Protect Spring Boot Applications

Video Tutorial

▶️ https://www.youtube.com/watch?v=FKqruAJAJFw

Download

Visit https://protector4j.com/download to download the latest version.

Installation

Windows and Linux

No special installation steps are required, just download and extract the archive.

macOS

Download the dmg file and drag Protector4J to Applications, the actual contents of this tool are in Protector4J.app/Contents/protector4j-mac

Use GUI Tool to Encrypt the SpringBoot Applications

Go to the folder of Protector4J then execute p4j-ui[.exe] , you will see the interface below

For macOS, please just double click the Protector4J.app

Login

If you have got the license, please click the login button on the top-right corner and input your account information. Although you can still try this tool free without the license.

Choose app type

Click the “Spring Boot Application” button on the app type page.

Choose jar/war files to encrypt

Choose the Spring Boot Jar File to protect, only one file can be selected here.

Options

Just encrypt jar files

If this option is selected, only the encrypted jar files will be generated and the Java runtime will not be deployed, this option is usually used in combination with key seed for updating existing applications

Create executable file

Create the executable file to launch the application here.

Hide Console

This option is only valid for windows, applicable to gui applications

JVM Options

Set the arguments to be passed to the JVM here, such as -Xmx and -Xms, separated by spaces or newlines

Output

Java Version

Select the target Java version, support Java 8, Java 11 and Java 17

Create new folder

Selected by default, the task will create a folder like p4j- in the output folder, the final output result is in this folder

Include JavaFX

Check this option, if this is a JavaFX Application

SWT Application

Check this option if this is a SWT gui application

KeySeed

Every encryption task will request a random key from the server by default, so the jar files generated in different encryption tasks can’t be used together. However, the same key seed will generate the same key, this option can used in combination with “Only Encrypt Jar Files” to update existing applications. And This option is only valid for Licensed user.

Encryption process

It will take some time to finish the encryption process. After it is done, you can check the result in the output folder.

Run the encrypted app

Just run the executable file or the script created in the encryption task

Notice

If the application is for macOS or Linux and is generated under Windows,
please execute add-executable-permission.sh first to give the program executable permission.

Modify the JVM Options

If you need to modify the jvm options, edit the exe-name.json, there is an array called JArgs, you can edit and add the JVM options here.

1
2
3
4
"JArgs"          : [
"-DParam1=value1",
"-DParam2=value2"
]

Use CLI Tool to Encrypt Spring Boot Application

The configuration of task file

It needs to specify a task file as an argument to the command-line tool.

Find spring-boot-task.yml in task-templates folder, copy and modify a new one.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# Available values: 8,11,17
javaVersion: 8

# The jar file of spring boot application
springBootJarFile: ''
# Only encrypt the jar files, do not deploy the runtime
# This option is used while upgrading an existing application
onlyEncryptJarFiles: false

## [ Executable file information ]
# The executable file name
exeFileName: ''
# Hide command line window, only valid for Windows
hideConsole: false
# The splash image
splash: ''
# JVM Options
jvmOptions: []

## [ Output Options ]
# The output folder
outputFolder: ''
# Create a new and unique folder for the application, the folder name is like p4j-<taskId>
createNewFolder: true
# Whether this is a JavaFX application
includeJavaFX: false
# Whether this a swt gui application
swtApplication: false
# Fixed key seed, only avaiable for licensed user
# Jars encrypted in different tasks can be used together with same key seed
keySeed: ''
# The target platforms, keep it empty for current plaform,
# available values: [win, linux, mac]
platforms: []

Execute the encryption process

Go to the folder of Protector4J and execute the command below to run the encryption task

On Linux or macOS

For macOS users, you can find the cli tool in Protector4J.app/Contents/protector4j-mac

1
./p4j -t spring-boot -f path-of-task-file

On Windows

1
p4j -t spring-boot -f path-of-task-file

-t task type

-f task file

You can execute p4j --help to see the detail arguments.

Run with account information

1
./p4j -t spring-boot -f path-of-task-file -u email -p password

Check the result

After the encryption task, please go to the output folder to check the result.

Run the encrypted app

Just run the executable file created in the encryption task

Notice

If the application is for macOS or Linux and is generated under Windows,
please execute add-executable-permission.sh first to give the program executable permission.

Modify the JVM Options

If you need to modify the jvm options, edit the exe-name.json, there is an array called JArgs, you can edit and add the JVM options here.

1
2
3
4
"JArgs"          : [
"-DParam1=value1",
"-DParam2=value2"
]