Excelsior JET is a certified Java SE 6 JVM with an Ahead-Of-Time compiler and installation toolkit.
|It enables you to compile Apache Tomcat together with your Web applications into a native code executable and distribute it without the original class/WAR files and without dependency on the JDK.|
Compilation to native code protects your intellectual property and substantially improves the security of your Web applications. It makes IP theft, code tampering, and discovery of security vulnerabilities involve an expensive reverse engineering effort, whereas practically anyone can download and run a free Java decompiler.
“If you do not want others reading, modifying, and recompiling your web application's source code, Excelsior JET is the best tool to use.”
Co-Author of "Tomcat: The Definitive Guide"
read full quote
Jason Brittain, co-author of the best-selling "Tomcat: The Definitive Guide", kindly shared his opinion on and experience with Excelsior JET:
Most Java developers know that Java class files are easily decompiled back into Java source code again. What's more, there are now several software tools that can decompile class files into source code that you can easily modify and recompile. The code for compiled servlet class files, JSPs, and any other included proprietary libraries are also as readable as open source software, once they are decompiled. But, when compiled into native code, none of these class decompilation tools work, and the Java program still runs the same. If you do not want others reading, modifying, and recompiling your web application's source code, Excelsior JET is the best tool to use.
I tried JET 7 with Tomcat 6 and some of my own large and complex web applications, and it worked flawlessly! I was able to natively compile my Tomcat and my webapps into native code that installed and ran just fine. I was pleasantly surprised at how easy it was to compile it all on the first try. Not only did my web applications run flawlessly, they did seem a bit faster than when I run them with the Hotspot JVM. From my tests, JET works great.
"We have been able to successfully protect our intellectual property in our enterprise application iExperiment in a public Amazon Machine Image, allowing groups interested in valuating iExperiment to quickly get up and running with it on Amazon Web Service."
President & CEO
read the case study
News and announcements
New case study: Lock Up Your AMIs
The below Tomcat applications have been compiled to native code using Excelsior JET:
"Clean" Tomcat 7.0.16
(with standard samples)
Pebble 2.6.2 on Tomcat 7
- What are the known limitations?
As of version 7.6, Excelsior JET imposes some limitations on your Web applications functionality:
All Web applications must be deployed into a subdirectory of Tomcat-Dir.
It may be
webapps/or another directory.
- Web applications are compiled together with Tomcat into one executable, so hot re-deployment of a running pre-compiled application is not possible. You would need to stop Tomcat, replace the executable, and start it again.
- All Web applications must be deployed into a subdirectory of Tomcat-Dir. It may be
- How it works?
Simply put, Excelsior JET knows how the Tomcat classloaders work. That knowledge enables ahead-of-time compilation of the deployed Web applications and the Tomcat server itself.
Previously, in the general case Web applications could be only handled via the JIT compiler that comes with the JET Runtime, just like it is done by the standard JRE. Unfortunately, that approach did not provide any security as the application classes had to be distributed in the original bytecode form.
- What are the supported platforms?
Windows and Linux running on x86 (IA-32) or compatible hardware. For more details, refer to System Requirements.
- What are the supported Java (micro)versions?
Excelsior JET 7.6 supports Java SE 6 Update 27 out-of-the-box. More recent Java Updates will be supported through add-ons.
If your application only runs on J2SE 5.0, you may downgrade to Excelsior JET 7.0, which was the last one to support that version of Java.
- What are the supported versions of Apache Tomcat?
Apache Tomcat 5.0.x, 5.5.x, 6.0.x, and 7.0.x.
Versions prior to 5.0 will not be supported.
- Do the compiled Tomcat and Web apps start and work faster?
Possibly yes, though we have not focused on performance yet.
- Can I compile only certain Web applications to native code and leave the rest intact?
Yes, it is possible. For detailes, please refer to the User's Guide, Chapter "Tomcat Web applications", section "Compilation", "Step 3: Settings for Web applications".
- Can I deploy additional applications on the AOT-compiled Tomcat?
Yes, you can do that using the standard Tomcat deployment procedure. Web applications deployed this way will be handled by the JIT compiler that comes with the JET Runtime.
- How does the solution compare to Java obfuscators?
In general, Java obfuscation has quite a few weak points as compared to AOT compilation of Java classes to native code. Specifically for Web applications, the most crucial one is that you may not use name obfuscation because Web containers heavily rely on Java Reflection.