Skepsis IT Posted April 28, 2015 Posted April 28, 2015 Hi, after hours of coding, you "finish" the project and it is time for sales. Does anyone implement or use a system for licensing and protect unigui apps? If not any suggestion / proposals for that issue? Thanks in advance Quote
wilton_educasoft Posted May 19, 2015 Posted May 19, 2015 the best way and you publish the application on your server, where only you will have access, so you will be able to cancel access to the system at any time. if this is not possible, create a routine to authenticate your application on your server to check the license data. Of course in this situation, your customer will depend on having internet available to do this check if your system is running on a LAN without internet, there is very complicated to have a safe solution. finally, the use of plugs (USB) protection Quote
Skepsis IT Posted May 20, 2015 Author Posted May 20, 2015 Hi,thanks for the answer. Actually I agree with you, but all those that you mentioned are very generic protection/security issues, that more or less anyone of us knows. What I was asking for is for a ready to go solution, not to implement it at my own. There is no time for that Moreover I finally found such a system, at nice price. I have use it at my VCL products already, I believe that it will work ok with unigui projects also. When I try it and I am sure that it works, no problem to share it with you (of course what is the product, not the product itself ). Quote
wilton_educasoft Posted May 20, 2015 Posted May 20, 2015 while running indicate here the solution you used and tell us your opinion Quote
Ron Posted May 24, 2015 Posted May 24, 2015 I also researched this a bit, and came across VCL components that do this, there was one in the JEDI library I think. Anyway, these components often come with lots of complexity, and it easily takes more hours to read and understand all that, than to create a simple solution, I suspected. So I made a simple solution, using an online activation concept, where I just run a simple HTTP GET towards the online DB, using a very small PHP script which checks username and password of the online account. If that exists, and the license is valid, then I store the username both in plain form and in encrypted form in the local DB (this was for desktop app in Lazarus), and always decrypt and check this on app startup. The user DB you already should have, the PHP script is like 20 lines, the client HTTP GET routine is very simple...and the only thing that takes a little time is writing the storing/reading with encrypt/decrypt, using some library, but anyway it boils down to 20 lines of code, and that is it. But you can make it even simpler, since this app runs online. Just do a HTTP GET every time the servermodule loads, and check license data - no need to store anything. if not HTTP-GET(licensedata)=OK then close; I guess the response should not be some static piece of data, as that could be hacked by changing hosts file and thus routing the request to some local fix, but encrypt some time varied data, send it and modify it and get it back and and then decrypt upon receipt - like the current date and time for instance. You can check this onstartup or as often as you like, or on specific routines. All you need is a modified encrypted response to your encrypted request, from your licensing server, and if you already have SSL setup then there is no need for extra encryption even. JUst a simple HTTP GET DB check. This assumes the customer is online constantly. If not, you can require the customer to be online for licensing only. Who would reject that, claiming that they can never be online? Hard to believe - since they probably found you online anway. I dont buy that - everybody can access the net for a little time to activate, unless you are in the middle of %¤&%¤ Amazon Jungle, but then this is such a special customer that he can pay big time and you need no protection, or he is working for secret intelligence and then also there is unlimited money in the black budgets. So I suggest, Keep It Simple, demand online activation, go SSL, do a simple HTTP GET check for license info on startup and thats it. 1 Quote
Skepsis IT Posted May 24, 2015 Author Posted May 24, 2015 I agree with you about the complexity that all those solution offer. The solution that I've selected works something like you described with online checking. Moreover if there is no problem with the forum I can state the name and url of it. Quote
chefdackel Posted May 31, 2015 Posted May 31, 2015 Moreover if there is no problem with the forum I can state the name and url of it. yes, please. Quote
Skepsis IT Posted July 2, 2015 Author Posted July 2, 2015 Well, after I used it with Unigui and working allright, the solution that I've used and recommended is http://www.trackmysoftware.com. I think is at a fair price for what it offers, and with good support. Quote
Abaksoft Posted July 3, 2015 Posted July 3, 2015 Hi, thank you skepsis. If i understand, the protection below requires knowledge customer's computer (serial ID,...) which does not conform to the web concept (universal client end user machine) ! I think a good way is a simple login form. See adragan topic #4 http://forums.unigui.com/index.php?/topic/5326-bad-customer-how-to-kill-his-vps-db-connexion/ Regards. Quote
Skepsis IT Posted July 4, 2015 Author Posted July 4, 2015 Hi,it matters the way that you want to distribute your software. For example if you want to deploy as an exe to a customer's pc that you don't have access then it is ok. But if you distribute software with a pay as you go model then adragan topic is more relative. Regards Quote
hany Posted November 5, 2018 Posted November 5, 2018 you can make small VCL to get pc serial and store it on db or send it to email. and call exe like this http://forums.unigui.com/index.php?/topic/3356-how-to-call-a-executable-file-on-server-side-within-unigui/ Quote
bahry Posted November 6, 2018 Posted November 6, 2018 I use WinLicense since very long time, and it is perfect for all cases exe & dll. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.