tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kranti™ K K Parisa <kranti.par...@gmail.com>
Subject Re: War file encryption
Date Wed, 20 Jan 2010 13:48:32 GMT
Hi Peter,

Thanks for the reply and could you please give me the url of that software,
if possible. I shall take a look at that.

Best Regards,
Kranti K K Parisa



On Wed, Jan 20, 2010 at 7:03 PM, Peter Crowther <peter.crowther@melandra.com
> wrote:

> If you control the servers on which the code is being deployed, you should
> probably be taking other steps than encryption.
>
> If you *don't* control the servers, you cannot stop someone decrypting your
> code - sooner or later, it will have to be decrypted for Tomcat to use it.
> Therefore you will have to give those servers the key to decrypt the code.
>
> Javascript that will be sent to a browser is always available "in the
> clear", as the browser must be able to use it.  You should assume that if a
> stream of bytes ever gets served out of a web server, it's gone out of the
> server's control and could be copied.
>
> However, you can still sort-of protect your code.  At least one company has
> posted here that they have a Java compiler that compiles Tomcat + webapps +
> JVM to one big native code executable.  You *could* buy a license to that
> technology and use it.  I assume it's not cheap.
>
> - Peter
>
> 2010/1/20 Kranti™ K K Parisa <kranti.parisa@gmail.com>
>
> > Hi,
> >
> > Is there any way that we could encrypt the war file that is getting
> > deployed
> > into tomcat?
> >
> > or can we make war files or jar files as native code files like dll files
> > or
> > so.
> >
> > the objective is to safe guard the code inside the war file (javascript,
> > jsp, .class files)..etc
> >
> >
> > Best Regards,
> > Kranti K K Parisa
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message