我正在尝试使用Proguard来混淆我的GWT(Vaadin)应用程序。我以前从未混淆过java代码,这是我第一次尝试使用Proguard。
我的配置文件设置如下:
-libraryjars JAVA_HOME\rt.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\appfoundation.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\blackboard-2.1.1.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\cssinject-0.9.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\eclipselink.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\eclipselink-jpa-modelgen_2.0.2.v20100323-r6872.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\gwt-visualization.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\iText-5.0.4.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\javax.persistence_1.0.0.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\javax.persistence_2.0.0.v201002051058.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\vaadin-6.4.4.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\vaadin-calendar-0.5.1.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\vaadin-chameleon-theme-1.0.1.jar
-libraryjars MYPATH\test\WebContent\WEB-INF\lib\VisualizationsForVaadin.jar
-libraryjars "C:\Program Files\eclipse\configuration\com.vaadin.integration.eclipse\download\gwt-dev\2.0.3\gwt-dev.jar"
-libraryjars "C:\Program Files\eclipse\configuration\com.vaadin.integration.eclipse\download\gwt-user\2.0.3\gwt-user.jar"
-injars test.war
-outjar test_after.war
-printseeds
-ignorewarnings
-keep public class TestApplication extends com.vaadin.Application {
public void init();
}
然后我使用proguard命令执行:
java -jar proguard.jar @test.pro
我没有收到配置文件的任何错误,但我确实收到很多警告。输出文件已创建但我关注警告。我是否需要在配置文件中指定更多jar文件?我列出了我在申请中使用的所有罐子。还有什么我做错了吗?
下面是剪辑命令行输出的最后20行
提前致谢
S上。
Maybe this is library method 'sun.jdbc.odbc.JdbcOdbcStatement { java.sql.Connection getConnection(); }'
Maybe this is library method 'sun.jdbc.odbc.ee.CommonDataSource { java.sql.Connection getConnection(); }'
Maybe this is library method 'sun.jdbc.odbc.ee.ConnectionPoolDataSource {java.sql.Connection getConnection(); }'
Maybe this is library method 'sun.jdbc.odbc.ee.DataSource { java.sql.Connection getConnection(); }'
Maybe this is library method 'sun.jdbc.odbc.ee.PooledConnection { java.sql.Connection getConnection(); }'
Maybe this is library method 'sun.rmi.transport.StreamRemoteCall { sun.rmi.transport.Connection getConnection(); }'
Note: org.eclipse.persistence.sdo.helper.DynamicClassWriter accesses a declared method 'writeReplace()' dynamically
Maybe this is program method 'org.eclipse.persistence.sdo.SDODataObject {java.lang.Object writeReplace(); }'
Maybe this is program method 'org.eclipse.persistence.sdo.helper.ListWrapper { java.lang.Object writeReplace(); }'
Maybe this is library method 'com.sun.corba.se.impl.presentation.rmi.InvocationHandlerFactoryImpl$CustomCompositeInvocationHandlerImpl {
Note: there were 4 unresolved dynamic references to classes or interfaces.
You should check if you need to specify additional program jars.
Note: there were 10 accesses to class members by means of introspection.
You should consider explicitly keeping the mentioned class members
(using '-keep' or '-keepclassmembers').
Warning: there were 3649 unresolved references to classes or interfaces.
You may need to specify additional library jars (using '-libraryjars').
Warning: there were 173 unresolved references to program class members.
Your input classes appear to be inconsistent.
You may need to recompile them and try again.
Alternatively, you may have to specify the option
'-dontskipnonpubliclibraryclassmembers'.
答案 0 :(得分:2)
GWT分两部分生成代码。
由于GWT客户端是从Java源代码生成的,因此在提供给GWT之前没有简单的方法进行模糊处理。我想你可以通过Proguard以某种方式进行混淆,然后将其反编译并将其提供给GWT编译器。这似乎有点矫枉过正,但有可能。
混淆的常用方法是为GWT编译器指定-style OBF。这将彻底混淆您的代码。你可能会更进一步,通过另一个JS混淆器运行它,虽然收益递减规律,错误等适用。
我建议您了解在提供OBF作为样式时生成的内容。它可能足以满足您的需求。显然,你放在服务器端的东西越多(例如安全性,cookie验证等),客户端中的代码就越少。