I am setting up a 64-bit IIS 7.5 / Tomcat 7.0.26 server and I have received the following errors when I navigate to
HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid.
Detailed Error Information
Module IIS Web Core Notification BeginRequest Handler Not yet determined Error Code 0x80070021 Config Error This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false". Config File \\?\C:\Folder\apache-tomcat-7.0.29\jk\web.config Requested URL http://localhost:80/jakarta/isapi_redirect.dll Physical Path C:\Folder\apache-tomcat-7.0.29\jk\isapi_redirect.dll Logon Method Not yet determined Logon User Not yet determined
Config Source (Line 4 is highlighted in red)
3: <system.webServer> 4: <handlers accessPolicy="Read, Execute, Script" /> 5: </system.webServer>
I'm guessing that the problem is that the web.config file (which is mentioned in the Config source error) is written incorrectly. Can anybody confirm this? I Haven't been able to find an sample web.config files to go off of.
I copied the entire jk folder (which includes the isapi_redirect.dll, isapi_redirect.properties, uriworkermap.properties, web.config and workers.properties) from another server that is working, however the configuration of that server is different, as it was originally set up to run Tomcat in a different way.
The clue to solving this is in the error message (IIS is really good at explaining 500.19 errors which is nice):
This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".
What this is saying is that you can't specify a configuration section change (in this case
<handlers accessPolicy="Read, Execute, Script"> in your
You can resolve this by unlocking this section at the site level using the following command:
appcmd unlock config "[SITENAME]" -section:handlers /commit:apphost
[SITENAME] is the name of the site where your TomCat bits are installed.
You can also do this in IIS7's Management Console:
Navigate to the site and launch the Configuration Editor applet/feature:
In the Configuration Editor select
system.webServer/handlers from the Section list box and
ApplicationHost.config <location path="[SITENAME]" /> from the From: listbox then click Unlock Section:
/commit:apphost switch in the command line version and the
ApplicationHost.config <location path=... location in the GUI version ensures that this section is unlocked in IIS's
applicationHost.config file rather than in your
web.config. This means it's less likely to be undone by a slip of the keyboard when someone edits the
Under the bonnet what this adds is a
<location> element that looks like:
<location path="[SITENAME]" overrideMode="Allow"> <system.webServer> <handlers /> </system.webServer> </location>
However, before doing that I'd try removing the offending line in your
web.config file first, but I suspect that
isapi_redirect.dll needs to be executable.
User contributions licensed under CC BY-SA 3.0