On Thu, Nov 11, 2004 at 03:08:43PM +0800, Koon Yue Lam wrote: : Now I DON'T want my client browse my JSPs, servlets and database : structure etc ...... : : I want the entire webapp (and database) deployed only by me and not by others. : : Is there any methods that I can secure my webapp to ensure my client : won't deploy it to somewhere else by someone else??
Are you giving the finished product (say, a WAR file) to the client? Then there's not a lot you can do from a technology standpoint. You could precompile your JSPs, remove them from the WAR, then obfuscate all of the classes; but the database schema will still be wide-open for viewing if it is setup on one of the client's servers. You do have some legal options, though. Consult with an attorney, have them draft a contract -- essentially, a license agreement -- for the clients to sign *before* you deliver the product. Make sure it is clearly stated what the clients can do with the product, and what are the penalties if anyone goes outside of the lines. (The "don't reverse-engineer this product" clause has been standard in software for quite a while.) You'd have a hell of a time catching someone in the act, this is true; but this is a risk you take when the software will be run outside of your control. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]