Skip to main content

How to secure my jars from outside access

2 replies [Last post]
doitifucan
Offline
Joined: 2009-12-09
Points: 0

Hi,

I am developing a swing application which is to be distributed to my client machines through webstart.

the application jars(dependent jars) are placed under Context as below structure

Context/
xyz.jnlp
lib/
one.jar
two.jar
app.jar

the application is getting deployed to my client desktops successfully and getting
updated.

The issue is the jars(one.jar,two.jar,app.jar) are also can be accessible through web url http://host:port/Context/lib/one.jar.

How to control/restrict access to the resources directly.

Like how to secure my code on server from direct access.

Thanks & Regards

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
ravn
Offline
Joined: 2003-07-21
Points: 0

Java Web Start needs to download the files so you must make them available to the outside world.

If you REALLY want to do this, then consider filtering on the user agent trying to download. I would recommend against it, as the Java Web Start specification does not mention anything about what user agent the downloading process will use. Also this is most likely JVM specific.

page80
Offline
Joined: 2009-11-24
Points: 0

Have you thought of packaging the jars together?