| How to authenticate contributing extension [message #604712] |
Wed, 17 February 2010 09:11  |
 Dave Meurer
Messages: 2
Registered: February 2010 |
Junior Member |
|
|
Hello,
I'm trying to find approaches to protecting the contributing extension I've created, so that it can not be spoofed or overridden. In this instance, I am building a licensing contributing architecture where my company needs to be the only one who can contribute extensions to the plug-ins. I'm trying to prevent someone from overriding the licensing mechanism to always return true when a license is requested - but, my company can have different licensing adapters, hence the need to have a contributing architecture.
I've looked around and found articles/forums on digitally signing jars, etc, but I can't find examples or discussions on how to verify that an extension is signed when getting the instance.
Are there better ways to guarantee that the contributing extension is authentic?
Kind regards,
Dave
|
|
|
] 
Search
Help
Register
Login
Home
