Having difficulties dealing proguard with spring

2019-04-01 15:07发布

站内问答 / Java
1338 2 6

I have a web application using spring annotations extensivley and I have my proguard configuration like the following:

-printmapping out.map

-dontoptimize

-keepdirectories

-renamesourcefileattribute SourceFile

-keepattributes Exceptions,SourceFile,LineNumberTable,*Annotation*

-adaptresourcefilenames    **.xsd,**.wsdl,**.xml,**.properties,**.gif,**.jpg,**.png
-adaptresourcefilecontents **.xsd,**.wsdl,**.xml,**.properties,META-INF/MANIFEST.MF 

-dontshrink

-keepclassmembernames class * {
    java.lang.Class class$(java.lang.String); 
    java.lang.Class class$(java.lang.String, boolean);
}

-keepclassmembers enum * {
    public static **[] values(); 
    public static ** valueOf(java.lang.String);
}

-keepclassmembers class * implements java.io.Serializable { 
    static final long serialVersionUID; 
    private static final java.io.ObjectStreamField[] serialPersistentFields; 
    private void writeObject(java.io.ObjectOutputStream); 
    private void readObject(java.io.ObjectInputStream); 
    java.lang.Object writeReplace(); 
    java.lang.Object readResolve();
}

-keep @org.springframework.transaction.annotation.Transactional class *

-keep @org.springframework.stereotype.Service class *

-keep @org.springframework.stereotype.Controller class *

-keep @org.springframework.beans.factory.annotation.Autowired class *

-keep @org.springframework.web.bind.annotation.ResponseBody class *

-keep @org.springframework.web.bind.annotation.RequestMapping class *

-keep @org.springframework.stereotype.Repository class *

-keep @javax.annotation.Resource class *

-keep @javax.persistence.Entity class *

-keep @javax.persistence.Table class *

-keep @javax.persistence.Id class *

-keep @javax.persistence.GeneratedValue class *

-keep @javax.persistence.Column class *

-keep @javax.persistence.Transient class *

-keep @org.springframework.ws.server.endpoint.annotation.Endpoint class *

-keep @org.springframework.ws.server.endpoint.annotation.PayloadRoot class *

-keep @org.springframework.ws.server.endpoint.annotation.ResponsePayload class *

It built fine without warnings whatsoever. But after deploying in tomcat, and opening the page in the browser it waits and waits without any result, What could be the problem?

2条回答
我想做一个坏孩纸
2楼-- · 2019-04-01 15:25

I found out the problem:
proguard can't treat the annotated classes, methods, fields specially when they are runtime types. If you run proguard even with -keep option for the annotations, it will still mess up with the configuration files, because it can only replace classes, methods, fields in the resources that have full reference to the package i.e. if and only if the class/field is mentioned in the following way: my.package.level.purpose.MyClass/my.package.level.purpose.MyClass.myField.
And coming back to the annotations, a spring web application is full of annotations, so it will be useless or even not obfuscated at all (maybe only the util classes will be obfuscated).
Conlusion:
There is no use of obfuscating modern spring (3.x.x+) web applications with any obfuscators even the commercial ones, because they all work on the byte-code side of the code and will not treat annotations and mess up with the config files.

查看更多
0人赞 添加讨论(0) 举报
贼婆χ
3楼-- · 2019-04-01 15:45

You need to check the server log files to see what is going on. If there is nothing obviously wrong, changing the logging level to DEBUG will give you lots more information about what Spring is doing.

FWIW, I'd expect a Spring-based application to give you lots of problems if your try to obfuscate it. Spring's DI and annotation processing are likely to be broken by the transformations that a obfuscator performs on the class files. For instance, any place where an annotation refers to the name of another class or method will break if the obfuscator replaces the class / method name.

My advice would be to give up obfuscation as a bad idea.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)