You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Sebastian Biedermann <bi...@seceng.informatik.tu-darmstadt.de> on 2011/04/06 14:29:15 UTC

tomcat integrity

Dear List,

I´m searching for a integrity measurement module for apache tomcat which
makes a hash (e.g. sha1) from each *.war file before starting/employing it.

Can anyone give me a hint?

Thank you!
Sebastian

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: tomcat integrity

Posted by Francis GALIEGUE <fg...@one2team.com>.

On Wed, Apr 6, 2011 at 14:29, Sebastian Biedermann
<bi...@seceng.informatik.tu-darmstadt.de> wrote:
> Dear List,
>
> I´m searching for a integrity measurement module for apache tomcat which
> makes a hash (e.g. sha1) from each *.war file before starting/employing it.
>
> Can anyone give me a hint?
>

You can sign jars, so I guess you can sign wars and use the same tools
to check validity. But this means signing the war at build/package
time.

Otherwise you can just use whatever the system provides you with. I
don't know for Windows, but Linux has {md5,sha1,sha256}sum, etc etc.

-- 
Francis Galiegue
ONE2TEAM
Ingénieur système
Mob : +33 (0) 683 877 875
Tel : +33 (0) 178 945 552
fge@one2team.com
40 avenue Raymond Poincaré
75116 Paris

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org