security - protect Java Application by licence or key -


i want make desktop application runs on machines have key or licence. how can achieved?

this depends entirely on how secure want make it...

the problem java can reverse compile it. if wanted to, download software, reverse compile it, , remove whatever security have put in place (and redistribute if wanted).

this problem if plan on going mass market , selling , piracy problem though.

if you're not concerned this, can either go online, or offline checking.

the company work uses online method; there few steps:

edit: i've since changed how works, old way maintenance nightmare.

  1. a license file
    • (this can contain whatever want in reality, has unique per user. people go general garb;
    • name
    • company
    • email
    • and key. i.e. jdu8-ajs9-88df-sasf-asf9 kind of thing see.
  2. the program generates hash license file.
    1. put data license file string
    2. pass string hashing function this page can show how.
  3. have program check online (on server). data gets encoded in html request (post/get/json/whatever want) , submitted licence verification page, verifies data. included in data randomly generated string, used verification page generate password. returned program, has used random string generate it's own password. if 2 match, program starts up.

to generate keys, use same hasing function, , upload hash server.

if want offline, include hashes in code guess, , check against them there.

i should point out however, i'm not security expert means, develop company portion of phd , how did it.

edit: image might helpful:

enter image description here

second edit:

i have included "offline verification" in process. it's not offline verification, uses user proxy - need access internet way.

it works this:

  1. no internet connection found: supply user 4 digit code
  2. user goes offline verification page (optimised mobile use too)
  3. user selects software use dropdown list
  4. user enteres username (this field remembers entries)
  5. user enters code program gave them , submits
  6. webpage provides 4 digit code, enter program, , starts.
  7. program adds special data licence file meaning process won't need repeated next week/month/however long.

every time program succesfully verifies online, adds offline access password licence file, means it's robust against temporary internet downtime, , stop working if internet down more week/month/however long it's set work for.


Comments

Post a Comment

Popular posts from this blog

java - Play! framework 2.0: How to display multiple image? -

i need display gallery of photos. here template: @(photos: list[photo]) @title = { <bold>gallery</bold> } @main(title,"photo"){ <ul class="thumbnails"> @for(photo <- photos) { <li class="span3"> <a href="#" class="thumbnail"> <img src="@photo.path" alt=""> </a> </li> } </ul> } and here controller method: public static result getphotos() { return ok(views.html.photo.gallery.render(photo.get())); } and here photo bean : @entity public class photo extends model { @id public long id; @required public string label; public string path; public photo(string path, string label) { this.path = path; this.label = label; } private static finder<long, photo> find = new finder<long, photo>( long.class, photo.class); public static list<phot...
Read more

gmail - Is there any documentation for read-only access to the Google Contacts API? -

i want read-only access user's google contacts. there stackoverflow member wanted this, , received following answer : yes, there is, use https://www.googleapis.com/auth/contacts.readonly scope , "view contacts". this exchange reference read-only access google contacts can find using google. simply using access token obtained attempt read usual google contacts api (i.e. https://www.google.com/m8/feeds ) fails insufficient permissions. similarly, using google contacts api on new target fails 404 errors (for example https://www.googleapis.com/auth/contacts.readonly/default/full ). is there documentation anywhere on how use api, or permissible way access google contacts api full read-write access?
Read more

php - Controller/JToolBar not working in Joomla 2.5 -

relevant code: jtoolbarhelper::custom('savecategories', 'save', '', 'save', false, false); ... <input type="hidden" name="controller" value="easyblogcontroller"> according can dig docs , own previous questions, should call savecategories() function in easyblogcontroller . i've tried setting value easyblog , easyblog.php (file name) current easyblogcontroller (class name). clicking on save button refreshes page. not redirect, echo or var_dump test code put in savecategories() function. var_dump ing jrequest::getvar('controller') , 'task' return correct values. creating controller object , using $controller->execute('task'); works. the values going depend on location of controller trying call, , have couple options here. typically there controller in base folder of component (likely components/com_easyblog) in file called controller.php , class name inside ...
Read more