I have successfully gotten Tomcat 8 to work with IIS 8.5 using these
directions: https://tomcat.apache.org/connectors-doc/reference/iis.html
IIS correctly forwards requests to Tomcat to handle and Tomcat correctly
hands the response back to IIS to return to the client. This works over
http and over https.
Now there is a requirement that all traffic should go over ssl, so in IIS I
added the following redirect to C:\inetpub\httproot:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpRedirect enabled="true" destination="<https location of the
site>" exactDestination="false" httpResponseStatus="Found" />
</system.webServer>
</configuration>
The effect of this is that when a client requests a page over http, the
server sends a redirect (302) to the same page over https. This works for
other, non-Tomcat related pages on the site. However, it does not work for
pages that use the ISAPI redirector. When a Tomcat page is requested, the
URL that is returned is
https://<website>/jakarta/isapi_redirect.dll
That is, what seems to be happening is that rather having the ISAPI handler
render the page, the extension_uri value from the registry entry is being
returned to the client.
My questions are:
1) is there a better way to force http -> https in IIS? or
2) if not, is there a way to get IIS/ISAPI to work with a redirect (301 or
302)?
Thanks
Andrew
