Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am looking to load a JAR at runtime but want loading to fail if the JARs aren’t either signed nor sealed. I know that Java JCE has this capability when loading new crypto algorithms. Do any of the plugin frameworks already support this functionality? Otherwise, what is the best approach?
OSGi has a well defined and logical security model for loading signed jars (dunno about sealed). Although OSGi is a lot more than just a plugin framework, so you’ll find you need a lot of refactoring work.
Well worth the effort tho 🙂