I remember, a couple of years back we were working on a project where we needed to ftp into the clients machine, change a property file, and rebuild a jar file to be deployed on their staging server. As if it was not enough that we had to use vim to fix the property file, we also had to rebuild the jar file on the command line. An exercise that would have probably taken a couple of minutes on our local desktop with Eclipse, ended up taking 30 minutes on the remote machine's command prompt.
This episode reminds me of a time when I had forgotten my own cell phone number. For the next few days I harangued anyone patient enough to hear me out about how I could remember all my friend's phone numbers till I started using a cell phone. And now there were times when I couldn't even remember my own phone number. I think Eclipse has had a similar effect on developers. There was a time when I could remember all the Java compiler switches, jar file options and stuff like that. Now I find myself running to the docs for the smallest of tasks.
I am sure there are people who believe that the Internet serves as an extended memory for us and it's pointless trying to remember things that can be searched online. Maybe they are right, but I still think there is value in having some of these things in our mental horizon.
This blog post is a reminder of three things every Java developer should know about jar files.
How to make a jar file on the command prompt
Go to the parent directory of the directory which contains all the files and subdirectories that need to go in the jar file and fire the following command:
jar cvf fbupdate.jar ./bin
Where bin is the directory containing everything to be build and fbupdate.jar is the name of the jar file.
One the jar file has been created, we can list it's contents by executing:
jar tf fbupdate.jar
page for more details on the jar command.
How to make a jar file executable
Since most software we deal with nowadays is meant to run either on the server or in mobile apps, we rarely come across the need to execute jar files. I suspect younger developers may not even know that jar files can be executed. But they can; executable jar files are used in desktop applications, so you can start it by double clicking its jar file.
Before executable jar files we would run a desktop application or tool by manually running it's main class like this:
java -cp fbupdate.jar com.programmr.fb.Updater
Here Updater.class is the main bootstrap class with the main method. However, we don't really need to execute such a complex command. Java gives us a way to specify the main bootstrap class in the jar files manifest. All we have to do is add the following line to the MANIFEST.MF file which is bundled with the jar to make is executable.
Main-Class: fbupdate.jar com.programmr.fb.Updater
With this little addition to the manifest, we can run the application either by double clicking on it, or by executing this simple command:
java -jar fbupdate.jar
You can get more information about how to make a jar file executable here
How to sign a jar file
Jar files bundled with libraries or applets often need to be signed for security reasons. I'll explain below the steps involved in signing a jar file. You will need an unsigned jar file to start with - if you don't already have one, you can create it by following steps in the first section of this post.
Get the keys:
Since signing is always done with keys, the first thing you need to sign a jar file are a pair of public and private keys. You will need to generate a key pair if you don't already have one. The JDK comes bundled with a keytool which can be used to generate key pairs.
If you run the following command, it will generate a keystore called 'mykeystore', within which it will generate keys, which can be referred using the alias 'signFiles'.
keytool -genkey -alias myKeys -keystore mykeystore
Sign the file:
You will need an unsigned jar file for signing. You can either use the one created above or another jar file if you prefer. Issuing the following command will sign the jar file:
jarsigner -keystore mykeystore -signedjar fbupdatesigned.jar fbupdate.jar myKeys
As you might already have guessed, mykeystore
is the name of the keystore which contains your keys, myKeys
is the key alias, fbupdate.jar
the jar file to sign, and fbupdatesigned
the corresponding signed jar file.
Export the public key certificate:
The signed jar file when distributed to clients, needs to be accompanied with your public key. Issue the following command to export the public key:
keytool -export -keystore mykeystore -alias myKeys -file Programmr_Corp_pub.cer
The public key is exported to the file Programmr_Corp_pub.cer
which an be distributed to clients along with the signed jar file.