Background: If you want to gíve customers your application (e.g. for a demo, proof-of-concept, discussion) you habe to include source code, everybody can see as plain text. If one of your customer has evil intensions he can look at all interna of your application, e.g. XSL-stylesheets, SVG data, the sitemap or XML files with private data.
Idea: Protect some files from read directly from the file system. When running Cocoon, it should decrypt those files without having to change any code of the Java apps (Cocoon, Tomcat, Jetty, whatever). Solution: To do so, you can replace the java.io.FileInputStream class with one you can easily extend. E.g. via looking for the file extension and if it's ".xmap" decrypt the file. You can easily crypt those files before building the demo. The problem is that java.io.FileInputStream uses native methods so that you cannot change the file directly. But you can write your own WrappedFileInputStream which uses it's own native methods. The shared library acts like a wrapper, so calling "WrappedFileInputStream.open()" will forward the call to "FileInputStream.open()". If you've done that, your own FileInputStream can extend WrappedFileInputStream and decrypt files as needed. You can then use -Xbootclasspath to replace the JDK's FileInputStream with your version. I've done so with Jetty, Cocoon, J2SE 1.4.2 on Win32 and it worked. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]