// generate a key -- make it long lived so we dont have to do this again
keytool -genkey -alias tomcat -keyalg RSA -validity 3650 -storepass changeit

// export cert to a file
keytool -export -rfc -v -file tomcatCert.crt -alias tomcat -storepass changeit
 
// look at the cert in the file
keytool -printcert -file tomcatCert.crt -storepass changeit


// delete pre-existing cert
keytool -delete -alias tomcat -keystore c:/apps/jdk/jre/lib/security/cacerts -storepass changeit

// import cert into a keystore
keytool -import -file tomcatCert.crt -trustcacerts -alias tomcat -keystore c:/apps/jdk/jre/lib/security/cacerts -storepass changeit

// look at the imported cert
keytool -list -alias tomcat -keystore c:/apps/jdk/jre/lib/security/cacerts -storepass changeit

package com.ofc.tomcat;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Interface flagging that the implementing Realm can set request
 * headers providing additional information about an authentication
 * failure.
 *
 * @author Nicholas Sushkin
 */
public interface ExtendedStatusSetter
{

    /**
     * The request attribute under which we forward an extended failure status message
     * (as an object of type String) to a login error page.
     */
    public static String LOGIN_FAILURE_MESSAGE_ATTR = 
        "com.ofc.tomcat.LOGIN_FAILURE_MESSAGE";
    
    public void setExtendedStatus(String username, HttpServletRequest request, HttpServletResponse response);
}

package com.ofc.tomcat;

import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.Realm;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import javax.servlet.RequestDispatcher;

/**
 * Adds extended authentication failure status to tomcat FormAuthenticator.
 *
 * @author Nicholas Sushkin
 */
public class ExtendedStatusFormAuthenticator extends FormAuthenticator
{
    /**
     * Descriptive information about this implementation.
     */
    protected static final String info =
        "com.ofc.tomcat.ExtendedStatusFormAuthenticator/1.0";

    private static Log log = LogFactory.getLog(ExtendedStatusFormAuthenticator.class);

    // ------------------------------------------------------------- Properties
    /**
     * Return descriptive information about this Valve implementation.
     */
    @Override
    public String getInfo() 
    {
        return info;
    }

    // ------------------------------------------------------------- Overridden behavior
    /**
     * Called to forward to the error page
     * 
     * @param request Request we are processing
     * @param response Response we are creating
     * @param config    Login configuration describing how authentication
     *              should be performed
     */
    @Override
    protected void forwardToErrorPage(Request request, Response response, LoginConfig config) 
    {
        Realm realm = context.getRealm();

        if (realm instanceof ExtendedStatusSetter)
        {
            log.debug("realm implements ExtendedStatusSetter, setting extended status for error page");
            String username = request.getParameter(Constants.FORM_USERNAME);
            ((ExtendedStatusSetter) realm).setExtendedStatus(username, request.getRequest(), response.getResponse());
        }
        else
        {
            log.debug("realm does not implement ExtendedStatusSetter, NOT setting extended status for error page");
        }

        RequestDispatcher disp =
            context.getServletContext().getRequestDispatcher
            (config.getErrorPage());
        try {
            disp.forward(request.getRequest(), response.getResponse());
            response.finishResponse();
        } catch (Throwable t) {
            log.warn("Unexpected error forwarding to error page", t);
        }
    }
}

public class AccountLockoutDatasourceRealm extends DataSourceRealm implements ExtendedStatusSetter
{
    // ...

    public void setExtendedStatus(String username, HttpServletRequest request, HttpServletResponse response)
    {
        setMessage(request, "Account locked");
    }

    protected void setMessage(HttpServletRequest request, String message)
    {
        request.setAttribute(ExtendedStatusSetter.LOGIN_FAILURE_MESSAGE_ATTR, message);
    }
}

Xdebug -Xrunjdwp:transport=dt_socket,adress=8000,server=y,suspend=n

// Obtain our environment naming context
Context initCtx = new InitialContext();
Context envCtx = (Context) initCtx.lookup("java:comp/env");

// Look up our data source by the name we gave it when we created it. 
// In this case that's "jdbc/EmployeeDB".
DataSource ds = (DataSource) envCtx.lookup("jdbc/EmployeeDB");

#!/bin/sh
        
##
# Start Tomcat
##

. /etc/rc.common

export JAVA_HOME=/Library/Java/Home
export CATALINA_HOME="/usr/local/tomcat"
export TOMCAT_HOME="/usr/local/tomcat"

StartService ()
{

	if [ "${TOMCAT:=-NO-}" = "-YES-" ]; then

	    ConsoleMessage "Starting Tomcat"
            sh ${TOMCAT_HOME}/bin/startup.sh
	fi

}

StopService()
{

	ConsoleMessage "Stopping Tomcat"
    sh ${TOMCAT_HOME}/bin/shutdown.sh
}

RestartService ()
{
    StopService
    StartService
}


RunService "$1"

#!/bin/sh

#args to pass to kill
ARG=$1

for file in `find /proc -regex /proc/[0-9]+ 2> /dev/null`; do

    # FIXME: this will execute the command but I don't think that grep 
    # if `grep org.apache.catalina.startup.Bootstrap $file/cmdline`; then 

    if `grep --silent org.apache.catalina.startup.Bootstrap $file/cmdline 2> /dev/null`; then 

        #get the localname of this process id.
        #cat $file/cmdline

        #now go ahead and kill this guy
        base=`basename $file`
        echo kill $ARG $base
        kill $ARG $base

    fi 

done