I have JRE 8u211 installed on a Windows 10 box with IE 11. I can see the Java plugin (and plugin 2) are installed and enabled. I have the "Allow active content to run in files on my computer" option checked under Security. But I cannot get a Java applet to load. Every time the page loads, I get the "The page you are viewing uses Java" notification as if the browser thinks I don't have Java installed.
What am I missing?
Figured it out. I'd forgotten that IE traditionally doesn't seem to like x64 Java installs very much. Once I dropped a 32 bit version, everything worked.
In the perfect dream world where all software development makes use of current and best practices, applets might be dead. But in the actual world of legacy support, they are (unfortunately) still alive.
I second the comment by Elliot Fischer... However, there is still quite a lot of Hardware that is still being supported, or even potentially manufactured (sold for sure) that can only function with these Java applets.
I had this problem with my Motorola FX7400. Of course Motorola says it's "Service & Support Discontinuation Date" is 30.8.2019. Of course the latest firmware is from 2015 and doesn't have a hint of any type of certificate or signing of java applets!
For most applets that have not been updated since the very latest Java Security settings were upgraded in around 2013-2015 and which most likely are also only 32-bit and have no signing of any sort on them; Do the following steps. Of course, even I CANNOT RECOMMEND THIS METHOD AT ALL FOR APPLICATIONS RUN FROM THE INTERNET Also, you should take precautions when trying to use Java like this on Hardware you are not familiar with.
The steps that are required for Windows 7, 8.1 & 10 with Internet Explorer 11 are as follows:
Download and install latest JRE SE 32bit from here: https://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html (And yes, you need to give out your private data including address and phone number. You also need to pay for a license, if you are not a developer or a private user)
Start Internet Explorer 11 (64 bit seems to work fine)
Ensure ActiveX filtering is disabled Tools -> ActiveX filtering On my install disabling this was only necessary to be able to run the Java test from the "alternate page", which is marked "IE 11 users:": https://www.java.com/en/download/installed.jsp
Check that the Java plugin is enabled Tools -> Manage Add-ons
Check that your security zone has Scripting of Java applets enabled. On my IE11 it was enabled by default even for the Internet-zone set to Medium-High with protected mode on Tools -> Internet Options -> Security -> (select your appropriate zone) -> Custom level -> Scripting of Java applets
If the applet that needs to run is not properly signed (very likely...), it is required to set every single URL where an applet is run in to the exceptions. (As of writing this answer, at least wildcars for paths are working.)
When running the applet, accept the security exception prompts that Java prompts for.
And finally! For some reason there will at some point when loading an applet that previously loaded fine be a prompt about not being able to run the applet, because only applications that meet the very high security settings (signed applets) can be run. To get back to running again, Java's temporary files need to be removed. Restoring security prompts has no effect. Start Menu -> Configure Java -> General tab -> Temporary Internet Files -> Settings... -> Delete Files -> OK C:\Users\%username%\AppData\LocalLow\Sun\Java\Deployment\Cache -directory probably also works.
Security and prompts really have come far in the past 10 years, haven't they?
I jumped here searching for an answer that I found elsewhere and I would like to share.
According to my experience the problems of IEx64 with jre x64 are due to the fact that internet explorer tabs are 32 bit processes, so they work only if they find a 32 bit jre. There is a registry key to force IEx64 to open x64 tabs:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Dword TabProcGrowth set to 0
I heard it is considered a security flaw, but it can be accepted if IE is used only with well known legacy web applications.
About IEx64
In the folder
\Program Files (x86)\Internet Explorer
there is the 32 bit version and when you open a page in IEx64 it is actually displayed by an new instance of IEx86. You can check this using task manager, going on detail tab and looking at the application path.
Related
We are trying to download something from GE that uses Java to download when logging into the site. This is a windows 7 Professional PC. I have other computers that are able to do this successfully. Here is my order of operations:
Log into the site and select the file I want to download
Click download
It takes me to the page that says it will start in a few seconds but nothing happens. It is supposed to have a box that asks for Java to run.
I have reinstalled Java fresh and still nothing. Tried with multiple user accounts. Added the site to the list of exceptions in the firewalls and Java configuration. I have tried an earlier version of Java. This happens in Mozilla, Chrome and IE. I have made sure that the Java plugin shows up and is enabled. I just cant think of what I am missing. And since we are a contractor GE is not going to help us. Can anyone here think of anything?
Are you sure you have the Java plugin enabled? e.g. in Firefox, go to Settings, Plugins, and change Java Platform SE8 'Next Generation Java Plugin' to 'always activate'?
This sounds similar to the issues I had with Cisco WebVPN, Java-style. Once you have Java installed correctly and set as a plugin for any of the browsers you would like to use, see below.
Before you even start looking at browsers - if you think it is already set up correctly
Look at your Anti-Virus programs or anything else that could prevent it from working. McAfee Host Intrusion Protection is known to cause many Java programs to fail. Kapersky had issues, a while back, with Java on Windows (Java Applets not loading in Windows 8 ).
You must have a 64-bit browser to use 64-bit Java (also mentioned in the Chrome link below).
See below for any specific things that can be modified in the browser.
Chrome 43 is the more complicated browser to set up. They have a dedicated page with instructions.
How do I use Java with the Google Chrome browser?
Firefox 38 will prompt you.
In Internet Explorer 11, it's under Internet Options->Security. I recommend adding the hostname the applet is on as a Trusted Site (Select Trusted Sites and click the Sites button, then add the first part of the url). Click the Custom level button and make sure that Scripting of Java applets is not disabled.
If you still have problems with the applet:
Verify your Java version will work with the applet you are accessing
Verify the plugin is enabled for the browser through the Java Control Panel, which is available in Windows Control Panel, or on Mac/Linux, execute it from the JDK directory ($JAVA_HOME/ControlPanel ).
I ended up fixing the issue. I had to allow their UK site on the list for Java and enable the SSL 2.0 for HTTP in Java config as well
I use Java applets in my application, today I surprisingly saw the redirect from my page and the next message from java
In details I've read about Chrome dropping 'NPAPI' support
Recently, Google has revised their plans and now state that they plan
to completely remove NPAPI by late 2015. As it is unclear if these
dates will be further extended or not, we strongly recommend Java
users consider alternatives to Chrome as soon as possible. Instead, we
recommend Firefox, Internet Explorer and Safari as longer-term
options. As of April 2015, starting with Chrome Version 42, Google has
added an additional step to configuring NPAPI based plugins like Java
to run — see the section Enabling NPAPI in Chrome Version 42 and later
below.
So will it be handled by Java somehow or it is the death of my applet in the next year ?
As of Chrome Version 42, an additional configuration step is required to continue using NPAPI plugins.
In your URL bar, enter:
chrome://flags/#enable-npapi
Click the Enable link for the Enable NPAPI configuration option.
Click the Relaunch button that now appears at the bottom of the configuration page.
So will it be handled by Java somehow ..
If they found a way, that would be a bug in Chrome (that would quickly be fixed).
..or it is the death of my applet in the next year ?
Yep. Not that they were really that 'healthy' for a long time now.
Java applets are not dead. There are a lot of intranet web applications that use them, for instance, for digital signature with applet-javascript-web page interaction. Other option is migration to Firefox.
I saw a demonstration that A Plugin written in Pepper API (PPAPI) can launch an executable and communicate with it. Oracle says at here " This change does not affect Web Start applications, it only impacts applets." But the problem is that browser downloads jnlp file but doesn't launch it. User has to click that jnlp file (of course .jnlp file association should be OK).
I think Oracle write a plugin to launch Web Start application and communicate with it for sending cookie etc. If It is written Applets can convert to Web Start applications with less effort.
I am trying to run a small applet in my Chrome window, but am getting the error message.
I do see all the replies telling me to change my security to medium, but that option does not exist in version 8. So far several hours of googling and asking help from classmates has brought no progress.
Can anyone suggest something please?
Medium was removed in Java 8u20:
Medium (removed from Java 8 Update 20 and later versions)
Only unsigned applications that request all permissions are blocked. All other applications are allowed to run with security prompts. Selecting the Medium security level is not recommended and will make your computer more vulnerable should you run a malicious application.
Keep in mind, this only applies to unsigned applets that request all permissions.
What to do
To run these applets, you now must add the site to the exception list under the Security tab when you access your Java settings from the Control Panel.
If the applet is not on a website, you must use the applet viewer, which allows you to run applets outside of a browser
Is there a way to point to a specific JRE/JDK location to run a JWS application? I'm looking into specifying the actual location of the JRE, not only it's version via Java SE element of JNLP file. I dont want to access any system JRE, I only want to use whats bundled with my application.
Currently I am trying to bundle 1.6_45 with my app. However I am encountering issues when a user has 1.7_xx JRE installed on their system. It blocks the launch of the webstart application. The jars are self signed and getting them signed by a CA authority is not an option as it is too $$. I changed the j2se version tag in my jnlp to say 1.6* and this allowed it to run with 1.7_xx present. One bug squashed.
Now the issue is that systems are being upgraded to 1.6_71 [private oracle version], that apparently has some 1.7 security fixes backported in it. So now because of the jnlp tag having 1.6*, my app is picking up 1.6_71 and completely hanging. Webstart just opens the java console and hangs. I tried adding -Djnlpx.home to the jnlp java-vm-args, pointing to the bundled jre/bin, but no luck there.
One way I tried [from a post here on SO] is that I created a shortcut to my particular javaws passing the jnlp file location as a parameter. This did not work. It still picked up 1.6_71 and hung.
At this point, if I google anymore, its going to start showing me a captcha...sigh.
Any pointers are greatly appreciated! Thanks!
Is there a way to point to a specific JRE/JDK location to run a JWS application?
Short answer, no. Long answer, nope.
Oracle's latest release of Java 7 Update 51 includes new security changes that will block some applications. This is the new "security baseline" and there is apparently an equivalent code level for 1.6.
One of the configuration options that helps determine what exactly happens is the Security Level, found in the Security tab from (Windows) Control Panel -> Java. If you set the security level at it's lowest (can't remember the name) then you might not get blocked. Security level High will block unsigned and self-signed. Security Level Very High will be even more restrictive, like blocking an expired application - meaning the certificate has expired.
Also, maybe you could try setting the specific level of the JRE you want to run - see the link
http://docs.oracle.com/javase/6/docs/technotes/guides/javaws/developersguide/syntax.html#jnlp
for more info.
I am using the Sentinel EMS from Safenet. The local tomcat6 website uses the java applets for their hardware key management. I installed the latest jre7 u45 from java.com. My problem is the java applets are taking too much time to load in an offline environment (applet shows the progress bar about 8 - 10 minutes). When the machine is connected to internet, the applets will load in less than 1 minute. Is there any setting to change the behaviour of java or is it a problem of tomcat?
Note:The safenet people replied it is the problem of jre installation and I need to re-install. I did re install 2-3 times, but no chance to rectify the problem.
I think there is some gap in communication . I am trying to answer your question below, hope this helps
Certificate verification is recommended by JAVA since JRE 7 update 25 for security reasons, you can visit http://www.java.com/en/download/help/revocation_options.xml
There is a Workaround which is not recommended by Java
Open Control Panel
Open Java
Goto Advance Settings
Find "Perform certificate revocation checks on"
Select "Do not check (Not Recommended)"
Click Ok
After this restart all Browser instances
Note :- For Intranet or Localhost you can use this workaround as you know that certificates are valid, but for internet please revert back to default settings
I am from Safenet QA