If someone gets as far as modifying files on your server, it's pretty much game over as he can undo most checks that you can do.
You could burn the checksum on a read-only media and have an external job check it every 5 minutes against the war and do a shutdown if it fails ;-)
But I do not know which war to check because hacker can change war name.
Hmm. Perhaps you could check the absolute path of a File handle to something inside the archive?
But like I said, if someone has shell access to your system it's pretty much game over.