aspose file tools*
The moose likes JForum and the fly likes IIS, Tomcat and SSO Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JForum
Bookmark "IIS, Tomcat and SSO" Watch "IIS, Tomcat and SSO" New topic
Author

IIS, Tomcat and SSO

Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
We have a website that runs on IIS and we are trying to integrate JFourm into it. I've already set up a connector and was able to access Tomcat sites through IIS. I tried using SSO, but the problem is that requset.getRemoteUser() always returns null.

Supposedly all that is needed is that the user logs in the site, and when the user accesses JForum it automatically creates the user if his or her username does not exist, or logs the user in if an account has already been created, right?

Hope this gets clarified... somewhat new concepts for me @_@
[originally posted on jforum.net by suaveh]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Managed to make it work though passing cookies. A slight problem though... the username that gets passed uses "+" for spaces. Weird ~_~;;;
[originally posted on jforum.net by suaveh]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Also... Is it possible to do this without passing cookies?
[originally posted on jforum.net by suaveh]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Dont' know.. never tried to integrate to IIS.. sorry.

If you tell me how did you configurated IIS to talk to Tomcat, I can try to use it here.

Also, provide some information about your configurations and etc, so I can have a scenario like yours.

Rafael
[originally posted on jforum.net by Rafael Steil]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Basically this...

http://tomcat.apache.org/connectors-doc/index.html

and the binary I used for Win 2k was this...

http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/win32/jk-1.2.15/isapi_redirect.msi

I just installed it and edited the conf/uiworkermap.properties file in the installation directory to include which contexts I want the user to have access.

But...

I just did a new implementation that does not need this anymore... hehe...

What I did was pass a parameter (or attribute? dunno the proper term) by editing the link that connects to JForum, then I edited index.htm so it would be able to pass the parameter to the next page since index.htm is the "entry point", so to speak. ;)



I remaned index.htm to index.jsp and edited web.xml to access it instead when the context is entered. And then I added this line:



sessionID was the variable I needed... change it to what you need passed ;)
[originally posted on jforum.net by suaveh]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Ok, I'll take a look.

Rafael
[originally posted on jforum.net by Rafael Steil]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi suaveh,

would you be able to give me an example of your uriworkermap.properties file? I have tried everything to get the IIS and Tomcat to work togeather, but to no avail.

any help tips, or tricks would be much appreciated.

Thanks.

Lachlan
[originally posted on jforum.net by hendinas]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Here's some instructions I wrote up for our net admins to do this sort of installation for TC 5.5 and IIS 6.0.
------------

Getting IIS act as a front end to Tomcat using the JK2 connectors.

Tomcat 5.5
==========

Setting up Tomcat to Automatically Create a uriworkers

1) In the Tomcat conf directory, create the jk and auto subdirectories (if needed)

2) Copy workers.properties.minimal into jk directory as workers.properties (if needed)

3) In the server.xml, <SERVER....> .. </SERVER> section, add the following Listener:

<Listener className="org.apache.jk.config.IISConfig" noRoot="true" jkWorker="ajp13w"/>

4) In the server.xml, <HOST....> .. </HOST> section, add the following Listener:

<Listener className="org.apache.jk.config.IISConfig" noRoot="true" jkWorker="ajp13w" append="true"/>

Note: Listener lines in 3 and 4 are not identical!

It's not a bad idea to verify the your server.xml contains a JK connector like:

<Connector port="8009" <br /> enableLookups="false" redirectPort="8443" protocol="AJP/1.3" <br /> maxThreads="500" minSpareThreads="25" <br /> maxSpareThreads="75" acceptCount="1000" <br /> tomcatAuthentication="true" <br /> <br /> (Note this one's been tweaked for more threads and may be different than your requirements). <br /> <br /> Testing <br /> <br /> Restart the Tomcat service... <br /> <br /> Wait about 1-2 minutes, then verify that the conf/auto/uriworkermap.properties <br /> file has a line close to the top about default.worker=ajp13w in it and that <br /> there are mappings for the Tomcat contexts in it. <br /> <br /> If the IIS server is on a different computer, copy the uriworkermap.properties <br /> to the location configured for the remote IIS server (See Step 3 of Default Instance <br /> Install below about defining the location of this file. <br /> <br /> <br /> IIS Server <br /> ========== <br /> <br /> This section covers how to set up an IIS 6.0 server to be the front end for <br /> Tomcat using the Apache.org Jakarta IIS ISAPI_Redirect software. <br /> <br /> You will need the latest version of the isapi_redirect*.exe install file from <br /> either http://tomcat.apache.org/ or the release repository. <br /> <br /> Install the Default Web Instance <br /> <br /> This process needs to be done even if you are not planning to have the default <br /> IIS instance use Tomcat. The ISAPI filter can be removed from the default <br /> server if desired. <br /> <br /> 1. Run the install program to set up the basic software and automatically add <br /> it to the default IIS server instance. The install directory should be on the <br /> data drive, e.g. e:\ Jakarta Isapi Redirector <br /> <br /> 2. Copy the isapi_redirect.properties file, from the root of the install <br /> directory to the bin subdirectory. <br /> <br /> 3. Open this file in a text editor and change the settings to point to the <br /> conf/jk/workers.properties file and the conf/auto/uriworkermap.properties files <br /> in the tomcat directory. (uriworkermap may not exist if you haven't restarted TC) <br /> <br /> 4. Change IIS Service mode to 5.0 Isolation (Right click on Web <br /> Sites/Properties/Service) <br /> <br /> Some Internet Notes: <br /> <br /> The first extra step to get things to work in IIS 6.0 is to turn on "IIS 5.0 <br /> Isolation mode." (In the management console go to: Web Site Properties ->
Service -> Isolation Mode - see diagram).

Please note that turning on this "isolation mode" more than likely disables some
of the additional functionality added to IIS in the 5 -> 6 upgrade. Hopefully in
the future, a JK Connector (Jakarta ISAPI Redirector) will be developed that
work with IIS outside of this "isolation mode."

Note: Magesh Chandramouli informed me that he was able to configure IIS to use
the JK Connector without having to put IIS into Isolation Mode:

I didn?t have to do the step #1 (IIS on isolation mode). I did step #2 and
I created an application pool for the "Jakarta". Restarted the webserver
and everything works as expected.

5. Add the isapi_redirect.dll as an allowed web extension.

To do this, go to the management console. Click on "Web Services Extensions."
Choose "Add a new Web service extension." Enter an extension name along the
lines of "Jakarta-Tomcat." Then check the checkbox for "Set extension status to
Allowed." Then click the "Add" button, enter the path to isapi_redirect.dll and
press "OK"

Setting Up Additional IIS Instances

This covers how to add the ISAPI filters to an IIS instance that is not the
default one. It assumes that the steps above have been done.

1. Create a ?jakarta? virtual directory in the root of the IIS Web Server
instance that points to the <Jakarta ISAPA Redirector>\bin directory (e.g. the
URL /jakarta should point to e:\jakarta_isapi\bin).

2. In the properties of this virtual directory do the following

a. Virtual Directory Tab: i. Script source access should be checked ii. Read
should be checked iii. Application name should be Jakarta iv. Execute and
permissions should be Scripts and Executables.

3. Open the Web Site instance properties and do the following:

a. Select the ISAPI Filter tab b. Click on Add c. Browse to the <Jakarta ISAPA <br /> Redirector>\bin directory and select the isapi_redirect.dll

Testing

Restart the World Wide Web Publishing Service (via Services Applet) and verify
that the ISAPI filter is started in the Web server instance properties. (Note
ISAPI filters in 6.0 may have an *unknown* status until the first request come
into the server...)

Then try to access your web-apps from IIS.

If there are problems, check the log file. Check that IIS will send normal HTML
files (e.g. a test.html in the root directory). Recheck that the ISAPI filter
has a valid status.

[originally posted on jforum.net by monroe]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Thanks monroe,

ive now got the IIS redirecting to tomcat, but all tomcat wants to do is serve me the /jakarta/isapi_redirect.dll, which it couldnt find.

very frustrating!!

EDIT: Got it working!! woo hoo
[originally posted on jforum.net by hendinas]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: IIS, Tomcat and SSO