We are using Install4J v9 and our application needs to run as a Windows service. When we have installed the application as a Windows service, we have the original jar file myApp.jar and the service wrapper myApp.exe (which is running our jar file as a service) in the installation directory.
How can we ensure that our jar myApp.jar file is called by the service wrapper myApp.exe and not a substituted, fraudulent jar file?
I am wondering if jar signing would work, but how could install4j validate this signature?
install4j has no functionality to validate signatures of JAR files for inclusion in the classpath.
However, if an attacker can modify your JAR file, they can also modify your .exe file, so adding protection to the .exe against modification of the JAR file would not make anything safer.
Related
I am currently working on turning my java application into a windows installer, converting the .jar into and .exe file.
Have chosen Install4J because of the ability to bundle JDK with the application, as well as recognizing previous installations when deploying updates.
Only problem I have, is the fact that the jar file for the application, is saved in the installation directory as well.
Does anyone know how to fix this? I don't want the original jar file in the directory, just the converted exe file.
The .exe file is just a launcher for the JVM, it does not contain natively compiled Java code.
The best way to protect your code is to use an obfuscator like ProGuard.
I have 'generated launcher' which executes my java application - aplication is in jar package.
Is there any way how to include jar into generated EXE file(launcher)? Customer wants to have only exe file, not jar in installed folder. Is there any way how to do it?
There is no way to do that with install4j. You can do it with exe4j, by using the "JAR in EXE" mode and add the generated executable to the distribution tree instead of using the generated launcher. This only works for Windows, though.
My question is the same as like below.
(Jboss version 5.0, in case it matters.)
I have a library in one of my web applications that needs to be configured with a machine-specific license before use. I don't want to put this library in shared/lib because at some point I may want to run multiple web applications with different versions of the library.
Right now the .jar files are stored in WEB-INF/lib. Thus, when I build the .war file and upload it to the server, the .jar file would still be the one bound to my PC. I would like to put a bash script somewhere in the webapp that Tomcat would automatically run when deploying the .war file - this script would then run the configuration script and bind the server's license file to the .jar. Is this possible? Is there a nicer way of doing what I want?
one thing is different. my jar should run with other process Id. that means it has to run as standalone separated by jboss. Even if this
String command = "cmd /C java -jar C:\\test\\WEB-INF\\lib\\teststart.jar";
oProcess = new ProcessBuilder(command).start();
works, I will be happy. that jar is runnable jar.
Do you have Any idea? Thanks..
What about something like ServletContextListener?
Create a class that implements this and in the contextInitialized method (contextInitialized will run during war deployment) create a ProcessBuilder to run your bash command.
I have got an ear file to deploy on WAS. In the ear file, I see the war file, the jar files and other static stuff. But I also see files like variales.xml,security.xml and deployment.xml although the ant build script did not generate these files.
Where did these extra files come from? What purpose do they serve?
These files are part of a feature known as Enhanced EARs. See the WebSphere Application Server V7: Packaging Applications for Deployment redbook for more information. In short, application-specific configuration can be included in the application to minimize the per-server configuration that an administrator must perform when installing an application.
I'm new to install4j.
So I hope this question is easy to answer and not obvios.
I involved to an Java-development-project.
We decided to use install4j to create a nice installer for our customers.
Now i've got an install4j license and testing to create an installer.
I Use the install4j Launcher Wizard to make a .exe file out of my .jar file.
Now the Problem: If I remove the .jar file from the installer, the .exe file doesn't work anymore.
So the question: Is it possible to deploy with install4j an .exe file without the .jar file ?
WebStart is not an option in this project.
The .exe is just a launcher to start the JVM. Your Java code is not compiled into native code by install4j. If you want to protect your code, you have to use an obfuscator, for example yguard.
I think install4j can package the Jar inside the executable, as shown in this blog post:
http://blog.ej-technologies.com/2010/12/my-first-try-with-install4j-tutorial.html