File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes Enc./Protection of web application code (JSP/JAVA) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Enc./Protection of web application code (JSP/JAVA)" Watch "Enc./Protection of web application code (JSP/JAVA)" New topic

Enc./Protection of web application code (JSP/JAVA)

Robert Jaeger
Ranch Hand

Joined: Apr 29, 2002
Posts: 62

As far as I know it is possible to decompile java code.
But there are tools that modify the code that it cannot be understood anymore.
Unfortunately my JSP files wouldn't be able anymore to use the API I made.

Is there a way to protect/encrypt my entire web application?

Regards (and thanks for your help!),
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
Since your JSP files and Java classes are not accessible to the users of your web app, does this mean you distrust the folks that host your web app? In that case I'd advise to switch to a hosting environment that you do trust.

In general you cannot prevent decompilation completely, but you can obscure the code to make it much harder to make sense out of it. Something like ProGuard (on SourceForge) will do this for you. These tools let you specify which classes and/or methods it should not rename, so that the public API remains what it was before.
I agree. Here's the link:
subject: Enc./Protection of web application code (JSP/JAVA)
It's not a secret anymore!