堆栈内存溢出
  简体   繁体   English

从URL加载jar

[英]Load jar from URL

 原文  2011-06-26 02:53:33       java/ security/ url/ jar

问题描述

I've been searching for days but I have not found a clear answer. 我一直在寻找几天,但没有找到明确的答案。 How would I go about writing a small jar file to give to my users that simply gets a jar file from a URL (with multiple classes in it) and run it. 我将如何编写一个小的jar文件以提供给我的用户,该文件只是从URL(其中包含多个类)获取jar文件并运行它。 It would be great if the end user never actually has the jar on his computer at anytime. 如果最终用户从来没有真正在任何时候在计算机上安装jar,那就太好了。 I am doing this as a small security measure. 我将其作为一项小的安全措施。

3 个解决方案

解决方案1
 0  2011-06-26 03:11:35

If the user is going to execute your code, it must exist on their computer. 如果用户要执行您​​的代码,则该代码必须存在于他们的计算机上。 It's just the way it works. 这就是它的工作方式。

If you wanted to re-write your code to perform most of the work on your servers, that'd be one mechanism to combat piracy, but it does mean that you need to duplicate all the input verification checks: perform them once on the client side, for reasonable response time, and again on your own servers, to ensure that your users aren't trying to use your services improperly. 如果您想重新编写代码以在服务器上执行大部分工作,那将是打击盗版的一种机制,但这确实意味着您需要重复所有输入验证检查:在客户端上执行一次方面,以确保合理的响应时间,并在您自己的服务器上,以确保您的用户不会试图不当使用您的服务。

Another mechanism would be to run a VNC server on your servers, and ask your users to VNC in. The software executes completely on your servers. 另一种机制是在服务器上运行VNC服务器,并要求用户输入VNC。该软件在您的服务器上完全执行。 It is a draconian step though, one your users will likely detest. 但是,这是一个严苛的步骤,您的用户可能会讨厌。

解决方案2
 0  2011-06-26 03:23:36

I am not sure how you'd go about it, but I know that using Maven allows you to access things without having the jar locally. 我不确定您会怎么做,但是我知道使用Maven可以使您无需在本地使用jar即可访问事物。 You can just specify the URL. 您可以仅指定URL。 So maybe look into how they do their repositories. 因此,也许研究一下他们如何存储库。

解决方案3
 0  2011-06-26 03:29:27

Another option would be to encrypt your JAR file and write a custom class loader that decrypts it on the fly on client machines. 另一种选择是对您的JAR文件进行加密,然后编写一个自定义的类加载器,以在客户端计算机上对其进行动态解密。 This won't prevent a power user from attaching a debugger to the JVM and examining your byte code, but it prevents the typical user from having access to your code. 这不会阻止高级用户将调试器附加到JVM并检查您的字节码,但是会阻止普通用户访问您的代码。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从Jar中加载ZUL - Load ZUL from Jar 从 jar 加载库 - Load library from jar 从 jar 加载资源 - Load resources from a jar 从罐子中加载文件夹 - load a folder from a jar 从jar加载一个类 - Load a class from a jar 无法从我的jar中加载jar:NoClassDefFoundError - Unable load jar from my jar: NoClassDefFoundError JMeter-使用jar输出的URL加载测试 - JMeter - Use jar output for URL to load test 动态将jar文件加载到ClassPath-HTTPS url? - Load jar file dynamically to ClassPath - HTTPS url ? 使用JavaFx WebEngine加载本地文件并将参数添加到url。 从jar执行程序时不起作用 - Using JavaFx WebEngine to load a local file and adding parameters to the url. Not working when executing program from jar 从 Jar 中的资源加载 Java - Java Load From Reasource In Jar
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM