Thanks to all who responded to this request yesterday. I'm now a lot
clearer about what we are distributing, and what measures it's sensible
for us to take. We have decided to obfuscate the .classes files as they
are produced, and not worry about the jsp files: it's the java code (the
.classes
Rob Gregory wrote:
Good comments, but how would you encrypt the config files when Struts needs
these to run out code (hence before I can decrypt). While I personally
prefer Cocoon over struts these are pretty much 'Sister' projects so the
same solution would help me also.
This is a valid qu
--Original Message-
From: Nikola Milutinovic [mailto:[EMAIL PROTECTED]
Sent: 17 January 2006 21:28
To: Tomcat Users List
Subject: Re: Encrypting/Protecting JSP/Struts source code (UNCLASSIFIED)
Samara, Fadi N Mr ACSIM/ASPEX wrote:
>Classification: UNCLASSIFIED
>Caveats: NONE
>--
Samara, Fadi N Mr ACSIM/ASPEX wrote:
Classification: UNCLASSIFIED
Caveats: NONE
-Original Message-
From: Tom Burke [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 17, 2006 10:19 AM
To: Tomcat Users List
Subject: Encrypting/Protecting JSP/Struts source code
My company is has develop
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Caldarale, Charles R wrote:
> Read up on servlets and JSPs on the Sun web site (or Google).
> Simplisticaly, servlets are the class files that contain compiled Java
> code for processing client requests. Normally, JSPs are turned into
> servlets
> From: Tom Burke [mailto:[EMAIL PROTECTED]
> Subject: Re: Encrypting/Protecting JSP/Struts source code
>
> what's the file extension of a compiled servlet?
.jsp -> .java -> .class
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATER
t: Tuesday, January 17, 2006 3:43 PM
Subject: RE: Encrypting/Protecting JSP/Struts source code
From: Tom Burke [mailto:[EMAIL PROTECTED]
Subject: Re: Encrypting/Protecting JSP/Struts source code
Well, the JSPs are among the things I am referring to. Showing my
ignorance, is a 'pre-compiled
Tom Burke wrote:
Is there any way in which the deployed WAR file, and all the files that explode
out of it, can be hidden/encrypted/protected on the server, while still
allowing them to be executed by Tomcat? The app is almost completely
JSP/Struts, there is hardly any HTML at all (if any in
nt: Tuesday, January 17, 2006 3:25 PM
Subject: RE: Encrypting/Protecting JSP/Struts source code
From: Tom Burke [mailto:[EMAIL PROTECTED]
Subject: Encrypting/Protecting JSP/Struts source code
It's suddenly become clear to my company that when we deploy
a WAR on a customers' site, the so
> From: Tom Burke [mailto:[EMAIL PROTECTED]
> Subject: Re: Encrypting/Protecting JSP/Struts source code
>
> Well, the JSPs are among the things I am referring to. Showing my
> ignorance, is a 'pre-compiled' file a binary file? And how would we
> deploy these onto a
uary 17, 2006 3:25 PM
Subject: RE: Encrypting/Protecting JSP/Struts source code
From: Tom Burke [mailto:[EMAIL PROTECTED]
Subject: Encrypting/Protecting JSP/Struts source code
It's suddenly become clear to my company that when we deploy
a WAR on a customers' site, the source code is comp
> From: Tom Burke [mailto:[EMAIL PROTECTED]
> Subject: Encrypting/Protecting JSP/Struts source code
>
> It's suddenly become clear to my company that when we deploy
> a WAR on a customers' site, the source code is completely
> visible to anyone who has access to the server's drives, and
> this
Classification: UNCLASSIFIED
Caveats: NONE
Which code are you exactly trying to protect ? By struts code, I am assuimg
you mean your classes ?
-Original Message-
From: Tom Burke [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 17, 2006 10:19 AM
To: Tomcat Users List
Subject: Encrypti
13 matches
Mail list logo
