Protecting containerized applications (e.g. in docker) is similar in many ways to non-containarized applications. The major difference is that, in most cases, there is no reliable way to uniquely identify an instance. And even if it would be possible to identify them, it might not be desirable since oftentimes containers spin up and down very frequently.
More specifically, the challenge from a software licensing perspective is to prevent end users from exceeding the maximum number of concurrent instances.
Solution
The general solution to restrict the number of concurrent users is to use a floating license model (allows to restrict how many instances can run concurrently) and generate a random identifier upon application start (i.e. not relying on any OS information).
If your clients will have an internet connection, your application can call the Cryptolens API directly as described here. In this case, Cryptolens will be responsible for keeping track of all active instances.
If your clients will be offline, they can install a local license server that will keep track of all instances. A tutorial on how it can be setup can be found here.
If you would have any questions or need advice on how to protect containerized applications, please reach out to us at [email protected].
This post is a continuation of Licensing software to customers with thousands of employees (B2B) where we talked about common issues that might arise when licensing software to larger clients. In this post, we will focus on the case when your clients do not have internet access (e.g. hospitals) or where you would like to have more control over who can use your software within the client company.
Use cases
Specifically, we will explore the following cases:
Controlling who can activate: Typically, new devices are activated automatically, until the maximum number of machines is reached. However, you might not want that to happen, especially if you sell to a specific department in the company and don’t want users from other departments to use the software.
Companies with no internet access: When your clients don’t have internet access, the solution is to send them a license file where all devices are already activated. However, this quickly becomes problematic if there are thousands of employees whose device needs to be activated.
Solution
Both of the cases above share a common problem: gathering machine codes from a large number users and then activating them from your end.
Gathering machine codes from all employees
To gather machine codes (aka. hardware ids) from all employees, Customer IT needs to run a special batch script. We have prepare one that can be downloaded here. Typically, your client will use a system similar to Microsoft SCCM, which allows the customer IT to run a script on all computers and collect the result.
Activating multiple devices at once
Once the customer IT has collected all the machines, they can send the file with all the results to you. Our script will compute both the machine code and a device name (to make it easier for customers to differentiate between different activations). The can then be activated on the following page.
It is now possible to integrate your FastSpring store with Cryptolens. This integration allows you to automatically issue licenses to your customers upon a successful payment in your FastSpring store. You can read more on how to get started in the following tutorial.
Since the end of last year, we have made the reseller portal generally available for all users. We would like to thank all our beta customers for their feedback during the development process.
Idea
The goal behind the reseller portal is to allow you to delegate license issuance rights to other users. This can be your resellers/distributors, IT-admins of your customers or your employees. In other words, “reseller” can be any user that should only be able to create specific amount of new licenses based on a pre-defined template.
The reseller portal also introduces new logging capabilities. All events related to new licenses, customers, etc, are stored in the object log. Thanks to this log, you can, for instance, bill your resellers or customers only when they have successfully created a new license.
Getting started
Once you have created a new account, the reseller portal will be available in the top menu. If you are an existing customer, you can enable it on the billing page. As the next step, we recommend to check out the wiki page for more information.
Autodesk® Revit is a powerful building information software, which allows developers to extend its functionality through plug-ins that can be written in either Python or .NET. In order to monetize your plugin, we need to implement a license verification mechanism and a way to accept payments from prospective customers.
License verification
Python plugins
If your plugin is written in Python, you can use the Python2 version of our Python client. A simple license verification can be performed with the code below (your specific parameters can be found here):
from cryptolens_python2 import *
HelperMethods.ironpython2730_legacy = True
pubKey = "<RSAKeyValue><Modulus>sGbvxwdlDbqFXOMlVUnAF5ew0t0WpPW7rFpI5jHQOFkht/326dvh7t74RYeMpjy357NljouhpTLA3a6idnn4j6c3jmPWBkjZndGsPL4Bqm+fwE48nKpGPjkj4q/yzT4tHXBTyvaBjA8bVoCTnu+LiC4XEaLZRThGzIn5KQXKCigg6tQRy0GXE13XYFVz/x1mjFbT9/7dS8p85n8BuwlY5JvuBIQkKhuCNFfrUxBWyu87CFnXWjIupCD2VO/GbxaCvzrRjLZjAngLCMtZbYBALksqGPgTUN7ZM24XbPWyLtKPaXF2i4XRR9u6eTj5BfnLbKAU5PIVfjIS+vNYYogteQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>"
res = Key.activate(token="WyIyNTU1IiwiRjdZZTB4RmtuTVcrQlNqcSszbmFMMHB3aWFJTlBsWW1Mbm9raVFyRyJd",\
rsa_pub_key=pubKey,\
product_id=3349, key="ICVLD-VVSZR-ZTICT-YKGXL", \
machine_code=Helpers.GetMachineCode())
if res[0] == None or not Helpers.IsOnRightMachine(res[0]):
print("An error occurred: {0}".format(res[1]))
else:
print("Success")
license_key = res[0]
print("Feature 1: " + str(license_key.f1))
print("License expires: " + str(license_key.expires))
C# or VB.NET
If your plugin is either written in C# or VB.NET, you can use our .NET library instead. To add it to your project in Visual Studio:
Right click on your project in the Solution Explorer and click on Manage NuGet Packages.
Add the code-snippet form this page in the code where the plugin loads for the first time.
Accepting payments
One way to sell an Autodesk Revit plug-ins is by publishing them in the Autodesk App Store, where a basic licensing mechanism is already provided. The problem with this approach is that the licensing models available are quite limited (eg. you can only charge your customers once for the plug-in and they will be able to use it in perpetuity). For instance, selling your plug-in as a service (subscription model) is not supported.
A better approach is to still publish your plug-in in the Autodesk App Store and set it to be a free app. You can then ask your customers to get a separate license key to be able to unlock all features.
You can read more about various ways of selling your software in our help pages. I would also recommend to check out the available licensing models.
If you have any questions, please feel free to reach out!
Python can be used to develop a variety of applications, either as plugins (eg. for Discord, AutoCAD, Autodesk Maya, etc) or standalone applications. In this post we will focus on how to monetize a standalone Python application.
Let’s say you have developed a Python application that classifies images (eg. using tensorflow or pytorch). To start selling it, there are just three things we need in place:
Code obfuscation – to ensure that no one can reverse engineer the application.
License verification – to ensure that customers need a license key before they can use the application (eg. so that you can restrict which features they can use and how long the license is valid).
Webshop – so that customers can obtain a license key to unlock functionality.
Code obfuscation
To obfuscate your application, multiple tools can be used. You can either use packages such as pyarmor that are made to obfuscate Python code or open source tools such as pyinstaller in combination with cpython (for most sensitive code).
License verification
A license key can be easily verified using the code below. You can find more information about the parameters here.
from licensing.helpers import Helpers
from licensing.models import Response, RSAPublicKey
from licensing.methods import Key
pubKey = "<RSAKeyValue><Modulus>sGbvxwdlDbqFXOMlVUnAF5ew0t0WpPW7rFpI5jHQOFkht/326dvh7t74RYeMpjy357NljouhpTLA3a6idnn4j6c3jmPWBkjZndGsPL4Bqm+fwE48nKpGPjkj4q/yzT4tHXBTyvaBjA8bVoCTnu+LiC4XEaLZRThGzIn5KQXKCigg6tQRy0GXE13XYFVz/x1mjFbT9/7dS8p85n8BuwlY5JvuBIQkKhuCNFfrUxBWyu87CFnXWjIupCD2VO/GbxaCvzrRjLZjAngLCMtZbYBALksqGPgTUN7ZM24XbPWyLtKPaXF2i4XRR9u6eTj5BfnLbKAU5PIVfjIS+vNYYogteQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>"
res = Key.activate(token="WyIyNTU1IiwiRjdZZTB4RmtuTVcrQlNqcSszbmFMMHB3aWFJTlBsWW1Mbm9raVFyRyJd",\
rsa_pub_key=pubKey,\
product_id=3349, key="ICVLD-VVSZR-ZTICT-YKGXL", machine_code="test")
if res[0] == None:
print("An error occured: {0}".format(res[1]))
else:
print("Success")
Webshop
When you have obfuscation and license verification in place, we need a way for customers to be able to order a license key. If you already have Stripe, you can use the recurring billing module, which acts like an interface for plans defined in your Stripe account. In other cases, you can either use payment forms or a different platform (please read more here).
A recent addition to the platform is the ability to sign up customers automatically to the customer portal. Instead of creating a customer manually or through the API, you can publish a generic link that will automatically register a customer with your account. This link can be found on the customer page.
In addition to allowing your customers to see their current licenses, the customer portal gives them the option to order new licenses as well as use their login credentials instead of the license key when unlocking your software. We will cover each case below.
Why customer portal?
Listing licenses
When you assign licenses to a customer account, your customers will be able to see all their licenses and their properties, such as the set of features they are entitled to and when they expire.
Recurring payments
If you have set up Stripe with your account, you can allow your customers to sign up for a plan in the customer portal and get instant access to a valid license key. They can also easily manage their subscriptions. You can read more about how you can get started here.
User account authentication
Instead of using a license key, you can allow your customers to authenticate using their login credentials. Cryptolens has developed a state-of-the-art protocol that preserves the privacy of your customers (more information about the protocol can be found here). You can read more on how to get started here.
When developing apps, you will likely need to store some metadata. This can either be specific to a certain user or be shared among all users.
Data objects offer an easy way of managing metadata either on the product, license key or machine code level. They are quite useful since it’s easy to change them as your application evolves and user-specific data will stay the same across all devices.
In this article, we will cover data objects associated with a product.
Editing metadata
To add or edit data objects on the product level, you can click on the Data Objects link as shown below:
On the next page, you can either add or edit existing data objects. The names are case-sensitive and duplicates are not allowed.
Retrieving metadata on app start
Let’s assume our application needs to obtain the currently supported DOTNET_RUNTIME (which we defined in the previous step). This can be accomplished with the code below (the project files are available here).
To get it up and running, we need to specify an access token and modify the ReferencerId. The access token needs to have the “ListDataObjects” permission checked and we also strongly recommend to specify the product it should work with. The ReferencerId should be the Id of the product.
var systemSettings = Data.ListDataObjects("access token", new ListDataObjectsModel
{
ReferencerType = DataObjectType.Product,
ReferencerId = 3349, // <- the product id
});
if(!Helpers.IsSuccessful(systemSettings) || systemSettings.DataObjects == null)
{
Console.WriteLine("Could not retrieve the settings.");
}
var settings = systemSettings.DataObjects.ToDictionary(x=> x.Name, x => x);
if(settings.ContainsKey("DOTNET_RUNTIME"))
Console.WriteLine(settings["DOTNET_RUNTIME"].StringValue);
What’s next?
In the future tutorials we will describe how you can store user specific information. In meantime, let us know if you have any questions 👍
In the beginning of the year, we looked at licensing for Autodesk AutoCAD. Today, we are announcing support for another Autodesk product, Maya. Similar to AutoCAD, Maya allows you to develop plug-ins, and in this post we are going to cover how licensing works if you plan to sell them.
Adding software licensing library
Maya supports Python 2 for plugin development. To add license verification, only two things are necessary:
To make it easier to create licenses of a common type, we have introduced a new feature called license template. In short, it’s a way to save license configurations (eg. features, set time, maximum number of machines) so that they can be re-used later.
It’s quite easy to get started. To save a license configuration, you can click on Save as Template button on the key creation page. This will re-direct you to a new page where you can provide a name for that configuration. Next time you want to generate a license from this configuration you can select it in the drop down list and click on Create button next to it.
We are always happy to hear your feedback or help you in case you have any questions 🙂
Loading Comments...
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok
