Hitachi

uCosminexus Application Server Compatibility Guide

E.1 Microsoft IIS 10.0 settings

This appendix describes how to specify the settings for Microsoft IIS 10.0 when integrating with a Web server using Microsoft IIS.

To integrate a J2EE server with Microsoft IIS:

  1. Install Microsoft IIS and role services

  2. Add the ISAPI and CGI limitations

  3. Add an ISAPI filter

  4. Set the handler mapping

  5. Add a virtual directory

  6. Disable the authentication functionality of the Web server

  7. Set an application pool in the Server node

  8. Set an application pool in the Site node

  9. Set the access permissions for the log output destination directory of the redirector

  10. Start the Web site

    Reference note

    (INTENTIONALLY DELETED)

Organization of this subsection

(1) Installing Microsoft IIS and role services

To use Microsoft IIS, you need to install Microsoft IIS and role services in accordance with your goals. The following shows the procedure for installing IIS and role services:

If Microsoft IIS is already installed and additional role services are necessary, install the role services. (The required role services are described later.)

  1. Start Server Manager.

    (If Server Manager does not start automatically, start it from the startup window.)

  2. From Server Manager, click Add Roles and Features.

  3. After the wizard starts, click Next.

  4. Select Role-based or feature -based installation, and then click Next.

  5. Select the desired server, and then click Next.

  6. From Server Roles, select Web Server (IIS), and then click Next.

    If the message Do you want to add required features to Web Server (IIS)? pops up, select the Include management tools (if applicable) check box, and then click Add Features.

  7. From Select Features, click Next.

  8. From Web Server Role (IIS), click Next, and from Select Role Services, select the minimum role services that you need, as follows, and then click Next.

    • HTTP error

    • Reference directory

    • Existing documents

    • Static contents

    • ISAPI extension

    • ISAPI filter

    • IIS management console

    Add other role services as necessary. In particular, HTTP log and Trace are useful when troubleshooting failures.

  9. Click Install.

  10. Click Close.

    Installation is complete.

To Page Top

(2) Adding the ISAPI and CGI limitations

To add the limitations of ISAPI and CGI:

  1. Start Internet Information Service (IIS) Manager.

    You can start it by selecting Tools and then Server Manager.

  2. In the Features View server, from the Home page, double-click ISAPI and CGI Limitations.

  3. In the ISAPI and CGI Limitations page, under the Actions window, click Add.

  4. In the Add ISAPI or CGI Limitations dialog box, perform the following operations:

    • In ISAPI or CGI Path, specify the DLL (Cosminexus-installation-directory\CC\web\redirector\isapi_redirect.dll) of the redirector.

    • In Description, enter ISAPI.

    • Check the Allow Execution of Extension Path checkbox.

  5. Click the OK button.

    Close the Add ISAPI or CGI limitations dialog box to apply the settings.

To Page Top

(3) Adding an ISAPI filter

To add an ISAPI filter:

  1. In the Features View site, from the Home page, double-click ISAPI Filter.

  2. In the ISAPI Filter page, under the Actions window, click Add.

  3. In the Add ISAPI Filter dialog box, perform the following operations:

    • In Filter Name, enter hitachi_ccfj.

    • In Executable File, specify the DLL (Cosminexus-installation-directory\CC\web\redirector\isapi_redirect.dll) of the redirector.

  4. Click the OK button.

    The Add ISAPI Filter dialog box closes, and the settings are applied.

To Page Top

(4) Setting the handler mapping

To set the handler mapping:

  1. In the Features View site, from the Home page, double-click Handler Mapping.

  2. In the Handler Mapping page, select ISAPI-dll, and then in the Actions window, click Edit.

  3. In the Edit Module Map dialog box, perform the following operations:

    • In the Requested Path, enter *.dll.

    • In Executable File, specify the DLL (Cosminexus-installation-directory\CC\web\redirector\isapi_redirect.dll) of the redirector.

    If the handler mapping is already set, the Edit Script Map dialog box will run; however, the operation contents are the same.

  4. Click the OK button.

  5. In the message dialog box for confirming whether or not to enable the editing of the module map, click the Yes button to enable the ISAPI extension functionality.

  6. In the Handler Mapping page, select ISAPI-dll, and then in the Actions window, click Edit Access Permission of Functionality.

  7. In the Edit Access Permission of Functionality dialog box, check all access permissions including Read, Script, and Execute.

  8. Click the OK button.

    The Edit Access Permission of Functionality dialog box closes, and the settings are applied.

To Page Top

(5) Adding a virtual directory

Add a virtual directory named hitachi_ccfj. To add the virtual directory:

  1. In the Connections window, expand the Site node, and click the site for adding the virtual directory.

  2. In the Actions window, click Display Virtual Directory.

    The Virtual Directory page appears.

  3. In the Virtual Directory page, under the Actions window, click Add Virtual Directory.

  4. In the Add Virtual Directory dialog box, perform the following operations:

    • In Alias, enter hitachi_ccfj.

    • In Physical path, specify the directory in which the DLL (Cosminexus-installation-directory\CC\web\redirector\isapi_redirect.dll) of the redirector is saved.

  5. Click the OK button.

    The Add Virtual Directory dialog box closes, and the settings are applied.

To Page Top

(6) Disabling the Web server authentication functionality

To use the authentication functionality of the Web container, you need to disable the authentication functionality of the Web server, as follows:

The following shows how to disable Active Directory client certificate authentication, digest authentication, Windows authentication, forms authentication, and APS.NET impersonation:

  1. In the Connections window, select Home page, and then double-click Authentication.

  2. In the Authentication window, select Active Directory Client Certificate Authentication. In the Action window, click Disable. (Optional)

  3. In the Connections window, unroll the Site node, and then click hitachi_ccfj.

  4. On the Home page, double-click Authentication.

  5. In the Authentication window, select Forms Authentication. In the Action window, click Disable. (Optional)

    To access the resources managed by the Web container, disable this functionality.

  6. In the Authentication window, select Digest Authentication. In the Action window, click Disable. (Required)

    Be sure to disable digest authentication, regardless of whether the authentication functionality of the Web container is used.

  7. In the Authentication window, select Windows Authentication. In the Action window, click Disable. (Optional)

    Be sure to disable Windows authentication when Basic authentication of the Web container is set.

  8. In the Authentication window, select APS.NET Impersonation. In the Action window, click Disable. (Optional)

    To access the resources managed by the Web container, disable this functionality.

  9. Click OK to close each window.

To Page Top

(7) Setting an application pool in the Server node

To set an application pool in the Server node:

  1. In the Connections window, expand the Server node, and then click Application Pool.

  2. In the Application Pool page, select the application pool to be used, and then in the Actions window, click Detailed Settings.

  3. In the Detailed Settings dialog box, perform the following operation:

    In Maximum Number of Worker Processes#, specify the maximum number of processes for processing requests in Microsoft IIS.

    #

    In this manual, the execution processes of the Web container are also referred to as Worker processes; however, the Worker processes set here are the processes used to process requests in Microsoft IIS.

  4. Click the OK button.

    The Detailed Settings dialog box closes, and the settings are applied.

To Page Top

(8) Setting an application pool in the Site node

To set an application pool in the Site node:

  1. In the Connections window, expand the Site node, and then click the site in which to specify the application pool.

  2. In the Actions window, click Detailed Settings.

  3. In the Detailed Settings dialog box, enter Application Pool.

    In Application Pool, specify the name of the application pool set in (7) Setting an application pool in the Server node.

  4. Click the OK button.

    The Detailed Settings dialog box closes, and the settings are applied.

To Page Top

(9) Setting access permissions for the log output destination directory of the redirector

In the log output destination directory of the redirector, you must add the permission for writing to the execution account of the application pool of Microsoft IIS. Set the access permissions for the log output destination directory of the redirector from Explorer.

Specify the execution account of the application pool in the Detailed Settings dialog box of the application pool, under ID. If the default ID is specified, add the write permission for the IIS_IUSRS group.

The default IDs are as follows:

Note that during new installation, by default, the log output destination directory of the redirector (Cosminexus-installation-directory\CC\web\redirector\logs) does not exist. Therefore, either create the logs directory and set the access permission, or set the access permission for the directory that is one level higher (redirector directory).

Also, when the log output destination directory of the redirector is changed and the specified path exists up to only halfway, either set the access permission for the existing lowermost directory, or create all directories corresponding to the specified path and set the access permission for the lowermost directory.

To Page Top

(10) Starting the Web site

To start the Web site of Microsoft IIS:

  1. In the Connections window, expand the Site node, and then click the site to be started.

  2. In the Actions window, click Start. If the site is already started, click Restart.

    The Web site either starts or is restarted.

To Page Top

(11) Notes

This appendix describes the notes on setting Microsoft IIS.

(a) Notes on replication of configuration settings in multiple environments

In Microsoft IIS, you can save the configuration settings in the web.config file. Also, based on the saved web.config file, you can replicate the configuration settings in multiple environments using xcopy.

However, for a configuration environment in which the redirector is used, you cannot set the redirector when replicating the settings in multiple environments using xcopy. Even when you specify the same configuration settings for multiple environments using xcopy, set the redirector manually in each environment.

(b) Notes on customizing the error page

If you have specified the settings for returning a custom error page in the error page of Microsoft IIS, the customization of the error page by the <error-page> tag of web.xml might be disabled. If you want to enable the customization of the error page by the <error-page> tag of web.xml, disable the settings of custom error page in the error page of Microsoft IIS.

(c) Points to be noted when using along with other filters

If Microsoft IIS receives requests that are to be forwarded to the Web container, the Redirector for Microsoft IIS changes the request URL information to be used in the ISAPI filter. Therefore, the request URL received by Microsoft IIS cannot be retrieved in the ISAPI filter if the ISAPI filter is executed after the Redirector for Microsoft IIS. Accordingly, you must make the settings in such a way that the filter is executed before the Redirector for Microsoft IIS, and the filter can retrieve the URL requests received by Microsoft IIS. To change the execution order, you can set the execution priority of the Redirector for Microsoft IIS by setting the value of the filter_priority key in the isapi_redirect.conf file (Operation Definition file of the Redirector for Microsoft IIS) to "Medium" or "Low". For details on the filter_priority key of the isapi_redirect.conf file (Operation Definition file of the Redirector for Microsoft IIS) see 14.2.1 isapi_redirect.conf (Redirector action definition file for Microsoft IIS).

To Page Top

Trademarks

All Rights Reserved. Copyright (C) 2022, Hitachi, Ltd.