如何从javascript调用.jar文件中的Java方法?
[英]How to call java methods in a .jar file from javascript?
问题描述
I know there are many similar questions on the internet but none of them could solve my doubt. 
我知道互联网上有很多类似的问题,但是没有一个可以解决我的疑问。 So pardon me. 所以,请原谅我。 About my project. 关于我的项目。 I have a java file or program that takes a string , encrypts it and then returns the encrypted string to me. 我有一个采用字符串的Java文件或程序,将其加密,然后将加密的字符串返回给我。
I want to include or keep this java file (.jar file) on the webpage or the client-side. 我想在网页或客户端上包含或保留此java文件(.jar文件)。 Now I know that we can upload this java program on server side and then easily communicate with it instead of calling keeping it on client-side which most people consider a bad practice. 现在,我知道我们可以在服务器端上载此Java程序,然后轻松地与它进行通信,而不是将其保存在客户端上,而大多数人认为这是不好的做法。
But my purpose of keeping this jar file on the client side is that JavaScript code for encryption can be easily seen if we inspect element, so compared to it .jar file is more secure and one cannot see underlying encryption code and also if in case the there is network loss then instead of typing the entire string again and getting it encrypted again from the server, I want to save that string in such situation, get it encrypted from the jar file on the client-side so that once network problem is solved I don't need to retype whole message again and then I can directly send the message or the string to the other end or to other user on the network. 但是我将这个jar文件保留在客户端的目的是,如果我们检查一下元素,就可以很容易地看到用于加密的JavaScript代码,因此与.jar文件相比,它更安全,无法看到底层的加密代码,并且如果有网络丢失,那么我不想保存整个字符串,而不必再次输入整个字符串,而是想在这种情况下保存该字符串,然后从客户端的jar文件中对其进行加密,以便一旦解决了网络问题我不需要再次输入整个消息,然后可以将消息或字符串直接发送到另一端或网络上的其他用户。
So for this I need help regarding how can I store my .jar file on webpage or client-side and then how to call methods from the .jar file using JavaScript. 因此,为此,我需要有关如何将.jar文件存储在网页或客户端上以及如何使用JavaScript从.jar文件中调用方法的帮助。 I know applets are deprecated, chrome does not support java. 我知道小程序已弃用,Chrome不支持Java。 I have also seen some examples on internet like https://docs.oracle.com/javase/tutorial/deployment/applet/invokingAppletMethodsFromJavaScript.html but Its not working properly for me. 我还在互联网上看到了一些示例,例如https://docs.oracle.com/javase/tutorial/deployment/applet/invokingAppletMethodsFromJavaScript.html,但它对我而言无法正常工作。
So I am in search of some ideal method by which I can first of all include or upload .jar file on client-side and then a method by which I can call java methods from .jar file using JavaScript. 因此,我正在寻找一种理想的方法,通过该方法,我可以首先在客户端上包含或上载.jar文件,然后寻找一种可以使用JavaScript从.jar文件中调用Java方法的方法。 Please help... My earnest request...! 请帮助...我的恳切要求...!
3 个解决方案
解决方案1
0 2016-10-19 07:21:39
JavaScript code for encryption can be easily seen if we inspect element
I'm assuming you mean embedded Javascript here. 我假设您的意思是嵌入式Javascript。 Because you can refer to an external JS files which are located on the web server, not the client machine. 因为您可以引用位于Web服务器而不是客户端计算机上的外部JS文件。
The browser may cache your script file somewhere locally but if one were bothered enough to dig it up, he might as well decompile your jar file which is much more easier. 浏览器可能会将您的脚本文件缓存在本地某个地方,但是如果麻烦到足以将其挖掘的话,他也可能会反编译您的jar文件,这更加容易。
解决方案2
0 2016-10-19 07:35:33
- Java can easily be decompiled. Java可以很容易地反编译。 A jar file on the client will not be more secure than client-side JavaScript. 客户端上的jar文件不会比客户端JavaScript更安全。
- An encryption method that is compromised by looking at its code is not secure. 通过查看其代码而受损的加密方法是不安全的。
解决方案3
0 2016-10-19 07:45:30
You seem to have many misconceptions... here are some facts for you to consider: 您似乎有很多误解...以下是一些要考虑的事实:
A JAR file (as either an application, WebStart or applet) running on client-side is NOT secure.
在客户端运行的JAR文件(作为应用程序,WebStart或applet)不安全。 If it runs on my computer, I can do anything I want. 如果它在我的计算机上运行,我可以做任何我想做的事情。 I can download the JAR file and decompile it. 我可以下载JAR文件并对其进行反编译。 It's no better than JavaScript in this regard, it just takes slightly more effort and knowledge. 在这方面,它并没有比JavaScript更好,只是需要更多的精力和知识。 To protect data between client and server, you can simply use HTTPS and POST the data from web page to your server.
为了保护客户端和服务器之间的数据,您可以简单地使用HTTPS并将POST数据从网页发布到服务器。 If client is encrypting data to you, there should be nothing to hide about the encryption process.
如果客户端正在向您加密数据,则加密过程应该没有什么可隐藏的。 The client generates a session key to encrypt the data, then wrap that session key by your server's public key. 客户端生成一个会话密钥来加密数据,然后用服务器的公共密钥包装该会话密钥。 Then client send both encrypted data and wrapped session key to your server. 然后,客户端将加密的数据和包装的会话密钥发送到您的服务器。 Read more about Public Key Infrastructure (PKI): https://en.wikipedia.org/wiki/Public_key_infrastructure 阅读有关公钥基础结构(PKI)的更多信息: https : //en.wikipedia.org/wiki/Public_key_infrastructure By default a Java applet/WebStart is not granted access to disk.
默认情况下,不授予Java applet / WebStart访问磁盘的权限。 You must sign it to write data to disk, and user/security policies can still deny granting those access rights. 您必须对其进行签名才能将数据写入磁盘,并且用户/安全策略仍然可以拒绝授予这些访问权限。 ( Applet - Unable to write file ) ( 小程序-无法写入文件 ) As you are aware of it, applet/WebStart is dying because of browsers rejecting plugins.
如您所知,由于浏览器拒绝插件,applet / WebStart濒临死亡。 There's Web Cryptography API (it's not mature, and there's no hardware support), you can try that instead. 有Web加密API(尚不成熟,并且没有硬件支持),您可以尝试使用它。 https://www.w3.org/TR/WebCryptoAPI/ https://www.w3.org/TR/WebCryptoAPI/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.