Hello, I installed the JK connector in IIS 5.0 on Win2K, directing JSP and servlet requests for a certain context to Tomcat 4.1.29, and though it works I can't access the Tomcat resources (JSPs and servlets) anonymously. In fact, the way IIS's "directory security" is involved is something of a mystery. I realize this is a Tomcat forum and not an IIS forum, but their integration is common so perhaps someone here will have some insight.
Some details: I have an IIS virtual directory called "tomcat" pointing to a directory containing the isapi_redirector.dll, and the virtual directory has read and script execute permissions. In "directory security" for this virtual directory I have "anonymous access" checked. When I request a servlet or JSP, I get a "403 - Access denied" error. If I also check "Integrated Windows authentication" in directory security, then when I request a servlet or JSP the browser (IE) asks for a userid, password, and domain (obviously NTLM auth going on here) and if I supply valid credentials I can then access the resource. So, somehow these security settings for the virtual directory affect access to the JK connector, but how? Why does it aknowledge the request for "Integrated Windows authentication" but ignore the request for "Anonymous access"? Also, I can actually documents from the virtual directory without auth being invoked. For example, if I turn on "directory browsing" for this virtual directory, I can browse its contents via the browser with no problem and no authentication. If I add "foo.txt" to the directory I can retrieve that file, and if I add "foo.html" I can view that page. If, however, if I request the isapi_redirector.dll file itself, I get the authentication box. I've fiddled with the security settings for the DLL itself, granting "Everyone" read/execute access, but still no luck. Any ideas? Thanks! David A. Ventimiglia DSSG Wells Fargo Bank 415-222-6707 [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
