c-- styles for logos and headline links do not modify internet, red, or black styles -->

Intranet Journal   Earthweb  
Events Jobs Premium Services Media Kit Network Map E-mail Offers Vendor Solutions Webcasts

   Intranet Journal Subjects
Search Earthweb

Privacy Policy



internet.com
IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

internet commerce
Be a Commerce Partner
















 

[ Home | Discussion Forum | How Do I... | Lotus Notes Intranets | Microsoft SharePoint | Products | Shopping  ]

free news!

Protecting your ASP code

By Paul Smullen

One of the major drawbacks in using Active Server Pages is that the code you create cannot be compiled. Although this is a serious concern for many ASP users, Microsoft have only indicated a minor priority in dealing with the issue.

This is a very serious issue for software developers as there is nothing stopping a client from taking the code you develop for them and giving any future development or maintenance work to a competitor. Companies should consider this issue when signing contracts and ensure that the intellectual rights to the code remains with them after delivery. Even if the company requests the source code, which is often the case, you do not want a disgruntled client's employee taking the code and moving to one of your competitors.

Another issue is unnecessary support. Although in an ideal world the code you provide will reside on a server with restricted access by people who will not tamper or alter it, we do not do business in an ideal world. With any other Windows development environment you simply ship your compiled code and if a problem arises a simple re-installation is all that is needed. With ASP the client may claim that there is bugs in the code caused by poor quality programming when the cause could be an over ambitious employee in the client company.

If you are using ASP for developing an in-house intranet site then this problem does not effect your company too much. It is only relevant if you sell the code you produce to a third party.

I have oulined some options available to you for getting around this issue.

Host the site...
If your company has hosting capabilities then ideally you would host the application yourself. This would prevent your client from even seeing the code and more importantly prevent anyone from stealing or altering it.

Use DLLs to hide your business rules...
Active Server Pages can use any ActiveX DLL created in Visual Basic or C++. One approach is to take critical sections of your code - those that define your business rules and database queries - and place them into objects in an ActiveX DLL. Check back later for an article explaining how to create such a component.

Use AspCodeLock...
There is server component available at http://www.serverobjects.com/products.htm#AspCodeLock
The description from the web site;
"This product will allow you to encrypt ASP script code at development time. AspCodeLock will dynamically decode the script when requested by IIS and execute it under the ASP environment. Your ASP code is processed in memory and is not written unencrypted to disk by AspCodeLock."

I have not personally evaluated this product but it seems it will do what is required in order to hide your source code. When evaluating you should take note of the speed of the application before and after using it

Next: Updating Records to a Database using ADO(ActiveX Data Objects)

Previous: Implementing a Search Engine in ASP

Index: Active Server Pages\IIS

The Author
Paul Smullen worked for 3 years for CBT Systems Ltd. in Dublin, Ireland (http://www.cbtsys.ie) as a Visual Basic programmer. He also carried out some C++ work on the Macintosh platform. This role was concentrated on the development of Multimedia computer based training products for deployment on CD-ROMS. He spent some of this time working in the corporate headquaters in San Francsico. He spent last year working in Sydney, Australia where he got into Active Server Pages and SQL Server. He developed large business to business applications for a world leading Hardware corporation. This application will service the entire Asia Pacific region in 4 languages. Paul is currently working as a contracter in Ireland on projects including Visual Basic/Oracle and ASP/Access & SQL Server.



[print version of this page]

Of Interest
· Post and answer questions with the experts at Intranet Journal's discussion Intranet Discussion Forum, the eXchange.