5 Replies Latest reply: Jul 12, 2012 8:47 AM by gimbal2 RSS

    .ear deployment file security

      Hello All,

      i have been trying to find all day long a way to secure my .ear file from modifications made by third parties...
      My product is packaged as an .ear file which i send for deployment to other administrators. What i am looking for is a way to "sign" my version of .ear versus the deployed version of .ear to be sure that no modification has been mafe to my code... Anybody knowing any tool that provides that kind of functionality would be very helpful!

        • 1. Re: .ear deployment file security
          An ear is just a zip file. If you want to know stuff about zip files, ask Google.

          But it seems to me like you want to generate a checksum which you should keep safe. Then if you later generate the checksum again and it is different from the original, you know the file has been tampered with.
          • 2. Re: .ear deployment file security
            Thanx for your answer,
            the thing is that i want my application server to immediately stop working when the .ear file contents have changed...
            So i want it to be done automatically without me having to perform the check.
            I am using websphere and i havent still figured out a way to do that.
            • 3. Re: .ear deployment file security
              The application server won't stop working; at best you could make the application stop working.

              But I have no experience with Websphere, perhaps it has specialized security measures. Only one one way to find out: read the manual or if that doesn't prove fruitful - go to the forums on the IBM website.
              • 4. Re: .ear deployment file security
                It sounds like you are trying to make some sort of DRM. unfortunately, there is no way to make something like that which is actually secure (as various companies learn time and time again). you can do various things to make it difficult, but at the end of the day, if someone else has your ear and they want to modify it and run it on their computer, there's nothing you can do to stop them.
                • 5. Re: .ear deployment file security
                  Oh dear, there we go again ;) "But I must!". "But you can't". "But I must!" etc. etc.