I clearly remember Railo offering not only Railo archive (.ra) files, but also a secured (encrypted) version, which had the extension .ras instead of .ra.
This was for when you didn’t want recipients/users of an archive to be able to just pull it into any ZIP program and look at the contents easily. For example, code you were selling and didn’t want reverse-engineered, other sorts of sensitive code, or similar situations where you wanted people to be able to use the code in the archive (via a mapping), but you didn’t want them to be able to (easily) see or read it.
I find no equivalent in Lucee. The admin lets you make Lucee archive (.lar) files, but there’s no apparent secure option (which would be a .lars file extension, I assume).
I’d really love to have this functionality. It’s a big step down from Railo which had it, and it’s very useful!
Am I missing something? Does Lucee have this capability and it’s just not mentioned in the admin (or anywhere on the web that I could find), or something?
I did find a commercial product that is apparently distributed as a .ras file and the instructions say to assign it to a mapping in Lucee (yes, Lucee not Railo), so can Lucee still use “legacy” Railo .ras files? If so, how can I make a new .ras file for Lucee to use? Please don’t tell me I have to use an old Railo version to make one, that’d be silly!
Also, in Railo and in Lucee (if it does support it), what’s the mechanism of securing the file? Does it use ZIP encryption (which if I remember right is weak), or some other, better method? Is a password needed when creating the secure archive file? How does it work behind the scenes?
Can anyone give me answers? Thanks guys! Here’s my stack info:
OS: Linux (5.4.59) 64bit
Java Version: 11.0.11 (AdoptOpenJDK) 64bit
Tomcat Version: Apache Tomcat/9.0.11
Lucee Version: 22.214.171.124