Weblogic ldap security realm source code..

Hi,
The LDAPv2 security realm that is provided with weblogic 6.1 is great but I
need to make several extensions to allow for the way our ldap tree is
structured. Is there any chance that I can get the source code from weblogic
so that I can extend it ?
thx,
B

What's the use of following if BEA start sending the code to the end users
* @author Copyright (c) 1998 by WebLogic, Inc. All Rights Reserved.
* @author Copyright (c) 1998-2001 by BEA Systems, Inc. All Rights Reserved.
-utpal
"Bidisha Das" <[email protected]> wrote in message
news:[email protected]..
Hi,
The LDAPv2 security realm that is provided with weblogic 6.1 is great butI
need to make several extensions to allow for the way our ldap tree is
structured. Is there any chance that I can get the source code fromweblogic
so that I can extend it ?
thx,
B

Similar Messages

LDAP Security Realm

Using Weblogic 7.0 I have an LDAP security realm setup with the LDAP URL admins
user name and password. I want to be able to interface this connection to access
the LDAP and make changes to user information within in the ldap. Right now in
my code I make a connection to the LDAP and supply the same user name and password
set up in the LDAP security realm. I want to be able to rather then re-supply
the URL and user name and password in my code I want to be able to just get that
(or create a connection simil;ar to a jdbc connection pool) connection to the
LDAP that configured in the Security Realm. Is this possible? And how would I
go about it if so?
Thanks
Sjb

the LDAPConnection pool which is used WLS Realm is not accessible to public
for programming.
thanks
kiran
"Sjb" <[email protected]> wrote in message
news:3f5744c1$[email protected]..
>
Using Weblogic 7.0 I have an LDAP security realm setup with the LDAP URLadmins
user name and password. I want to be able to interface this connection toaccess
the LDAP and make changes to user information within in the ldap. Rightnow in
my code I make a connection to the LDAP and supply the same user name andpassword
set up in the LDAP security realm. I want to be able to rather thenre-supply
the URL and user name and password in my code I want to be able to justget that
(or create a connection simil;ar to a jdbc connection pool) connection tothe
LDAP that configured in the Security Realm. Is this possible? And howwould I
go about it if so?
Thanks
Sjb

How to list all users present in Default Autheticator in WebLogic Security Realm

Hi All,
I need to get a list of all the users in my Weblogic server--> security realm--> Default Authenticator
There are more than 1000 users present in my security realm for different different Authentication Providers. So I can not get these details from WebLogic Admin Console.
Can anyone please help me in getting this list of all users in Default Authenticator? Please let me know how can I get these details.
My WebLogic version is 10.3.4.0
Thanks in Advance!

You can use JMX to list users
http://weblogic-wonders.com/weblogic/2010/11/10/list-users-and-groups-in-weblogic-using-jmx/

Novell ldap api source code

Where can I found the novell ldap api's source code?
It contains com.novell.ldap package and some other ones.
Thanks.

Look around on your hard drive for src.jar or src.zip.
Where it is varies depending on what version you have and how you installed it, but
C:\JDK1.4.2_01\src.zip
might help.

Exception while navigating security realms in WLST

The following WLST commands throw a ScriptException
cd('/')
cd('SecurityConfiguration/mydomain/weblogic.management.security.Realm')
ls() # output: drw- Security:Name=myrealm
debug()
cd('myrealm')
Output on WLST console:
wls:/DekaNet/config/SecurityConfiguration/mydomain/weblogic.management.security.Realm>
cd('myrealm')
cd : Browsing to myrealm from weblogic.management.security.Realm
cd : Handling commo instance with name myrealm
Traceback (innermost last):
File "<input>", line 1, in ?
File "<iostream>", line 82, in cd
WLSTException: 'Error occured while performing cd : Exception while handling security
instance.. Use dumpStack() to view the error stack trace'
wls:/DekaNet/config/SecurityConfiguration/DekaNet/weblogic.management.security.Realm>
dumpStack()
weblogic.management.scripting.ScriptException: Error occured while performing
cd : Attribute myrealm Not found. Use dumpStack() to view the error stack trace
at weblogic.management.scripting.ExceptionHandler.handleException(ExceptionHandler.java:24)
at weblogic.management.scripting.BrowseHandler.handleCommoType(BrowseHandler.java:1287)
at weblogic.management.scripting.BrowseHandler.regularPush(BrowseHandler.java:631)
at weblogic.management.scripting.BrowseHandler.cd(BrowseHandler.java:1607)
at weblogic.management.scripting.WLScriptContext.cd(WLScriptContext.java:348)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java)
at org.python.core.PyMethod.__call__(PyMethod.java)
at org.python.core.PyObject.__call__(PyObject.java)
at org.python.core.PyObject.invoke(PyObject.java)
at org.python.pycode._pyx0.cd$3(<iostream>:74)
at org.python.pycode._pyx0.call_function(<iostream>)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyFunction.__call__(PyFunction.java)
at org.python.pycode._pyx15.f$0(<input>:1)
at org.python.pycode._pyx15.call_function(<input>)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyCode.call(PyCode.java)
at org.python.core.Py.runCode(Py.java)
at org.python.core.Py.exec(Py.java)
at org.python.util.PythonInterpreter.exec(PythonInterpreter.java)
at org.python.util.InteractiveInterpreter.runcode(InteractiveInterpreter.java)
at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpreter.java)
at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpreter.java)
at weblogic.WLST.main(WLST.java:101)
weblogic.management.scripting.ScriptException: Error occured while performing
cd : Attribute myrealm Not found. Use dumpStack() to view the error stack trace

Torsten,
You should do,
cd("Security:Name=myrealm")
Thanks,
-satya
Torsten Juergeleit wrote:
The following WLST commands throw a ScriptException
cd('/')
cd('SecurityConfiguration/mydomain/weblogic.management.security.Realm')
ls() # output: drw- Security:Name=myrealm
debug()
cd('myrealm')
Output on WLST console:
wls:/DekaNet/config/SecurityConfiguration/mydomain/weblogic.management.security.Realm>
cd('myrealm')
cd : Browsing to myrealm from weblogic.management.security.Realm
cd : Handling commo instance with name myrealm
Traceback (innermost last):
File "<input>", line 1, in ?
File "<iostream>", line 82, in cd
WLSTException: 'Error occured while performing cd : Exception while handling security
instance.. Use dumpStack() to view the error stack trace'
wls:/DekaNet/config/SecurityConfiguration/DekaNet/weblogic.management.security.Realm>
dumpStack()
weblogic.management.scripting.ScriptException: Error occured while performing
cd : Attribute myrealm Not found. Use dumpStack() to view the error stack trace
at weblogic.management.scripting.ExceptionHandler.handleException(ExceptionHandler.java:24)
at weblogic.management.scripting.BrowseHandler.handleCommoType(BrowseHandler.java:1287)
at weblogic.management.scripting.BrowseHandler.regularPush(BrowseHandler.java:631)
at weblogic.management.scripting.BrowseHandler.cd(BrowseHandler.java:1607)
at weblogic.management.scripting.WLScriptContext.cd(WLScriptContext.java:348)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java)
at org.python.core.PyMethod.__call__(PyMethod.java)
at org.python.core.PyObject.__call__(PyObject.java)
at org.python.core.PyObject.invoke(PyObject.java)
at org.python.pycode._pyx0.cd$3(<iostream>:74)
at org.python.pycode._pyx0.call_function(<iostream>)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyFunction.__call__(PyFunction.java)
at org.python.pycode._pyx15.f$0(<input>:1)
at org.python.pycode._pyx15.call_function(<input>)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyCode.call(PyCode.java)
at org.python.core.Py.runCode(Py.java)
at org.python.core.Py.exec(Py.java)
at org.python.util.PythonInterpreter.exec(PythonInterpreter.java)
at org.python.util.InteractiveInterpreter.runcode(InteractiveInterpreter.java)
at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpreter.java)
at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpreter.java)
at weblogic.WLST.main(WLST.java:101)
weblogic.management.scripting.ScriptException: Error occured while performing
cd : Attribute myrealm Not found. Use dumpStack() to view the error stack trace

How to protect source code

hai,
can u pls tell how to secure the java source code in the client place.is there any convesion method to secure the source code.

Pre-judging by the way the OP communicates here, it's probably a safe bet that his code is already cryptic enough - it's probably a mess that would be hard to follow.

Using LDAP as security realm

Hi,
Our goal is to use LDAP(Iplanet Directory Server 5.0) as a security Realm
for Weblogic Personalization and Commerce 3.5.
Using the WLCS console, I've modified the config.xml file and following
elements are added:
<LDAPRealm AuthProtocol='simple' Credential='admin'
GroupDN='ou=groups,dc=netnumina,dc=com' GroupIsContext='false'
GroupUsernameAttribute='uniquemember'
LDAPURL='ldap://sanand.netnumina.com:389' Name='wlcsLDAPRealm'
Principal='uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot'
UserAuthentication='local' UserDN='ou=people,dc=netnumina,dc=com'
UserNameAttribute='uid'/>
<CachingRealm BasicRealm='wlcsLDAPRealm' CacheCaseSensitive='true'
Name='wlcsCachingRealm'/>
But when we try to restart the WLCS, it throws java exceptions that context
is not initialized and I get the following error
<Jun 15, 2001 3:41:28 PM EDT> <Emergency> <Server> <Unable to initialize the
ser
ver: 'Fatal initialization exception
Throwable: weblogic.security.ldaprealm.LDAPException: could not get
context - wi
th nested exception:
[java.lang.reflect.InvocationTargetException - with target exception:
[javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
Credential
s]]]
weblogic.security.ldaprealm.LDAPException: could not get context - with
nested e
xception:
I tried using Windows NT as a security realm but that gave me errors too.
Does anyone has any experience using anything other than the default Realm?
Any help would be appreciated. Thanks!
Asim Raja
[email protected]

I'm not sure, but I suspect you can't
since this would create a circular dependency -
your realm would rely on the upper level security
checking calls but those calls would rely on your
realm.
My suggestion is to give it a try and see what
happens.
-Tom
Ozcan ADIYAMAN <[email protected]> wrote:
Hi ,
I am implementing a simple custom security realm using LDAP as the
security store and I can see the users, groups and acls from the admin
console.
My question is (a custom realm newbie question) ;
Is it possible to use weblogic.security.acl.Security with my custom
realm to check permissions, get the current user,etc.,
OR
is this class ONLY used with default realms (when ACL is stored in a
file) ?
Thanks
Ozcan

Unable to use a custom security realm with Netscape Directory Server in WebLogic 7

I have all users and groups stored in a Netscape LDAP server (version 4.1.6 on
Solaris 8), so I want to create a custom security realm in WebLogic 7 (also run
on Solaris 8) which uses my LDAP server as the Authenticator. I tried this by
using the Admin Console and followed exactly the steps in Chapter 3 of the "Managing
WebLogic Security" doc. However, when I rebooted WebLogic and logged into the
Admin Console again and clicked the Users node under my custom realm, I saw this
message in the right-hand pane: "There are no Authentication providers available
that support the creation of Users". Also, I don't see my custom realm in the
dropdown list under mydomain -> Security tab -> General tab -> Default Realm.
What did I do wrong? Also, where does WebLogic store the custom security realm
info? It is definitely not in config.xml.
Thanks,
Eric Ma

Thanks for the info.
I wonder when they will fix it.
Jakub
U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
news:[email protected]..
>
According to BEA Tech Support, a known bug prevents the WLS 7 AdminConsole from
displying users and groups defined in Netscape Directory Server.
Eric Ma
"Jakub Wroniszewski" <[email protected]> wrote:
I have the same problem.
Any new ideas?
Rgds,
Jakub
U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
news:[email protected]..
Now I doubt my custom security realm is actually using the NetscapeDirectory Server
as the authenticator. Unlike in WebLogic 6.1 Admin Console, whereclicking on
the Users node displays all users in the LDAP server, in WebLogic 7I keep
getting
the message "There are no Authentication providers available that
support
the
creation of Users." Any suggestions?
"Eric Ma" <[email protected]> wrote:
Never mind. I tried again by following the steps outlined at
http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.deve
l
oper.interest.security&item=8463&utag=
and it seemed to have worked for me.
"Eric Ma" <[email protected]> wrote:
I have all users and groups stored in a Netscape LDAP server (version
4.1.6 on
Solaris 8), so I want to create a custom security realm in WebLogic7
(also run
on Solaris 8) which uses my LDAP server as the Authenticator. I
tried
this by
using the Admin Console and followed exactly the steps in Chapter3
of
the "Managing
WebLogic Security" doc. However, when I rebooted WebLogic and logged
into the
Admin Console again and clicked the Users node under my custom realm,
I saw this
message in the right-hand pane: "There are no Authentication
providers
available
that support the creation of Users". Also, I don't see my customrealm
in the
dropdown list under mydomain -> Security tab -> General tab ->
Default
Realm.
What did I do wrong? Also, where does WebLogic store the customsecurity
realm
info? It is definitely not in config.xml.
Thanks,
Eric Ma

Authentication via weblogic security realm

          My servlet needs to access a session bean. The action in the session bean requires
          that a user has been authorized, i.e. at some point the session been calls
          String name = d_ctx.getCallerPrincipal().getName()
          This name may not be null at this time.
          What I would like to have is that the user executing the URL gets authenticated
          by my server realm 'myrealm' and that the associated prinicpal gets passed to
          the session bean. Is this possible. If so, how can the user pass along the username
          and password as this query is executed programmatically?
          markus


http://www.weblogic.com/docs51/classdocs/API_acl.html
Michael Girdley
BEA Systems Inc
"gennot" <[email protected]> wrote in message
news:[email protected]..
Could you send me the complete URL of these example, please?
Thanks
Enrico
Michael Girdley <[email protected]> wrote in message
39b87078$[email protected]..
The passing of the client's certificate should be automatic to WebLogic.We
have an example of getting the client side certificate from inside of
WebLogic in our documentation.
This does not require for SSL to be used from the Web server to
WebLogic.
>>
Thanks,
Michael
Michael Girdley
BEA Systems Inc
"Bob Simonoff" <[email protected]> wrote in message
news:[email protected]..
I have read through the docs and haven't found anything that would
address
the following confusion:
Suppose I want to use Apache or IPlanet as the webserver with WebLogicas
the back end application server (obviously). I have the need to use 2way
SSL authentication. As I understand it the following applies:
Client (browser) has a certificate as does the web server. Theyauthenticate
each other.
Now, the web server and weblogic need to communicate. WebLogic, in our
environment does authentication via the security realm.
What do I have to do to get the the web server (Apache or IPlanet) to
communicate the client's certificate to WebLogic so the WebLogic canperform
the authentication?
Does the communication between the web server and WebLogic also need
to
be
SSL?
Thanks
Bob Simonoff

Procedures/packages security. Hide source code?

Hi.
I was wondering if it is possible to hide the source code of a procedure for a user or avoid him to recreate it, but let him to execute it.
Im doing a sandbox procedure who edit and run an external job. It works fine but I see a bunch of security holes. If any DB user who can execute that procedure can edit it too, they could run any shell command by changing the external job attributes. I could use credentials (11.2.0.2) and somehow limit the system user to specific commands but I want to fix the security hole by limiting the DB user instead limiting system user.
This is the external job
BEGIN
DBMS_SCHEDULER.CREATE_JOB(
job_name => 'test',
job_type => 'EXECUTABLE',
job_action => '/bin/sh',
number_of_arguments => 2
DBMS_SCHEDULER.SET_JOB_ARGUMENT_VALUE (
job_name => 'test',
argument_position => 1,
argument_value => '-c'
DBMS_SCHEDULER.SET_JOB_ARGUMENT_VALUE (
job_name => 'test',
argument_position => 2,
argument_value => '/bin/date>>/tmp/date.log'
END;
/ And then, the procedure.
CREATE OR REPLACE PROCEDURE TEST_DATE_FILE ( new_file IN varchar2 )
IS BEGIN
DBMS_SCHEDULER.SET_JOB_ARGUMENT_VALUE (
job_name => 'test',
argument_position => 2,
argument_value => '/bin/date>>/tmp/' || new_file
DBMS_SCHEDULER.RUN_JOB(
job_name => 'test',
use_current_session => TRUE
END;
SQL> conn scott/tiger
Conectado.
SQL> exec TEST_DATE_FILE('newfile.log');
Procedimiento PL/SQL terminado correctamente.
SQL> CREATE OR REPLACE PROCEDURE SYS.TEST_DATE_FILE ( new_file IN varchar2 )
2 IS BEGIN
3 DBMS_SCHEDULER.SET_JOB_ARGUMENT_VALUE (
4 job_name => 'test',
5 argument_position => 2,
6 argument_value => '/bin/rm -rf /tmp/*'
7 );
8
9 DBMS_SCHEDULER.RUN_JOB(
10 job_name => 'test',
11 use_current_session => TRUE
12 );
13 END;
14 /
Procedimiento creado.
SQL> exec TEST_DATE_FILE ('');
Procedimiento PL/SQL terminado correctamente.
It is possible to hide the source code of the procedure who edits and run the external procedure?
There is any workaround or any idea of how can I prevent this?
Regards
Edited by: elvegaa_esp on 17-may-2012 2:41
Edited by: elvegaa_esp on 17-may-2012 2:43

ops$[email protected]> host wrap iname=test.sql oname=test_wrap.sql
PL/SQL Wrapper: Release 8.1.7.2.0 - Production on Mon Jan 07 12:44:21 2002
Copyright (c) Oracle Corporation 1993, 2000. All Rights Reserved.
Processing test.sql to test_wrap.sql
ops$[email protected]> @test_wrap.sql
ops$[email protected]> create or replace procedure p wrapped
2 0
3 abcd
4 abcd
5 abcd
6 abcd
7 abcd
8 abcd
9 abcd
10 abcd
11 abcd
12 abcd
13 abcd
14 abcd
15 abcd
16 abcd
17 abcd
18 3
19 7
20 8106000
21 1
22 4
23 0
24 4
25 2 :e:
26 1P:
27 1DBMS_OUTPUT:
28 1PUT_LINE:
29 1Hello world:
30 0
31
86 /
Procedure created.
and now you don't
ops$[email protected]> select text from user_source where name = 'P';
TEXT
procedure p wrapped
0
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
abcd
3
7
8106000
1
4
0
4
2 :e:
1P:
1DBMS_OUTPUT:
1PUT_LINE:
1Hello world:
0
ops$[email protected]>
Edited by: HuaMin Chen on May 29, 2012 11:26 AM

How to create default groups in Weblogic- Security Realms -- Groups

Hi Team,
Unfortunately I have deleted some default groups from Weblogic->Security Realms --> Groups. How to add the groups.
Regards,
Ravi.

Hi Ravi,
These are the defaults groups present inside Security Realms ,you can manually create them by
Going inside Security Realms-->Users and Groups-->Groups-->New
Administrators----Administrators can view and modify all resource attributes and start and stop servers-----------------------DefaultAuthenticator
Deployers---------Deployers can view all resource attributes and deploy applications.---------------------------------------------DefaultAuthenticator
Monitors-----------Monitors can view and modify all resource attributes and perform operations not restricted by roles.------DefaultAuthenticator
Operators---------Operators can view and modify all resource attributes and perform server lifecycle operations.-------------DefaultAuthenticator
Restart the Admin Server
Regards
FAbian

Save weblog with source code

Hi,
Does anyone an easy way of downloading weblogs with source codes?
If I select all/copy&paste into Microsoft Word 2000 (SP3), the source codes get this "nice" frame, where they are scrollable. When I save it and open it again, the source code is not scrollable, so I can only diplay the part of it:-(
Is there a way of avoid it from my side?
I know from the composer side it can be done, as foir example Sergei did in his weblog:
/people/sergey.korolev/blog/2005/03/14/the-time-for-me-to-have-a-badi-of-my-own
Or is it planned to change this annoying scrollable code frame?
Thanks,
Peter

Printing of Weblogs
Take a look at that thread for some possible help.
As for the "annoying scrollable code frame" well we've been doing it for awhile now and nobody has been complaining too loudly.
If the thought of everyone is to be rid of the textarea then I suppose I wouldn't have a problem using the styles instead.

BEA WebLogic 8.1 server not booting after adding a security realm

Hi,
I have added my own security realm for BEA WebLogic Server 8.1.
However, when I try to boot the server using this realm, it simply hangs. I cannot
take thread dumps as the server java process does not respond to "kill -3 PID"
(after the server has hung).
When I looked at the server log file, I observed that the server had hung after
initializing the IIOP subsystem.
I have attached herewith the following 3 files:
1. config.xml (the server config file after adding entry for my security realm)
2. default_realm.log (the server log file when booted through the default realm)
3. netpoint_realm.log (the server log file when booted through my realm).
Is there any way, I can debug where the server is exactly hanging?
Thanks and Regards,
Abhinay
[BEA_Files.zip]

is it admin server or Managed server which isnot starting?
Mir

OWSM security for a OSB service- authenticate from weblogic security realms

Hello,
I have a requirement to add security to a OSB service.
The user details are configured in weblogic security realms. lets say there are ten different users.
I need to protect my osb service using OWSM policy & the policy should be configured to authenticate the user from realms.
I am new to OWSM & wondering if this is possible?
Can the experts please direct me to any docs or steps?
Thanks
Ganesh

Hi,
Thanks for the links.
I followed the blog and configured it using oracle/wss_username_token_service_policy.
Now my requirement is to send the username,password from proxy to business and to the BPEL. (the bpel needs this username /password & and in header)
The issue I am facing is the proxy service is not sending the soap header details to business service.
I dont want to make the proxy as passthrough. (ie set Process WS-Security Header to NO)
I have to authorize on proxy level and then send the same credential details to business service?
So the question is, how can I retrieve the header after osb process it?
Can anyone please help me here?
Thanks
Ganesh

Jars and .class files - security of the source code

Hi,
I have an app that is in a jar file with the .class files (so no source code).
I'm wondering how difficult it is to attain the source code from these .class files in my jar? Looking through the contents of the .class files it seems there is a large amount of readable text. For example I see method names, variables, etc.
This leads me to believe these jars are not secure. What is a better way?
Thanks!
Edit:
Looking around, I've noticed many java decompilers and Sun even supports a dissembler - javap. I think this is not cool, haha.
What way can I protect my code? To me, the value of java just went way down due to the ease at attaining source code (based on what I read in the past hour or so. I have yet to try it myself). I wonder if this impacts companies reasons not to use java?
Edit 2:
I heard that there may be a way to make the jar closed, so you can't say, use winrar, to extract the class files. Does anyone know anything about this?
Message was edited by:
dayrinni
Message was edited by:
dayrinni

Hi,
I have an app that is in a jar file with the .class
files (so no source code).
I'm wondering how difficult it is to attain the
source code from these .class files in my jar?
Looking through the contents of the .class files it
seems there is a large amount of readable text. For
example I see method names, variables, etc.
This leads me to believe these jars are not secure.
What is a better way?
Thanks!
Edit:
Looking around, I've noticed many java decompilers
and Sun even supports a dissembler - javap. I think
this is not cool, haha.
What way can I protect my code? To me, the value of
java just went way down due to the ease at attaining
source code (based on what I read in the past hour or
so. I have yet to try it myself). I wonder if this
impacts companies reasons not to use java?All intellectual property stored in electronic form is vulnerable. Not just Java bytecode. You can use tools called obfuscators to make decompiling more difficult, which is usually good enough. The truth is, no matter how great you think your code is, it's of a lot less interest to others than you actually think. Unless you've got a particularly sexy argorithm or something, it's not really worth worrying too much about
All you can do is make it more difficult for people to crack things, never prevent it. True of all languages, all electronic media

Weblogic ldap security realm source code..

Similar Messages

Maybe you are looking for