Results 1 to 2 of 2
Thread: Secure applets
- 11-23-2010, 04:18 PM #1
Does someone know how I can secure my applets?
When I've create a "great" program-applet and I wanna show it on the internet, but I won't someone can visit the .class files.
My question again:
Does someone how I can put my applet-file on the internet without that someone can visit the .class files.
- 11-27-2010, 02:34 AM #2
i guess you can try to create a custom url class loader that fetches the class files in a non obvious way from your server where they are hosted. for example, instead of a folder containing jar files that is directly invokable with a GET HTTP request from a web browser, create a servlet that reqires some kind of custom authentication and a POST request or something. Where your custom class loader would invoke this kind of extra steps to get the content from the servlet.
Nothing is ever completely fool proof here, if someone really really wanted to get the application code, they would be able to eventually learn how the class loader works.
Another approach might be to obfuscate your code. where all of the compiled class files would be available for anyone to download, but they would be not obvious as to what they are doing anymore.
A third option might be to rearchitect the applet so that instead of needing to have class files visible at all for download to run in the applet, to create a kind of service oriented mechanism where the applet makes a web service kind of call out to a server that has a receiver servlet to listen to these service requests, and the services invoke your super special application code. this way the application logic is split into two tiers, the client applet class files we give away, and the server side you control and maintain and never give away. The obvious problem here is the induced latencies from needing to make web service calls, and your infrastructure needing to be able to handle as many users of the applet you expect there to be, and having your site always up in a fixed URL.
So the best bet is to probably try to obfuscate your codes.
- By Rabrg in forum Advanced JavaReplies: 27Last Post: 09-10-2010, 10:04 AM
- By siva_vs_siva in forum New To JavaReplies: 11Last Post: 09-08-2010, 12:57 PM
- By makpandian in forum New To JavaReplies: 4Last Post: 06-26-2009, 05:22 AM
- By Java Tip in forum Java SoftwareReplies: 0Last Post: 07-23-2008, 02:56 PM
- By Java Tip in forum Java SoftwareReplies: 0Last Post: 04-29-2008, 07:05 PM