Keeping my applet from being downloaded
Hello. I have a question. In order to put an applet in my web page, I have to link to my applet. This works great for normal people viewing my page, and they can use my applet just fine. However, I don't like the idea of people being able to look at the source code, get the link to the applet location, enter it into their browser, and then download my jar file because then they can hack into the jar, decompile, and steal my code (not that it is worth stealing, but still). How can I keep people from being able to download my jar file? My guess is to have the applet some kind of folder options that only allow web-server be able to access it if that is possible. I tried messing with the folder security settings but either the jar was still able to downloaded by entering the link in the browser, or the jar file wasn't able to be read by the web-server. Please help me out. Thank you.
Applets run client-side, so you have no choice but for it to be available. Any intellectual property that is made available is vulnerable. It's not limited to Java, or even to software
Code obfuscators can help. But that would only rename the methods and fields and stuff, such that it makes the decompiled code hard to read. Anyone determined enough would figure it out.
But you should honestly ask yourself one question: Would someone really bother? Cuz it many cases, the answer is no. Except maybe for learning reasons, and not so much for theft.
Of course, certainly hackers could look for vulnerabilities in your website via your applet code, depending on what your applet does. Which is probably why most banks don't provide applet interfaces to their systems. But then again, a properly secure system would be able to publish the applet code without fear of it being hacked into.
You should absolutely not include the source itself in the compiled jar file. But otherwise, you can't hide the jar files or class files... Unless you don't want people to see the applet... in which case, don't waste time creating said applet in the first place and go fishing instead.
