Protecting Java jar Files for Distribution

Running your application through an obfuscator makes reverse engineering more difficult and costly.

Take a look at the Java Service Wrapper for a relatively easy way to install and run your java app as a service on multiple platforms.


As others have said, you can obfuscate your code. That will make reverse engineering non-trivial. You could also compile your Java to native code using (for example) GCJ. That will make reverse engineering harder, but it will also mean that you have to create different distribution bundles for each supported hardware/OS platform.

I understand that distributing a .jar file is highly insecure.

You have to understand that if you distribute software in any form to run on a platform that you don't fully control, then there is nothing technical that you can do to prevent reverse engineering. Nothing.

Ultimately, you have to trade off the benefits of distributing your software versus the risks of someone reverse engineering it. One approach people take is to figure out if the benefits outweigh the risks * costs, and use legal safeguards (e.g. appropriate software licenses) to deter reverse engineering. The other approach is to say "good luck to you" to potential reverse engineers and make your money by offering services rather than software licenses.


You can scramble / obfuscate your bytecode with yGuard or other java-bytecode-obfuscators.

Operating System independent distribution can be difficult. IMHO the best solution is a normal archive containing several scripts (.bat/.cmd for windows, .sh for linux / OSX)for the program-start under the Operating Systems the program supports.

Running a java-program as service can be even more difficult: It's easy under Linux, where you just have to write a proper startup-script to run it in the background. I know that FireDaemon has problems running java-programs as service, so it might be difficult (or impossible) to run it as service on Windows. Sorry, but I've no idea about MacOS X. Could be as easy as Linux, could be as impossible as Windows.