Loading...
Important Notice - Forums is archived

To simplify things and help our users to be more productive, we have archived the current forum and focus our efforts on helping developers on Stack Overflow. You can post new questions on Stack Overflow or join our Discord channel.

Product icon
TUTORIAL

Vaadin lets you build secure, UX-first PWAs entirely in Java.
Free ebook & tutorial.

WAR Obfuscation / Code Protection

Mic Math
4 years ago Jul 19, 2018 10:12pm
Tatu Lund
4 years ago Jul 20, 2018 3:42pm

Generally, this is not about Vaadin, but Java run environment. Attempt to obfuscate or encrypt Java bytecode is really extreme measure. My assumption is that almost nobody does it, since typically there are enough roadblocks before getting access to WAR file in production and there is performance impacts etc. In theory obfuscating or encrypting Java classes is possible. That will require writing custom class loader (which is not straightforward) or use 3rd party implementation (if you dare), doing rigorous testing that your custom class loader is no worse than standard one, etc. And if that attempt is successful, Vaadin will know nothing about it, it will just run in that environment normally.

https://stackoverflow.com/questions/4257027/how-can-you-protect-encrypt-your-java-classes

https://www.owasp.org/index.php/Bytecode_obfuscation

Mic Math
4 years ago Jul 20, 2018 4:36pm
Tatu Lund
4 years ago Jul 20, 2018 4:49pm