

Recently I had to try and schedule some PowerShell scripts. However running the script proved difficult.

Searching the web I found many references indicating the issue was because of spaces in the path of the script. The solution was to use the ampersand .

powershell.exe &'c:\my scripts\test.ps1'

However this did not work. It would just open the PS prompt. In the end I eventually found the solution was this

powershell.exe “&'c:\my scripts\test.ps1'”

Now I believe it works because of the way parameters are split and passed to PowerShell. See this article.

Further references.!5A8D2641E0963A97!6058.entry