Bill Karwin's answer was the most useful of the answers from the question mentioned in the comments. Assuming that you will go ahead with a "protection" scheme, try to do the bare minimum. Anything else tends to frustrate users immensely and leads to lower repeat business and/or an increased desire to hack around your frustrating system.
From your question, it's tough to tell if each user will install the application. If so, you probably just need to require a license code that they must contact you in some way to get. If it's a client-server thing, then your options are a lot more limited; in fact, I can't think of a single solution I've ever designed in my head or come across in practice that isn't massively frustrating. You could probably do a license code solution here, too, except the license code would somehow carry a payload that indicated the number of users they paid for and then disallow the creation/use of users in excess of that number. At that point, though, you're really walking that frustration line I mentioned.
如果你可以混淆——这就是开始的方法。 但如果你使用控制反转框架(例如spring),这可能会很痛苦。 我听说也可以混淆 spring 上下文,但从未尝试过。 另外(只是猜测)反射、动态代理等可能会带来一些惊喜。 至于许可,我建议使用TrueLicense。 它具有非常灵活的方式来处理各个方面的保护以及开箱即用的免费试用期。 工作得很好并且有很棒的文档。
If you can obfuscate - this is the way to go for a start. But it could be painful if you use inversion of control frameworks (e.g. spring). I heard that it's possible to obfuscate spring context as well, never tried it though. Also (just guessing) there could be some surprises with reflections, dynamic proxies and such. As to the licensing, I can suggest using TrueLicense. It has very flexible means of handling various aspects of protection as well as free trial periods out of the box. Works very well and has great documentation.
Do clients pay for support of this application? If so, there is a chance that support is a bigger pay-off than the licensing of the application itself. If so, you may consider not locking down the application, but rather, choosing to only provide support for authentic copies of the software (unmodified copies proved via checksums and the such). Many businesses licensing this software would be more inclined to avoid any modifications (even though the chance of them wanting to actually do this is probably tiny) in order to not jeopardize their support.
FYI: This is how Oracle tends to operate with their e-Business Suite. You can modify pretty much any component you want. Good luck on getting support, though!
Look at how Atlassian sells their products. I believe this is an approach that works very well, and probably would for you too. Note: There should be added value in subscribing to updates!
发布评论
评论(4)
Bill Karwin 的回答是最有用的评论中提到的问题的答案。 假设您将继续实施“保护”计划,请尽量做到最低限度。 其他任何事情都会极大地让用户感到沮丧,并导致重复业务减少和/或增加破解令人沮丧的系统的愿望。
从你的问题来看,很难判断每个用户是否都会安装该应用程序。 如果是这样,您可能只需要一个许可证代码,他们必须以某种方式与您联系才能获取该许可证代码。 如果它是客户端-服务器的事情,那么你的选择就更加有限; 事实上,我在脑海中设计过的解决方案或在实践中遇到的解决方案都非常令人沮丧。 您也可以在这里做一个许可证代码解决方案,除了许可证代码会以某种方式携带一个有效负载,指示他们付费的用户数量,然后禁止创建/使用超过该数量的用户。 但到那时,你就真的走上了我提到的那条挫败线。
Bill Karwin's answer was the most useful of the answers from the question mentioned in the comments. Assuming that you will go ahead with a "protection" scheme, try to do the bare minimum. Anything else tends to frustrate users immensely and leads to lower repeat business and/or an increased desire to hack around your frustrating system.
From your question, it's tough to tell if each user will install the application. If so, you probably just need to require a license code that they must contact you in some way to get. If it's a client-server thing, then your options are a lot more limited; in fact, I can't think of a single solution I've ever designed in my head or come across in practice that isn't massively frustrating. You could probably do a license code solution here, too, except the license code would somehow carry a payload that indicated the number of users they paid for and then disallow the creation/use of users in excess of that number. At that point, though, you're really walking that frustration line I mentioned.
如果你可以混淆——这就是开始的方法。 但如果你使用控制反转框架(例如spring),这可能会很痛苦。 我听说也可以混淆 spring 上下文,但从未尝试过。 另外(只是猜测)反射、动态代理等可能会带来一些惊喜。 至于许可,我建议使用TrueLicense。 它具有非常灵活的方式来处理各个方面的保护以及开箱即用的免费试用期。 工作得很好并且有很棒的文档。
If you can obfuscate - this is the way to go for a start. But it could be painful if you use inversion of control frameworks (e.g. spring). I heard that it's possible to obfuscate spring context as well, never tried it though. Also (just guessing) there could be some surprises with reflections, dynamic proxies and such. As to the licensing, I can suggest using TrueLicense. It has very flexible means of handling various aspects of protection as well as free trial periods out of the box. Works very well and has great documentation.
客户是否需要为此应用程序的支持付费? 如果是这样,那么支持的回报可能会比应用程序本身的许可更大。 如果是这样,您可以考虑不锁定应用程序,而是选择仅提供对软件正版副本的支持(通过校验和等证明未修改的副本)。 许多获得该软件许可的企业更倾向于避免任何修改(尽管他们实际上想要这样做的机会可能很小),以免危及他们的支持。
仅供参考:这就是 Oracle 倾向于使用其电子商务套件进行操作的方式。 您几乎可以修改任何您想要的组件。 不过,祝你好运,获得支持!
Do clients pay for support of this application? If so, there is a chance that support is a bigger pay-off than the licensing of the application itself. If so, you may consider not locking down the application, but rather, choosing to only provide support for authentic copies of the software (unmodified copies proved via checksums and the such). Many businesses licensing this software would be more inclined to avoid any modifications (even though the chance of them wanting to actually do this is probably tiny) in order to not jeopardize their support.
FYI: This is how Oracle tends to operate with their e-Business Suite. You can modify pretty much any component you want. Good luck on getting support, though!
看看 Atlassian 如何销售他们的产品。 我相信这是一种非常有效的方法,并且可能也适合您。 注意:订阅更新应该有附加值!
Look at how Atlassian sells their products. I believe this is an approach that works very well, and probably would for you too. Note: There should be added value in subscribing to updates!