-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Jeffrey,
On 2/12/13 9:40 AM, Harris, Jeffrey E. wrote: > Tomcat will host a web-app that will connect as a proxy to another > organization's system to retrieve data that we will use in our > applications. It is the other organization that is mandating the > "no password" requirement, and there is no other option than to use > their data. Our customer requires that the Tomcat server be up > 24/7 (with minor outages), hence the need to design a solution that > satisfies the requirements of both our customer, and the other > organization. Obviously, if we cannot create a way to automate the > process, we may have to do something akin to what you do above. > > However, when I run Tomcat from the console, I am never prompted > for the password. Instead, Tomcat just fails to start the listener > on the specified SSL port. What you describe is simply not possible: the password must be available in order to unlock the keystore. If you need unattended restarts, you'll need to have the password stored somewhere. If you had read the FAQ entry Chuck posted, you would know that you can specify passwords in an "obfuscated" format -- that is, the actual password does not appear in clear-text in server.xml. If you need to specify it on the command-line, then someone needs to be there to type-in the command. If you want it on the command-line, but you are going to put the command-line into the registry (as part of the service-start definition), then you have violated your own requirements (mentioned earlier that you can't store anything in the registry). If the command-line strategy will really work for you (and I really think it won't, unless you are doing remote-scripted-restarts of your services, which I didn't actually know you could do on Windows), then reading the FAQ will present an answer to you (hint: it's the last option that talks about using a PropertySource). If you still can't figure it out, then please hire a consultant to do it for you. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlEax9cACgkQ9CaO5/Lv0PBwMgCfQXgupsz7Fmy/9WK4eTZB+9bM O2AAn3/2R1xj7wWbdUheBFu9x3qgdcS9 =01vv -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
