My company is has developed and is now marketing/selling a line-of-business TSP/Tomcat application which we sell to corporate customers to runs on their servers in their intranets.
It's suddenly become clear to my company that when we deploy a WAR on a customers' site, the source code is completely visible to anyone who has access to the server's drives, and this is belatedly causing some concern. Obviously there are clauses in our license that formally protect our intellectual property and at a corporate level we are relaxed, but my boss is quite concerned about the delinquent administrator who simply downloads & walks away with the code. Is there any way in which the deployed WAR file, and all the files that explode out of it, can be hidden/encrypted/protected on the server, while still allowing them to be executed by Tomcat? The app is almost completely JSP/Struts, there is hardly any HTML at all (if any in fact). Tom Burke
