Are you distributing the WAR file to your customer, or does your customer just run the app on your server?
In the former case, the only way to do this would be to modify the customer's servlet container; something they would be very unlikely to let you do. In the latter case, the user can't download the classes anyway (everything in /WEB-INF is protected from being accessed by the client), so you don't need to worry about it. Personally, the absolute most I would ever do if I were worried about decompiling is to run a code obfuscator -- but I believe that in most cases there are much more important things to be worried about than fear that someone is going to steal all your ideas by decompiling the classes. Craig PS: Of course, even if you could convince your customer to let you modify their container in this way, and even if the customer was willing to run the app only on a server connected to the Internet so they could download the "real" JAR file, nothing is going to stop the user from accessing the JAR file directly and decompiling it if they want to :-). On Mon, 13 Sep 2004 08:31:52 -0700, G Q <[EMAIL PROTECTED]> wrote: > Hi, > > This might be OT but I would appreciate any help. > > The scenario I have is as follows: > The application jar file is located on a remote server. When tomcat > starts up, I would like to make a URL connection to the remote server > and download the latest jar file and use that instead of actually > placing the jar file in the WEB-INF/lib/ directory or distribute it via the war. > > This way, I believe I would be preventing the class files being > decompiled and also if there are any updates to the jar, there will be > a central location for updates. > > Question: > 1. How do other people implement this? > 2. Can I extend the webappclassloader and implement this functionality? > > Would appreciate any url or article or help on this topic. > > thanks. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
