In addition to my previous post about deploying the JIS Java client using Java 1.7.0_21 here are more answers to questions we received:
Q: What is the procedure for packaging application specific class files and resources into signed Jar files ?
A: In a nutshell the procedure is as follows:
- Using the Jar utility provided with the Java JDK, package a Jar file of the application classes and resources while maintaining the existing folder structure.
- Create a proper manifest file.
- Using the JarSigner utility provided with the Java JDK and using a digital certificate obtained by your organization, digitally sign the Jar files.
- Update the Archive attribute of the Applet tag of you launcher Html page to load the signed Jar files.
- Update your runtime installation to remove the individual class and resource files already packaged into the Jar files so that they won’t override the resources in the signed Jar files.
Q: How difficult is it to implement this procedure in my application using my existing JIS version ?
A: After trying this procedure in the lab and talking to some of our customers we realized that this is not a simple procedure to implement. Especially to implement it as part of a runtime installation procedure and not as one time effort. Therefore we decided to implement this procedure as part of the new runtime installation procedure we are introducing in the upcoming JIS 9.2.1 release.
Q: When are you planing to release JIS 9.2.1 ?
A: Q1 2014.
Q: What would be required in order to implement the packaging procedure you are planing to introduce in V9.2.1 ?
A: CA approved digital signature certificate and configuring several ini settings. We’ll do the rest for you.
Q: What should I do until JIS 9.2.1 is released ?
A: Train your users to accept the browser warning.
Q: What if my users are locked out of the application when using Java 1.7.0_25 ?
A: There are several reasons for this, we recommend that you open a support ticket if this occurs.
Q: Since upgrading to Java 1.7.0_25 we are getting new warnings in the Java console, why ?
A: The warnings related to the new Codebase and Permissions manifest attributes introduced in Java 1.7.0_25 will be addressed in JIS 9.2.1.
You can read more about it at: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/no_redeploy.html
Q: When starting a new session I’m getting the following message “Your security settings have blocked an application from running with an insecure or expired jre.”, what is the reason for this problem ?
A: When using both 32 and 64 bit Java Runtime on the same machine. The 32 bit version is loaded by the 32 bit IE instance while the 64 bit one by IE 64 bit. If one of these versions is updated to Java 1.7.0_25 and the other is not (usually the 32 bit is updated by the automatic download), you’ll get this message when launching the out of date JRE. Manually update the problematic JRE by downloading the latest version of Java SE from the Oracle web site to solve this problem.