[jboss-user] [JBoss Microcontainer] - Re: Custom ClassLoader
Irfan Basha
do-not-reply at jboss.com
Wed Mar 27 03:42:25 EDT 2013
Irfan Basha [https://community.jboss.org/people/irbash] created the discussion
"Re: Custom ClassLoader"
To view the discussion, visit: https://community.jboss.org/message/804978#804978
--------------------------------------------------------------
The translator is different from classloader:
If I use translator, I pass the encrypted bytecode to the translator and the translator decrypts it and sends back the actual bytecode. So once the translator decrypts it, the actual bytecode can be obtained easily. If anyone wants to get the actual bytecode, he/she can just get it from translator.
If I use classloader (provided by the third party security company, which decrypts the bytecode only if a hardware dongle is available), I just pass the classname to the ClassLoader and it returns me the Class after loading it. So with the Class, one cannot get the bytecode (at least thats what I believe). This secure ClassLoader somehow loads the class without calling the java.lang.ClassLoader, and the classloader itself is encrypted so it is pretty much safe. (I tested this by changing the code of java.lang.ClassLoader in rt.jar... surprisingly this secure classloader doesn't call the java.lang.ClassLoader... )
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/804978#804978]
Start a new discussion in JBoss Microcontainer at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2114]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20130327/61779a83/attachment-0001.html
More information about the jboss-user
mailing list