Kick Remote Desktop (RDP) user

You try to RDP onto a machine but get this error:

The simplest way to remove an idle connection (Windows 2003):

1) log into a machine on the same network
2) select the Terminal Services Manager (or Start->Run tsadmin.exe)

3) right click on network in left pane, select "Connect to Computer".  Enter required IP or hostname
4) right click on user in right pane, select "Log Off"

Debug Tomcat Windows Service from Eclipse

1) Launch "Configure Tomcat" GUI
2) On Java tab under Java Options add the following 2 lines:

-Xdebug
-Xrunjdwp:transport=dt_socket,address=127.0.0.1:1044,server=y,suspend=n

alternatively, and preferred since Java 5.0, add the following line:

-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=1044

3) Restart Tomcat
4) In Eclipse go to Run->Debug Configurations.  Create a new Remote Java Configuration with the following settings:

Connection Type: Standard (Socket Attach)
Host: localhost
Port: 1044

Change server/port as appropriate.

To detach press this button:

Further Info:

> java -agentlib:jdwp=help

            Java Debugger JDWP Agent Library
            --------------------------------

(see http://java.sun.com/products/jpda for more information)

jdwp usage: java -agentlib:jdwp=[help]|[<option>=<value>, ...]

Option Name and Value            Description                       Default
---------------------            -----------                       -------
suspend=y|n                      wait on startup?                  y
transport=<name>                 transport spec                    none
address=<listen/attach address>  transport spec                    ""
server=y|n                       listen for debugger?              n
launch=<command line>            run debugger on event             none
onthrow=<exception name>         debug on throw                    none
onuncaught=y|n                   debug on any uncaught?            n
timeout=<timeout value>          for listen/attach in milliseconds n
mutf8=y|n                        output modified utf-8             n
quiet=y|n                        control over terminal messages    n

suspend=y tells the jvm to wait until debugger attached

Java Virtual Machine Tool Interface
More Info on JVM TI and writing agents
Java Platform Debugger Architecture (JPDA)
Java Debug Wire Protocol (JDWP)

Subject Alternative Name

I'm using Spring Integration to talk to a HTTP/REST service.  To secure the link I set up mutual SSL authentication.  I now get the following error:

java.security.cert.CertificateException: No subject alternative names present

I'm talking to an IP address rather than a domain name, the RFC2818 specs say:

In some cases, the URI is specified as an IP address rather than a
hostname. In this case, the iPAddress subjectAltName must be present
in the certificate and must exactly match the IP in the URI. 

This blog entry is also helpful to understanding the problem:

http://www.jroller.com/hasant/date/20081127

Under the covers Spring Integration is using a HostNameChecker which is throwing the exception.  The next line of the exception stack confirms:

 at sun.security.util.HostnameChecker.matchIP(Unknown Source)

I will need to set the IP address as subject alternative name with type IPAddress (key=7).  In Java 6 or lower, keytool does not support X.509v3 certificate extensions:

http://blogs.oracle.com/wangwj/entry/keytool_enhancements

OpenSSL is an alternative way of generating certificates with extensions.  However, I chose to download Java 7 and the new version of keytool:

# create keystore and generate client key pair
keytool -genkey -alias client -keyalg RSA -validity 3650 -ext san=IP:<ip address> -keystore .\client.keystore -storepass <password> -keypass <password>

Export and import into client's truststore as before and the no subject alternative names problem is fixed :)