Um... Why would you obfuscate a web app? If an attacker has enough access to
your server to read your JAR files, you've already got way worse problems than
having the user decompile your app...
Anyway, Stripes uses Reflection quite heavily and depends on the method and
field names to be the same at runtime. So probably obfuscation is breaking that
somehow, so you'll just need to ensure that none of the critical field names
are changed. Also check that none of the class names you refer to in web.xml
or in any config files are obfuscated.
/Janne
On 25 Nov 2011, at 10:26, Sylvain Brejeon wrote:
> Hi all,
>
> I'm trying to do some code obfuscation using http://proguard.sourceforge.net/.
> And pretty much all my classes are obfuscated except for a package where all
> the Stripes related classes are (extensions and actionbeans).
> My webapp starts up normally. I don't see any errors in log files etc...
> My extensions seem to work. I've got an interceptor, an actionbeancontext and
> a name resolver for removing .action for url bindings.
> I do have a common ActionBean class where the DefaultHandler resides.
> Without obfuscation everything is setup just fine and works.
> But with it, I see that strange problem where the requests all fall back on
> the DefaultHandler instead of my events in my action beans.
> At this point I have no idea why it behaves like that.
> I would like to know if you guys have experimented something similar or have
> some good pieces of advice.
> Thanks for your help
> Regards
> sbrejeon
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure
> contains a definitive record of customers, application performance,
> security threats, fraudulent activity, and more. Splunk takes this
> data and makes sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-novd2d_______________________________________________
> Stripes-users mailing list
> Stripes-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/stripes-users
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users
