cayenne-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Boyle <abo...@valsphere.com>
Subject Re: Code obfuscation and the model
Date Mon, 06 Jun 2016 15:34:07 GMT
More than likely we want to obfuscate both client and server. Our current thinking is to use
concepts in the Modeler jar file to load the XML, perform the renames (via the event structure
you have in there), save a separate model xml file, then figure out how to incorporate it
into our project all as part of specific build goals when we want to build a production set
of artifacts. Once the obfuscated xml is generated we should be able to remap references to
the DAOs using existing tools such as those used as part of the process to decompile/deobfuscate
the Minecraft jar file using the Forge Mod Development Kit, something that we have some experience
with.


If we come up with a working solution, we may be able to incorporate it into the existing
cayenne maven plugin or make a new plugin with just that purpose, so we'll let you know what
we come up with, although it may only be a subset of a full obfuscation solution as there
are some object types we aren't using such as Embeddables and Queries (so far).


Semi-related question: does the client need to include the model xml in its jar, or does only
the server need the xml since only the server actually talks to the DB?


-Adam

________________________________
From: Andrus Adamchik <andrus@objectstyle.org>
Sent: Monday, June 6, 2016 9:16:28 AM
To: user@cayenne.apache.org
Subject: Re: Code obfuscation and the model

I don't have any real life examples, but maybe we can brainstorm something.

Are you obfuscating just the client, or the server as well?

Andrus

> On Jun 3, 2016, at 9:15 PM, Adam Boyle <aboyle@valsphere.com> wrote:
>
> Have any of you ever had to tackle the problem of obfuscating a project that uses Cayenne?
I'm looking to find a way to be able to obfuscate a Cayenne ROP project and I'm hoping that
we're not the first to attempt this.
>
>
> Our thinking is that we would write a utility/maven plugin to obfuscate the project XML,
generate the classes/DB, use a custom remapping utility to fix up any code references, then
use Proguard/whatever to obfuscate the remaining code.
>
>
> Thanks in advance for any advice you can provide!
>
> -Adam


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message