12 Replies Latest reply: May 8, 2011 6:47 PM by EJP RSS

    Protect a jar file

    758606
      how to protect a jar file so that no one can de -jar the class files from it


      please suggest..


      thanks..
        • 1. Re: Protect a jar file
          796440
          Don't distribute it. That's the only way.

          A jar file is just zip file. And if someone can't unjar it, then they can't use it.

          What makes you think you need to do this in the first place?

          Edited by: jverd on Apr 20, 2011 9:45 AM
          • 2. Re: Protect a jar file
            758606
            Then how to Distibute your Application to customers
            • 3. Re: Protect a jar file
              EJP
              In a JAR file.
              • 4. Re: Protect a jar file
                758606
                jar file cand be de- jar by them

                then how to distribute the jar file with some protection
                • 5. Re: Protect a jar file
                  EJP
                  Of course it can be de-jarred. The JVM has to get the .class files out of it. So? What are you trying to protect against?
                  • 6. Re: Protect a jar file
                    796440
                    user9950484 wrote:
                    jar file cand be de- jar by them
                    Of course. As already stated, it has to be, in order to be used.
                    then how to distribute the jar file with some protection
                    Protection against what?
                    • 7. Re: Protect a jar file
                      758606
                      that the person can't de-jar it
                      • 8. Re: Protect a jar file
                        793415
                        user9950484 wrote:
                        that the person can't de-jar it
                        Get over it. Most code is not worth decompiling. The small amount that is from a 'killer app.' can most often be reproduced by sitting a bunch of testing people in front of a legally bought version of the software to describe the inputs & outputs, then handing that information to designers who specify a design for the programmers to implement. Doing this, you could easily recreate Facebook - and likely a better version of it.

                        AFAIU, there is no country on Earth that regards that as illegal. And they will probably write a better version of the software than what you have.

                        Sell support, not software.
                        • 9. Re: Protect a jar file
                          796440
                          user9950484 wrote:
                          that the person can't de-jar it
                          That makes absolutely no sense. The JVM has to be able to read it (including "de-jarring" it) in order to use it. If it's on my computer and my JVM can read it, then so can I.

                          And again, why? What harm comes to you if somebody reads your jar file? Do you have something so wonderful and secret in there that everybody will want it and nobody could possibly create it themselves?
                          • 10. Re: Protect a jar file
                            EJP
                            that the person can't de-jar it
                            You can't protect against that. Youve been told that. And it doesn't answer the question. What harm is going to result if the person de-jars it?
                            • 11. Re: Protect a jar file
                              796440
                              EJP wrote:
                              that the person can't de-jar it
                              You can't protect against that. Youve been told that. And it doesn't answer the question. What harm is going to result if the person de-jars it?
                              Man, what is it with people that, "+Why+ are you trying to do this?" is such an unanswerable question? It really makes no sense to me. The only thing I can think of is that they know deep down that if they explain why, they'll have to admit that their approach is wrong, so they just stick their heads in the sand and keep plowing forward.
                              • 12. Re: Protect a jar file
                                EJP
                                Or alternatively they don't know why, and are too afraid to ask. I think a lot of these people only ask questions on forums, not of their colleagues or managers. Also they may be afraid of finding out because it will mean a discussion with a colleague or superior that again they're too afraid to have. They'd rather keep their heads down and deliver the wrong answer as instructed. Easy to be 'brave' on a forum, hiding behind a pseudonym, and easy to come up with solutions that way that make you look better than you really are. Not so easy to act like a professional.

                                I'm reminded of a former colleague who used to go around announcing he'd just 'realized' something after he had had a secret discussion with me. Didn't get him very far when I wasn't around.

                                Cultural things at work here too I suspect. Aussies and Americans and British don't mind arguing all day & laughing about it afterwards over a beer. Others' mileage seems to vary ;-)