*
The moose likes Java in General and the fly likes Encrypting the web application classes Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "Encrypting the web application classes" Watch "Encrypting the web application classes" New topic
Author

Encrypting the web application classes

sreenath reddy
Ranch Hand

Joined: Sep 21, 2003
Posts: 415
Hi

I have a web application and WEB-INF lib has some jars ....i dont wany any one using my web application to obfuscate my code ..hence i want a way to encrypt my classes and if so whats the way of decrypting them because while loading the classes tomcat may not be able to load those encrypted classes properly

can any one elaborate on this ??

Regards
Sreenath
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60799
    
  65

Not a JSP question so moving to Java in General (intermediate).


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Manuel Moons
Ranch Hand

Joined: Mar 05, 2002
Posts: 229
I think you actually want to obfuscate your jar files. Obfuscating class files removes all information such as line numbers, variable names, class names, method names, etc...

This protected your code from being stolen (copied) by others.

Obfuscation = encryption of code.

You can use for instance Retroguard (http://www.retrologic.com/) to obfuscate your code.
sreenath reddy
Ranch Hand

Joined: Sep 21, 2003
Posts: 415
Hi

i will encrypt using his tool ...but do i need to something from my server side ?? i mean will jvm understand this and will be able to load the class

And also is there any free tool for this because this is licensed for commercial use
Manuel Moons
Ranch Hand

Joined: Mar 05, 2002
Posts: 229
You can use yGuard. This is free.

You do not need anything on your server side. The only thing that you have to do is run your classes through the obfuscator.

You have to make sure that all public methods are not obfuscated. An obfuscator actually discards all the variable, method and classnames. So if you have some methods and classes that you refer to externally you have to say to the obfuscator that is must leave these things alone.

In most obfuscator you will have to write a text file with the names of the classes and methods that may not be obfuscated. You will have to read the obfuscator's manuals for this.
 
jQuery in Action, 2nd edition
 
subject: Encrypting the web application classes
 
Similar Threads
encryption of war file
Multiple main classes in jnlp file?
number of class loaders in a Ear Application
unable to access class from jsp...
Encrypting the web application classes