Configuring an IIS 7 front-end for Apache Tomcat, using AppCmd.exe

I wanted to automate as much as possible the process of configuring the Apache Tomcat Redirector for IIS 7. You can find detailed how-to documents describing how to configure the ISAPI filter manually, but I couldn’t find any ready-made scripts to automate the process using IIS 7’s AppCmd command. My goal is eventually to get Apache and an IIS front-end running in Windows Azure, but this will have to wait for another post!

The first thing you need to do is of course to download the ISAPI filter binaries from the Apache repository. Be careful to download the 64bit version if you run a 64bit OS, like Windows Server 2008 R2, or you will see error messages when IIS tries to load the IIS filter.

The other thing I couldn’t find immediately are the sample configuration files that are mentioned in the Apache documentation ( and; I finally found them in the source archive, so I would advise you to download this as well, and look in the conf directory for the samples.

Then you need to organize things somewhat on your drive; I arranged the various files like so:

|       isapi_redirect.dll

A couple notes:

  • You do not need to modify the registry like some older docs instructed; the configuration is contained in the file
  • Do not rename isapi_redirect.dll and; some magic configuration things seem to happen based on the name of the DLL
  • The logs directory will contain, obviously, the ISAP filter logs

And now, the file:

# Configuration file for the Jakarta ISAPI Redirector

# The path to the ISAPI Redirector Extension, relative to the website
# This must be in a virtual directory with execute privileges

# Full path to the log file for the ISAPI Redirector

# Log level (debug, info, warn, error or trace)

# Full path to the file

# Full path to the file

And now we need to configure IIS so that it will run the ISAPI filter; there are basically four tasks we need to accomplish:

  • Register the DLL as an ISAPI filter
  • Allow execution of the ISAPI filter
  • Create a virtual directory pointing to our isapi directory above
  • Allow executables (i.e., our DLL) in the new virtual directory

And without further ado, the script!

PATH %PATH%;%SystemRoot%\System32\inetsrv

for /f "tokens=*" %i in ('appcmd.exe list site /text:name') do set SITE=%i

appcmd.exe set config /section:isapiCgiRestriction /+[@start,description='Tomcat',path='C:\jk\isapi\isapi_redirect.dll',allowed='true']

appcmd.exe set config /section:isapiFilters /+[@start,name='Tomcat',path='C:\jk\isapi\isapi_redirect.dll']

appcmd.exe add vdir /"%SITE%/" /path:/jakarta /physicalPath:c:\jk\isapi

appcmd.exe set config "%SITE%/jakarta" /section:system.webServer/handlers /accessPolicy:Read,Write,Execute

iisreset.exe /restart

Here are a few details about what is going on:

  1. Add the path to the AppCmd.exe command to the system path
  2. Run the “list site” command to retrieve the name of the default site, and store it in the SITE variable. Note: this won’t work if you have more than one IIS site! Please adapt the script if you need to!
  3. Add the DLL to the isapiCgiRestriction section
  4. Add the DLL to the isapiFilters section
  5. Create the new virtual directory (please note it has to be the same as the value provided in
  6. Fix the access policy on the new virtual directory

I hope this helps, at least it Worked On My Machine! ™

Comments (2)

  1. DanTheManXX says:


    I have just seen after uncessfully trying to disable IIS 7 on my SharePont 2010 dev VM.  In my case I want XAMP install to host a local copy of myblog.local …  .  will give this a try an report back


  2. voodoochild says:


    FYI you can use variables $(JKISAPI_PATH) and $(JKISAPI_NAME) in the file.. will help your automation even more. This way you can put the files anywhere and not have to configure the properties file!  Enjoy.  🙂

    For example;

    # The directory that the .dll and THIS FILE are in.


    # virtual directory path to the .dll


    # Location of the configuration file for redirector workers


    # Location of logging file for the redirector


    # Location of the configuration file that maps URLs to workers.


    # Location of the configuration file for URL rewriting.


    # What events will get written to the redirector log file. Can be debug, info, warn, error or trace.


Skip to main content