Ranier,
Again, thanks for the reply below. Apparently I do not have something setup
correctly because I cannot get a LOG file created when I execute a single
request that is a valid login ID. I'm sure I've setup something incorrectly
and any help/direction would be greatly appreciated.
Here are my settings in the following files (server.xml,
isapi_redirect.properties file, uriworkermap.properties file and
workers.properties file):
Server.xml:
<Service name="Catalina">
<!--The connectors can use a shared executor, you can define one or more
named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL HTTP/1.1 Connector on port 8080
-->
<Connector port="9080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
tomcatAuthentication="false" />
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->
<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Standalone" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine name="Catalina" defaultHost="localhost">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- The request dumper valve dumps useful debugging information about
the request and response data received and sent by Tomcat.
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.valves.RequestDumperValve"/>
-->
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
<!-- Define the default virtual host
Note: XML Schema validation will not work with Xerces 2.2.
-->
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="localhost_access_log." suffix=".txt" pattern="common"
resolveHosts="false"/>
-->
</Host>
</Engine>
</Service>
In my isapi_redirect.properties file:
# Configuration file for the Jakarta ISAPI Redirector
# The path to the ISAPI Redirector Extension, relative to the website
# This must be in a virtual directory with executive privileges
extension_uri=/jakarta/isapi_redirect.dll
# Full path to the log file for the ISAPI Redirector
log_file=c:\server\Tomcat 6.0\logs\iisapi.log
# Log level (debug, info, warn, error or trace)
log_level=trace
# Full path to the workers.properties file
worker_file=c:\server\Tomcat 6.0\conf\workers.properties
# Full path to the uriworkermap.properties file
worker_mount_file=c:\server\Tomcat 6.0\conf\uriworkermap.properties
In my uriworkermap.properties file:
# uriworkermap.properties - IIS settings from
http://onjava.com/pub/a/onjava/2002/12/18/tomcat.html?page=2
#
# This file provides sample mappings for example wlb
# worker definted in workermap.properties.minimal
# The general syntax for this file is:
# [URL]=[Worker name]
/examples/*=scmisWorker
/examples/*.jsp=scmisWorker
/examples/servlet/*=scmisWorker
#/admin/*=wlb
#/manager/*=wlb
#/examples/*=wlb
#/servlets-examples/*=wlb
# Optionally filter out all .jpeg files inside that context
# For no mapping the url has to start with exclamation(!)
#!/servlets-examples/*.jpeg=wlb
#
# Mount jkstatus to /jkmanager
# For production servers you will need to
# secure the access to the /jkmanager url
#
#/jkmanager=jkstatus
In my workers.properties file:
# workers.properties from =
http://onjava.com/pub/a/onjava/2002/12/18/tomcat.html
#
# This file provides minimal jk configuration properties needed to
# connect to Tomcat.
#
# The workers that jk should create and work with
#worker.list=wlb,jkstatus
worker.list=scmisWorker
#
# Defining a worker named ajp13w and of type ajp13
# Note that the name and the type do not have to match.
#
#worker.ajp13w.type=ajp13
#worker.ajp13w.host=localhost
#worker.ajp13w.port=8009
worker.scmisWorker.port=8009
worker.scmisWorker.host=localhost
worker.scmisWorker.type=ajp13
#
# Defining a load balancer
#
#worker.wlb.type=lb
#worker.wlb.balance_workers=ajp13w
#
# Define status worker
#
#worker.jkstatus.type=status
-----Original Message-----
From: Rainer Jung [mailto:rainer.j...@kippdata.de]
Sent: Thursday, May 20, 2010 3:55 PM
To: Tomcat Users List
Subject: Re: Question on workers.properties file
Hi André, Melinda and everyone else,
On 20.05.2010 14:31, André Warnier wrote:
> savoym wrote:
> I Rainer Jung is around, he may tell us if my assumptions are correct,
> that IIS+redirector also sends the IIS user-id to Tomcat, if there is any.
>
> If not, then tonight I might be able to send you a servlet filter to
> dump the HTTP headers of the requests sent by IIS to Tomcat, to see if
> there is a user-id in there somewhere. Unless you have already checked
> that ?
I checked before my original reply and it seems the IIS variable
"AUTH_USER" is automatically forwarded by the isapi plugin. When setting
tomcatAuthentication="false" on the AJP connector (!), the value can be
retrieved by the getRemoteUser() method.
I would set the log level of the redirector to "trace" on an idle test
environment and then do a single request there that is expected to be
authenticated. The log lines in the redirector log should tell us, what
is actually being forwarded (lots of log lines, but lots of info too).
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
The information contained in this message and any attachments is intended only
for the use of the individual or entity to which it is addressed, and may
contain information that is PRIVILEGED, CONFIDENTIAL, and exempt from
disclosure under applicable law. If you are not the intended recipient, you
are prohibited from copying, distributing, or using the information. Please
contact the sender immediately by return e-mail and delete the original message
from your system.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
