Good day! First time posting here, so if I'm miss...
# box-productsa
Aaron DeRenard
12/12/2022, 3:51 PMGood day! First time posting here, so if I'm missing something please let me know gently. 🙂
I've been trying to setup CommandBox to run behind IIS using BonCode. I has this working a week ago, but I made so many changes I don't know what actually made it work, but I know it can work. I think what made it work was using the BonCode installer and installing across all sites, but I have a need to run CommandBox on some sites and ACF standalone on others for now.
I got my start following the directions in the video here:
https://www.ortussolutions.com/blog/screencast-running-commandbox-servers-behind-iis-with-boncode
That got me where BonCode was connecting to Tomcat. What was missing though is the secret key for the ghostcat update. I got that information from reading the BonCode documentation here:
http://www.boncode.net/connector/webdocs/Tomcat_Connector.htm
This is what I have in the CommandBox config:
server.json-
{
"web":{
"AJP":{
"enable":"true",
"port":"8079",
"secret":"<secret_key_here>"
}
}
}
This is what I have in the site's BonCode config post connector installation in BonCodeAJP13.settings-
<Settings>
<Server>localhost</Server>
<Port>8079</Port>
<EnableRemoteAdmin>False</EnableRemoteAdmin>
<EnableHeaderDataSupport>False</EnableHeaderDataSupport>
<ForceSecureSession>False</ForceSecureSession>
<AllowEmptyHeaders>False</AllowEmptyHeaders>
<ModCFMLSecret><secret_key_here></ModCFMLSecret>
<RequestSecret><secret_key_here></RequestSecret>
</Settings>
The installation done to setup the BonCode connector and handlers is using the following configuration-
[Setup]
installType=sites
acceptLicense=1
enableRemote=0
configurePoolPermissions=1
[Handlers]
installCF=1
installJSP=0
installWildCard=0
[Tomcat]
server=localhost
ajpPort=8079
configureServerXml=0
[Settings]
allowEmptyHeaders=0
forceSecureSession=0
enableHeaderDataSupport=0
enableFlush=0
enableRemoteIpDetection=0
requestSecret=<secret_key_here>
modCfmlSecret=<secret_key_here>
[Sites]
Site10=1
(Note: Site10 is the 10th site in my IIS which I want to configure to use CommandBox)
What I end up getting is a response from Tomcat saying 403 - Forbidden, The server understood the request but refuses to authorize it.
I'm missing something here, and I don't know what. Does anyone here have any experience or direction that could short circuit my endless attempts at making this work as a single site handled by CommandBox behind IIS using the BonCode connector? Or is there another way to setup CommandBox behind IIS? Thank you in advance for any advice you may have.
g
gknight
12/12/2022, 5:09 PMI don't use the secret key at all and have no problems, I just use this in my server.json:
"web":{"rewrites":{"enable":"true"},"http":{"port":"5051"},"AJP":{"enable":"true","port":"8051"}}gknight
12/12/2022, 5:10 PMBoncodeCodeAJP13.settings file is set to:
<Settings><Server>localhost</Server><Port>8051</Port><EnableRemoteAdmin>False</EnableRemoteAdmin><EnableHeaderDataSupport>False</EnableHeaderDataSupport><ForceSecureSession>False</ForceSecureSession><AllowEmptyHeaders>False</AllowEmptyHeaders><ResolveRemoteAddrFrom>HTTP_X_FORWARDED_FOR</ResolveRemoteAddrFrom></Settings>gknight
12/12/2022, 5:12 PMMake sure that you add this to you web.config file right under <system.webServer>
<handlers><add name="BonCode-Tomcat-CFC-Handler" path="*.cfc" verb="*" type="BonCodeIIS.BonCodeCallHandler" preCondition="integratedMode" /><add name="BonCode-Tomcat-CFM-Handler" path="*.cfm" verb="*" type="BonCodeIIS.BonCodeCallHandler" preCondition="integratedMode" /></handlers>b
bdw429s
12/12/2022, 6:33 PMHi @Aaron DeRenard and welcome
bdw429s
12/12/2022, 6:34 PMFirstly, please don't post unformatted code chunks in the main thread. Create a multi-line code block by typing thee backticks (`). It's best to ask your question and then place any related code blocks inside a Slack thread (like where we're replying to you)
👍 1
bdw429s
12/12/2022, 6:35 PMSo, to answer your questions-- firstly the screencast on this topic is a bit outdated. There has been a major new feature released a few versions ago in CommandBox which allows you to use a single CommandBox server instance to power all your sites instead of a server for each site. This is the ModCFML feature
bdw429s
12/12/2022, 6:35 PMbdw429s
12/12/2022, 6:36 PMIf you are running Adobe's Connector and a Boncode connector, then it is very important that you don't choose "all sites" for either of them! Each connector needs to be in single-site mode so you can choose which IIS site goes where
bdw429s
12/12/2022, 6:37 PMThis means the handlers (stored in the web.config) will need configured for each IIS site based on whether you want it to point to a CommandBox instance via Boncode or an ACF standalone instance.
bdw429s
12/12/2022, 6:39 PMThat got me where BonCode was connecting to Tomcat.to be clear, CommandBox does NOT use Tomcat. BonCode has sloppy documentation and it uses the phrase "Tomcat" where it should say "AJP-capable servlet container of your choice" 🙂
🤔 1
bdw429s
12/12/2022, 6:41 PMAlso, it is worth noting that you do not necessarily need IIS for anything. CommandBox has a fast, powerful, suyper capable pure Java web server built into it (using JBoss Undertow) which does nearly anything IIS does for you. CommandBox's web server is secure by default (specifically for CF servers), and can be exposed directly.
👍 1
bdw429s
12/12/2022, 6:41 PMI'm not clear if you're configuring this for production use or just local development, but there's nothing at all wrong with just hitting CommandBox directly to greatly simplify your setup.
bdw429s
12/12/2022, 6:43 PMWhat was missing though is the secret key for the ghostcat updateTo be clear, CommandBox's AJP listener does not enforce an AJP secret by default, so the lack of one being configured should not have caused any issues.
bdw429s
12/12/2022, 6:44 PMAlso note, the ModCFML secret is not the same thing as an AJP secret.