problem using IIS 6 with mod_jk and Tomcat/JBoss

Question

User67910916 posted

 I have two separate environments setup (dev and staging).  Dev is fine and staging is having the problem.

 In my dev envmt, I have successfully configured/setup IIS 6 on windows 2003 server (VM) with mod_jk ISAPI redirector dll (isapi_redirect-1.2.26.dll) and JBoss 4.2 (Tomcat 6).  In this case, the IIS6 and JBoss AS are on one VM and another VM has another instance of JBoss AS running.  But I am able to successfully run the app hitting the other Jboss AS box (the one w/o the IIS on it).  This is perfect.

 The goal here is to setup a 2 node horz JBoss cluster with two IIS6 servers and two JBoss server and Windows NLB with mod_jk for load balancing and failover b/n IIS6 and Tomcat/JBoss.

 We are using NTLM authentication with our JEE (JBoss Seam) application.  In the IIS manager, default web site properties, authentication methods config box, I am using enable anonymous access (authenticated access checkboxes are all unchecked).  This works fine in dev.  This config breaks the app (page cannot be displayed error) when I uncheck enable anon access and check integrated windows access.  Our .NET apps use the latter setup.

 In the staging IIS6, when I use enable anon access, and create an appropriate new local user with pswd, I am not able to use the same app.  It's not the code as the EAR is the same, it's not the db as it works fine with Apache httpd in staging.

 The root cause is somewhere in IIS config we think in staging.  One difference is that in dev I have Default Web Site and jakarta virtual directory.  In staging I have Cox.Apps instead of Default Web Site with jakarta virtual directory underneath that and other .NET 1.1 and 2.0 apps underneath that as well.  I've tried even installing JBoss AS on the IIS6 box in staging to simplify things and that doesn't work either.

 Sorry for the long post but plz shed some light on this as we're considering using Apache now.  There are no erros in the event viewer's application, system, or security log, no errors in mod_jk log, and no errors in JBoss server.log.

 I used this document from JBoss to setup the envmts: http://www.jboss.org/community/docs/DOC-12526

Note that the seam-booking example app *does work in both envmts* but it is not using NTLM authentication.  All our apps will be using NTLM for now and possibly Kerberos in the future.

This has been *very* difficult to track down and Apache performs much faster than IIS anyways.  Plz help.  thx.

Answer 1

User67910916 posted

As a side note, I have tried isapi_redirect-1.2.27.dll but am getting error when I restart W3SVC-WP (00 02 00 00).  There is a red down arrow after restart and refresh in IIS mgmt console.  I saw another thread on this forum regarding this.

Even though 1.2.27 has some IIS-related fixes, it's not the root cause b/c I'm using 1.2.26 in dev and it works fine...

Answer 2

User-1796730883 posted

Hi,

This thread may helps you.

http://forums.iis.net/t/1133120.aspx

Regards

Answer 3

User67910916 posted

 hi Andrew,

 thx for your response.  i tried tweaking some file permissions and user/groups but it does not work with anonymous access or integrated windows access.  But now I know that it's better to go with Apache httpd with mod_jk and JBoss/Tomcat as Jboss doesn't support IIS and there are few ppl apparently using IIS w/ Tomcat/JBoss...

 Can you plz explain why one would use anon access or integrated windows access with NTLM (our apps use NTLM with JCIFS jar).  what is the adv/disadv of one over the other if you app is inside the firewall and is meant for internal corporate users?  

Answer 4

User531229186 posted

 Please hw did you install ur mod_jk

did u get the binary version? or the zipped one