However, now that I have had time to clear those up, a new project is to get our ColdFusion code from our old and hastily build Adobe ColdFusion 9 server to a new Railo 4 box. I've spent about a week working with a test IIS 7 box provided to me and have been allowed to build and fail and make a mess of things and I think I just about have it right.
There are documentation and discussions all over the place so I thought I should record my notes here. In general our server serves 4 sites and we had used multiple instances in Adobe's CF. I had wanted to replicate that process as well as lock down the Administrative interface from being accessed from the web (local access only). I don't think Railo does Multiple Instances as we have known them, but I wanted to run multiple web apps from the one server, which is nearly the same thing, almost. Not really, but for our purposes the technical differences are not meaningful. We want multiple sites/apps and no Admin access from the internet.
Prepping IIS
Ok, so the systems team built me a virtual server and he made some C-Names so that I could test multiple sites on the one box: app-testrailo.unm.edu and mobile-testrailo.unm.edu. I used my remote console and created the Web Server (IIS) role and included basic Web Server services and the Application Development services (ASP, .Net, CGI, ISAPI Extentions and Filters).
We keep our web files on a different drive from the C: so I created my sites: app and mobile and bound them to the urls and the path was set to z:\app and z:\mobile. Then I dumped in some sample apps so I would have something decent to test. Then I tested out the web server and viewed the successful HTML pages.
Prepping Railo
I read and followed the install instructions for Railo. The installer does it's thing very quickly. Up comes the basic Railo welcome page and links to my administrator. However, this is the Default root that lives in the default C:tomcat... Railo... Root folder. My regular web applications just gave me 500 errors. To link up my apps I needed to edit the Tomcat Host Config and restart the Railo service. Near the bottom of the Host Config file I needed to add these entries near the bottom:
<Host name="hsc-testrailo.health.unm.edu" appBase="webapps">
<Context path="" docBase="E:\hscapp" />
</Host>
<Host name="mobile-testrailo.health.unm.edu" appBase="webapps">
<Context path="" docBase="E:\hscmobile" />
</Host>
I also commented out the "localhost" entry since I was not using C:\inetpub\wwwroot\. I'm not sure if that was useful, but it seemed like a good idea. After a restart I am getting my apps to process the ColdFusion. Yay! Even cooler is seeing my sites in the list of Web contexts in the administration page. Double Yay!
Secure the Administrator
Now, I run some tests and the server administrator is available on the open internet. Boo! So we must secure the context. There are a number of Apache fixes discussed, but the key is to address the Bon Code Tomcat Connector for IIS. A Google Groups post gave me a hint. There is a "BonCodeAJP13.settings" file in the C:\railo\ajp13 directory where I can set the
<EnableRemoteAdmin>True</EnableRemoteAdmin>
to False. However this file is just the sample one, in my case the real one lives it the C:\Windows directory. It also administrative protected, so updating it was kind of a pain: file saved, Railo restarted, and my sites still work. And the url "http://app-testrailo.unm.edu/railo-context/admin/server.cfm" produces this error:
Access from remote not allowed (2).
Success!