For a long time we were pretty much locked to running Java code somehow behind IIS.
Since then the Samba folk have decoded the once-secret Windows authentication protocol, and provide an usable implementation in Java (JCIFS). The implementation was first available a few years back, but as with most new software the first few versions tended to be troublesome (to varying degrees) when deployed. A bit too risky for a product installed on hundreds of unique company intra-nets.
At the same time, Microsoft continues to make changes to IIS. Seems that every new version of IIS causes existing web applications (deployed on or behind IIS) to break in new and interesting (not!) ways, and more often than not at a customer site rather than in development testing. Microsoft has good reasons for continuing to improve IIS, but those same “improvements” are a continuing source of grief for both development and our customers.
Would sure be nice to get off the IIS upgrade (not-so-merry) merry-go-round…
Another constraint was the chance that the customer might want to install other web applications on the same server box. Those other intra-net applications were likely to require IIS.
On recent reflection - I am not sure that the once-required solution still makes as much sense.
- The non-Microsoft implementations of NTLM authentication seem a lot more reliable.
- Cheap/powerful hardware and widespread use for virtual machines (VMware and the like) means each web application is most likely on it’s own individual machine (virtual or not).
- New and future versions of IIS are pretty much guaranteed to cause future grief.
- Pure Java-based solutions can be run on non-Windows platforms.
Ditching IIS would sure make my (professional) life easier…