Menu
I've written a Java Applet and run it from my website.
In the long-term I plan to charge money per use of this applet.
The question is, is it possible to prevent users of downloading my code (i.e. my jar file) and then running it from their home, without paying?
(In this I don't mean decompile - I use obfuscator. I mean someone can use it easily without even decompiling it or understand it's code...)
I thought about using a changing password which the server sends to the applet using the HTML, but I thought - maybe someone knows a standard way of achieving my goal instead of reinventing the wheel??
Thanks..
589
There are several ways you can do this.
You can put code like this at the beginning of the applet's init method, assuming it creates some components:
if (!getDocumentBase().getHost().equals("yourhost.com")) {
JOptionPane.showMessageDialog(this, "You can't download it");
return;
}
Of course, you have to change yourhost.com to your actual website.
You can put all of your code on the server. For this, I will assume that your applet computes the cube of an integer.
Then the code looks like this for your applet:
public class CubingApplet extends JApplet {
private JTextField intField = new JTextField(3);
private JLabel output = new JLabel();
public void init() {
setLayout(new GridLayout(2, 2));
add(new JLabel("Enter an integer: "));
add(intField);
add(new JLabel("The cube of that is: ");
add(output);
intField.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
output.setText("" + getCube());
}
};
}
private int getCube() {
try {
int n = Integer.parseInt(intField.getText());
InputStream response = new URL("http://www.yourhost.com/dosomething.php?n=" + n).openStream();
String sResponse = new BufferedReader(new InputStreamReader(response)).readLine();
return Integer.parseInt(sResponse);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
I must stop writing this right now, but I will add server-side code at the earliest opportunity.
By the way, even if you obfuscate, and it can't be decompiled, it is possible to recognize what these kinds of protection schemes look like, and remove them. So any protection scheme you devise can be short-circuited, because no obfuscation is bulletproof.
156
If the user's computer does all of the work of the applet, then it is impossible to prevent them from downloading a copy of the code. The browser has to download the code in order to run it; all the user needs to do is tell the browser to save the file or to use another program that will. The only way to prevent the user from being able to use the applet offline is with DRM. Perhaps you can include a check to your servers to ensure that the usage is valid; while the program is free the usage would always be valid but later you could verify it online. This is vulnerable to decompilation and modification to remove the DRM. Another option is to do some of the computation on your server, using code that is never exposed, but this of course has the downside of requiring you to maintain servers to do the calculations, which can be expensive.
24
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
