How to encrypt passwords in the Tomcat server.xml file

Posted on by Matthew Skelton (@matthewskelton)

By default, Tomcat stores passwords in server.xml in clear text, which can lead to obvious security lapses.

The easiest way to mitigate against user account compromise is to use a password digest (SHA, MD2 or MD5 are supported).

With $CATALINA_HOME/lib/catalina.jar and $CATALINA_HOME/bin/tomcat-juli.jar on your class path, just use the following to generate the digested passwords:

java org.apache.catalina.realm.RealmBase \
   -a {algorithm} {cleartext-password}

The digest technique works by having the incoming clear text password (as entered by the user) digested, and the results compared to the stored digested password. If the Two digests match, the password entered by the user must be correct, and the authenticate() method of the Realm succeeds.

Burn ISO images to CD in Windows XP

Posted on by Matthew Skelton (@matthewskelton)

There are some curious anomalies when it comes to writing CDs/DVDs in Windows XP, and one of these is the lack of inbuilt support for writing ISO images to CD.

However, Alex Feinman has an ISO Recorder V2 for Windows XP SP2/SP3, which even comes recommended by Microsoft.

Petri has more information, including use of CDBurn.exe from the Windows 2003 resource kit, and the screenshots of ISO Recorder V2 (above).

If you just need to use an ISO image (without burning a CD), then software such Daemon Tools or Alcohol 120will mount ISOs as virtual drives.