Java Update Available

TIP: NetScaler 10.5 uses HTML5 instead or JRE for most configuration features! Hooraaayyy! – link

On January 14 Oracle released Java Runtime Environment (JRE) 7 update 51. Just like previous updates the raised the security level which could potentially break existing applications. We saw the same when they released 7u45, back then I found a more constructive (but complex) solution to solve a problem where the GUI hanged at “Downloading Applet..

Citrix updated their NetScaler software to meet the requirements of Oracle on December 3rd (download, release notes) – I hope that back then you reverted to a more secure JRE. Unfortunately JRE 7u51 gave me again problems, this time the Java Applet could not be loaded.

Cannot load Applet

In the Java Console the following error is shown:

network: Connecting https://s-nsint-cl01-nsip:80/ with proxy=DIRECT
network: Connecting https://s-nsint-cl01-nsip/nitro/v1/config/auditnslogpolicy?rawdata=yes&view=detail&pageno=1&pagesize=4500 with cookie "drep=sys0; st_splitter=350px; is_cisco_platform=0; DEFAULT_LAUNCH_SCREEN_PATH="
liveconnect: Security Exception: LiveConnect (JavaScript) blocked due to security settings.

 

Fortunately Oracle did something brilliant (…like we didn’t have this in any browser since 1995…): you can now add sites to an exception site list!  Where the deployment rule set (as explained in my previous article) is intended for system administrators (heck, it’s freaking complex) the exception site list is for end users.

Add an exception

GUI

Adding an exception is as easy as 1-2-3:

  1. Open the Java Control Panel
  2. In tab Security click on Edit Site List
  3. Click on Add and type in the file:// or http(s):// URL

 

Java Control PanelException Site List

Alternatively you can lower the Security Level to Medium but I wouldn’t recommend that!

 

deployment.config

The exception site list is stored in a plaintext file making it easy to distribute to your users, The file is located in %userprofile%\Appdata\LocalLow\Sun\Java\Deployment\security\exception.sites.

https://s-nsint-cl01-nsip
https://s-nsint-cl02-nsip
https://s-nsdmz-cl01-nsip
https://s-nsdmz-cl02-nsip

Each exception is written in the file on a separate line, so a file containing multiple exceptions could contain the following content.

 

 

 

.

One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

en_USEnglish