File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Jar File Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Jar File Security" Watch "Jar File Security" New topic
Author

Jar File Security

Arjun Shastry
Ranch Hand

Joined: Mar 13, 2003
Posts: 1874
Hi,
How is the Security of Jar file is done?So that jar file can't be unjared and hence client won't decompile class files using some tool?Links or some information will be great.
Regards
Capablanca


MH
Pankaj Kr
Author
Ranch Hand

Joined: Sep 09, 2003
Posts: 80
Originally posted by Capablanca Kepler:
How is the Security of Jar file is done?So that jar file can't be unjared and hence client won't decompile class files using some tool?Links or some information will be great.

It is not difficult to encrypt a jar file so no one (but only you, who has the secret key) can unjar it. But then such an encrypted jar is not of much value. Those who get this cannot use its classes.
If your concern is that you jar will get unjarred, classes decompiled and your IP stolen then you can use code obfuscators. They do a decent job and are quite effective. A Google search for Java Code Obfuscators returns many good links.


Pankaj Kumar
Home - WebLog - J2EE Security
norman richards
Author
Ranch Hand

Joined: Jul 21, 2003
Posts: 367
Let me make another suggestion - forget about it. Obfuscation only keeps out friendly eyes. The unfriendly ones won't even lose 30 minutes to even the cleverest obfuscators. You add complexity, increase costs and make support difficult. It's a losing situation.
If your IP is your Java code, you have no IP.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Jar File Security