如何创建安全的许可Java EE应用程序？ [英] How to create a secure licensed Java EE application?

问题描述

我们正在开发一个由客户选择的任何数据库支持的Java EE应用程序。

We are developing a Java EE application backed by any database of customer choice.

我们将根据用户许可证价格向客户销售。我如何确定应用程序是否按照我们的条件使用，即不易破解？有没有可用的教程？

We will sell to customers based on per user license price. How do I make sure, the application is getting used as per our conditions, i.e., not easily hackable? Are there any tutorials available?

推荐答案

Bill Karwin的回答是评论中提到的问题中最有用的答案。假设你将继续采用保护方案，尽量做到最低限度。任何其他事情往往会极大地挫败用户并导致较低的重复业务和/或增加了破解您令人沮丧的系统的愿望。

Bill Karwin's answer was the most useful of the answers from the question mentioned in the comments. Assuming that you will go ahead with a "protection" scheme, try to do the bare minimum. Anything else tends to frustrate users immensely and leads to lower repeat business and/or an increased desire to hack around your frustrating system.

从您的问题来看，很难判断每个用户都将安装该应用程序。如果是这样，您可能只需要一个他们必须以某种方式联系您的许可证代码。如果它是客户端 - 服务器的东西，那么你的选择更加有限;事实上，我无法想到我曾经设计过的单一解决方案，或者在实践中遇到的并非大量令人沮丧的解决方案。您可能也可以在此处执行许可证代码解决方案，但许可证代码会以某种方式携带指示其付费用户数量的有效负载，然后禁止创建/使用超过该数量的用户。不过，在那一点上，你真的走的是我提到的挫折线。

From your question, it's tough to tell if each user will install the application. If so, you probably just need to require a license code that they must contact you in some way to get. If it's a client-server thing, then your options are a lot more limited; in fact, I can't think of a single solution I've ever designed in my head or come across in practice that isn't massively frustrating. You could probably do a license code solution here, too, except the license code would somehow carry a payload that indicated the number of users they paid for and then disallow the creation/use of users in excess of that number. At that point, though, you're really walking that frustration line I mentioned.

这篇关于如何创建安全的许可Java EE应用程序？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！