tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Samara, Fadi N Mr ACSIM/ASPEX" <Fadi.Sam...@hqda.army.mil>
Subject RE: Encrypting/Protecting JSP/Struts source code (UNCLASSIFIED)
Date Tue, 17 Jan 2006 15:23:18 GMT
Classification:  UNCLASSIFIED 
Caveats: NONE


Which code are you exactly trying to protect ? By struts code, I am assuimg
you mean your classes ? 

-----Original Message-----
From: Tom Burke [mailto:tom.burke@expensys.com] 
Sent: Tuesday, January 17, 2006 10:19 AM
To: Tomcat Users List
Subject: Encrypting/Protecting JSP/Struts source code

My company is has developed and is now marketing/selling a line-of-business
TSP/Tomcat application which we sell to corporate customers to runs on their
servers in their intranets.

It's suddenly become clear to my company that when we deploy a WAR on a
customers' site, the source code is completely visible to anyone who has
access to the server's drives, and this is belatedly causing some concern.
Obviously there are clauses in our license that formally protect our
intellectual property and at a corporate level we are relaxed, but my boss
is quite concerned about the delinquent administrator who simply downloads &
walks away with the code.

Is there any way in which the deployed WAR file, and all the files that
explode out of it, can be hidden/encrypted/protected on the server, while
still allowing them to be executed by Tomcat? The app is almost completely
JSP/Struts, there is hardly any HTML at all (if any in fact).

Tom Burke
Classification:  UNCLASSIFIED 
Caveats: NONE


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message