There's an extra step you must perform when connecting IIS 6 to Tomcat
via the ISAPI redirector.dll. For our installation it was necessary
since we wanted NTLM authentication, but since you're using basic, it
may be related. (I seem to recall that IIS -> tomcat worked when there
was no authentication, but I'm not certain about that).
After step 8 on
http://tomcat.apache.org/connectors-doc/webserver_howto/iis.html#Configuring%20the%20ISAPI%20Redirector
You must also do the following:
+Using the IIS management console, add the Jakarta Isapi Redirector to the Web
+Service Extensions.
+<ol>
+<li>Right-click on Web Service Extensions and choose Add a new Web Service
+Extension.</li>
+<li>Enter tomcat for the Extension Name.</li>
+<li>Add the isapi_redirect.dll to the required files.</li>
+<li>Check the Set extension status to Allowed.</li>
+<li>Click on OK.</li>
+</ol>
+</li>
+<li>
Matthew Emerson wrote:
Hello,
I have recently ported a tomcat-based application from using IIS 5.1 to
using IIS 6.0, and I am seeing an interesting change in the IIS
configuration that I hoped someone could explain.
I have an application where I want a subset of the URLs to go through
Basic Authentication and the rest not to. In this case, I want all URLs
under /application/foo to require Basic Authn.
Original Environment:
MS Windows XP Pro 2002 SP2
IIS Version 5.1
Tomcat 5.5 with the associated ISAPI redirect.dll.
Under IIS, I have created a directory structure like this,
/Default Web Site/
/jakarta/ (maps to the ISAPI filter, no Basic Authn enabled)
/application/ (no Basic Authn enabled)
/application/foo (Basic Authn enabled)
All of this works fine, and the set-up supports SSL and Basic Authn
appropriately.
Upgraded Environment:
MS Windows Server 2003 R2
IIS 6.0
Tomcat 5.5 with associated ISAPI redirect dll.
In this environment, I set-up a similar folder structure (including
security), but the only way I could get everything to work properly is
to turn on both Anonymous and Basic Authn for the jakarta directory. If
I just turned on Basic Authn, then Basic Authn would be enforced for
requests that should have just been anonymous, and if I turned on just
anonymous, then requests requiring Basic Authn would fail with a 401.2
error. This was not the case if I turned on Basic Authn for a folder
that mapped to a directory on the system.
Does anyone understand why this additional configuration was necessary
in IIS 6.0 and not IIS 5.1?
Thanks for any help you can provide,
Matt
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
