Uniface User Forum

So we are looking to publish our first web-page (yay!). And central IT want to know how we set up a server in the DMZ to work with our application on production machines. 

I know next to nothing about all this, and the only references I can find to IIS in the manual refer to the tomcat workers.properties etc, but have zero information on configuring IIS to use the isapi_redirect and what ton configure on the IIS. 

I have an almost decade old note from a Uniface consultant as to how to set it up, but I can't make sense of it. 

Is there an idiot's (and I MEAN idiot) guide to setting up the isapi redirect on a different machine than the deployed system? 

I have several uniface installations (9.7.05, Uniface 10 (Production) and Uniface 10 for development installed on the same server, so I need to be able to re-direct different URLs to different instances of Tomcat (On different ports) so I don't think stuff from the standard installers will work for me. 

If there's a search term I should have used in the manual other than IIS to find the page on configuring the actual IIS from the IIS manager, that'd help too. 

Regards, 

Iain

For the ISAP redirect there's a How-To in the Tomcat docs:

> The Apache Tomcat Connectors - Web Server HowTo

And I've found a best practices article about how to "Fronting Tomcat with Apache or IIS". Looking at this it seems best to place the IIS web server in the DMZ and the rest (Tomcat and Uniface) behind the firewall.

I hope this helps.

Regards,
Daniel

So Jason sent me to a web page on Adobe which I think I'd been to before, and I think I worked out the differences between the examples on there and what is necessary for the uniface installation, but I have no way of knowing whether they are even close to right. 

However, I get the error. 

HTTP Error 500.0 - Internal Server Error

Calling GetFilterVersion on ISAPI filter "C:\apps\compuware\uniface\common\tomcat\bin\w64\isapi_redirect.dll" failed

With a simple entry in the IIS log files of my attempt to access the path, and no log file created (as far as I can see) for the isapi_redirect.

The first online page I found about this, the user spent a month trying to fix it with no success and eventually downloaded a .net filter to replace the isapi_redirect entirely., 

Can anyone save me a month here? 

Regards, 

Iain

Maybe you should have a look at other pages in the search result? Here's someone who fixed the problem in (it seems) a day:

> https://forums.iis.net/t/1155148.aspx?IIS+7+Tomcat+6+Configuration

On the page The Apache Tomcat Connectors - Web Server HowTo there's also a troubleshooting section.

And maybe it's even easier to set-up the isapi_redirect.dll from scratch (as described in the above HowTo for the Apache Tomcat Connector) instead of trying to reconfigure an existing isapi_redirect.dll setup of Uniface.

Hope this helps.

Regards,
Daniel

That page is the one where he eventually gave up and replaced the isapi_redirect.dll with another piece of software, (Last post on the page is by the O.P.) 

I have already tried the only substantive change I can find on that page which is to add the full path to the dll against the ps setting in the isapi_redirect.properties file. No effect. 

I've replaced the dll with the one downloaded from the Adobe site, which changed the error message briefly until I gave it permissions for Everyone, which reset the error back to this one. This is consistent with several other pages that show this error. 

The only other paragraph on there with advice says "I got several things wrong" and then suggests changing the uri setting to match the virtual folder name. Mine already does. I've tried with and without a preceding \. No effect. 

I'll try re-doing from scratch. 

Is there not a recommended, supported, setup for use of websites in a production environment as proposed by the labs? I'd prefer to be doing that, whatever it is, rather than 'rolling my own'. 

Regards, 

Iain

Okay, The first hurdle was permissions on the bin\w64 folder. Changing those gives an error about not having a handler for this extension (404) but does at least log the redirect in the isapi_redirect.log. This appears to be finding the correct folders by filter, and passing them on to something, but I don't know what, or which log file to look in next. There's some kind of mapping file between port 8083 and 8080 somewhere yes/no? 

Did you already check this (from the 64 Bit notes mentioned here)?

"In a 64 Bit environment the used IIS Application Pool should have "Enable 32-bit Applications" set to "False". To check this, select Application Pools in the IIS management console, then right-click on the pool you are using and select Set Application Pool Defaults.... Enable 32-Bit Applications may be found in the General section. If this is not configured correctly, the redirector will not be called and IIS will return an HTTP code 404."

Yes, already set to false. As I say above I've changed the error to something which looks more serious, but where the log files suggest I've gotten a step further by opening up the permissions on the folder.  I now get a redirect log file which shows it's paying attention to the worker.properties and uriworker.... it then says it's a servlet page, and it'll redirect it to \jakarta\isapi_redirect.dll, but the user gets a 404.

Okay, so the answer to the 500 error message, seems to be that the permissions on the tomcat\bin\w64 folder must include 'everyone'. 

The subsequent error I got appears to have been down to a change I made to the config files following one ofthe examples, where I changed extension_uri=\jakarta\isapi_redirect.dll to extension_uri=jakarta\isapi_redirect.dll, changing it back allows it all to work. 

All up and running on the internal net now, Now I have to get a machine in the DMZ and see if I can duplicate the setup,