Restricting client JRE

My application is configured to use j2se1.5.0_15 using <j2se version="1.5.0_15" .../> in the JNLP file.
Client machine having two JREs 1.5.0_15 and 1.6.x installed. When client is trying to access my application, the client machine's java web start using the JRE 1.6.x. But I want make sure that the client should use JRE 1.5.0_15 only eventhough the client have multiple JREs installed in his/her machine.
I want to do it programmatically without using Java-plugin to enable/disable JRE manually.
Aresponse is higly appriciate.

AFAIK jnlp gets always downloaded/managed by default JRE, then you get the JRE you specified to run your application.
Are you sure you're running on 1.6, did you print the java version?

Similar Messages

  • Restrict client request to site by IP address. If the request is?

    Hi all,
    I have a requirement like as follows.
    Requirement:
    Restrict client request to site by IP address. If the request is from specific IP address. I mean here standard bloack address (Eg: 127.0.0.1,default subnet mask...)
    I am looking for alread predefined method from java libs....Can please any one help on this issue.
    regards
    prasad.nadendla

    Use a SecurityManager and a .policy file that only grants SocketPermissions for the required hosts.

  • How can I use charsets.jar without installing it in the client JRE?

    Hi! I've an applet that needs to do some CP850. Since many of the clients are from english speaking countries, they do not have the appropriate JAR that supports the CP850 encoding. Now, I have the charsets.jar which has this encoding. If I install it in the client jre/lib/ext folder, my applet works perfectly, but I don't want to do that. Instead, I want the applet to read it from its own jar or, including the charsets.jar in the archive parameter. I have tried both, adding the whole of charsets.jar to my applet jar using jar -xc dependences\charsets.jar, and also, by putting it in the archive parameter of the applet. None of them works, and I don't know why. If someone can tell me why it didn't work, and how can I make it to work, I'll be very thankfull.
    I've been trying also to use a URLClassLoader, but here I got access exceptions:
    URL urlCharsets = new URL("http://url.com/jars/charsets.jar");
    URL[] urls = {urlCharsets };
    URLClassLoader classloader = new URLClassLoader(urls);
                        classloader.loadClass("sun.io.ByteToCharCp850");Security Access exception here... and the charsets.jar that I'm loading IS signed. No idea what to do here.
    Best regards and happy new year!
    Message was edited by:
    obirenokenobi

    Hi,
    Assuming your applet jar and the charset jar are ine the same location on your
    server, I'll suggest to use this:
    <applet code="myapplet/myapplet.class" archive="myapplet.jar,charset.jar" height="400" width="550"></applet>Hope that help,
    Jack

  • Batch upgrading client JRE's over Windows network

    Does anyone know of a tool or method that can be used to force/exert upgrade of windows client JREs on all machines within a domain/network? This prob won't be anything to do with java, and rather it will most likely be a admin tool used to rollout any application over windows networks. Just thought someone might have used it for java.

    You can use the login script, SMS, Zenworks, Footprint, Altiris, Orbiter, AD policies, Managesoft, or any other systems management software. Some of these are better suited for large organizations but others work well within a smaller group. Talk to your systems/network administrator? They can't all be rabid.
    The key is to create a completely silent installation. Here's the install string for jre 1.4.2_01. If you paste this into a command prompt (ensuring that your either use the full path to the exe file, or make that directory active), it will install silently with all defaults. Using one of the tools above, you can update every machine in your organization.
    j2re-1_4_2_01-windows-i586.exe /S /V"/qr /l %LOGDIR%\J2RE-1.4.2_01\JRE142.log REBOOT=SUPPRESS ALLUSERS=1"
    Make sure the %logdir% is created prior to running this string.
    Hope this helps,
    Margaret

  • Jar file for multiple client JRE version

    I have two jar file. Fjtable.jar & fjtable16.jar
    fjtable.jar is for clients those who are using JRE 1.5 & fjtable16.jar is for jre 1.6 version client Users.
    both the jar file i have given in
    In formsweb.cfg :
    Archive = fjtable.jar , fjtable16.jar
    But this give error when accessing forms for those jre1.5 users.
    Exception in thread "AWT-EventQueue-2" java.lang.UnsupportedClassVersionError: Bad version number in .class file
    How do i give a condition in formsweb.cfg, if client java is jre1.5 then use fjtable.jar else use fjtable16.jar.

    It's used in the page that calls the Forms configuration with the correct jars : this should tell you which JRE your client is on and can be adapted for your config:
    <html>
    <body>
    <table width="100%">
    <tr><td>Click on the link below to run your app:
    <script src="http://www.java.com/js/deployJava.js"></script>
    <script>
        var version = '1.6' ;
        if (deployJava.versionCheck(version)) {
          document.write("<a href=\"http://myhost.local/forms/frmservlet?config=app16\">MyApp v1.6</a>");
        } else {
          document.write("<a href=\"http://myhost.local/forms/frmservlet?config=app15\">MyApp v1.5</a>");
    </script>
    </td></tr>
    </table>
    </body>
    </html>PS. Thanks Francois I'm sure this'll come in useful at some point know how to do this :)
    Steve

  • Checking Client JRE version

    This problem is killing me! I need to check what version the
    client's JRE is so that they can download and run my app from my web server. They need JRE 1.4.1, and if they don't have it, I want to redirect (potentially) to a page I will create that will inform them of the requirements. (The client will never have admin rights, so can't install it directly from Sun)
    I've looked at Jsp and applet solutions but can't get anywhere with it. Does anyone have any ideas on getting around the security issues?
    To clarify a bit more, I can have code in the applet to check the
    version on the client (jsps will only check the server version) ---
    String value = System.getProperty("java.specification.version");
    if (value == "1.4.1") {
    continue and go to a http page -- but can't redirect from an applet
    else {
    redirect to an error page or inform the server somehow so I can
    redirect the browser.
    Any way I can redirect a http page somehow from an applet?
    Or set a property in the server which could be read elsewhere...
    elpico

    use Applet.getAppletContext() to get the AppletContext that represents the page currently displayed by the browser.
    then do AppletContext.showDocument(URL�url) to redirect to another page.
    AppletContext currentPage = this.getAppletContext();
    String value = System.getProperty("java.specification.version");
    if (value == "1.4.1")
    //OK -> continue.htm
    currentPage.showDocument(new URL("http://localhost/continue.htm"));
    else {
    //ERROR -> error.htm
    currentPage.showDocument(new URL("http://localhost/error.htm"));
    }thx for the dukes ;),
    elchaschab

  • Restrict client web access by network port?

    I have a set of Mac OS X 10.6.5 client systems that are connected to both ethernet and wireless networks. I need to restrict internet access while the clients are connected to the ethernet connection and allow unrestricted access while on the wireless network.
    I currently ask that the users turn on/off AirPort (highest priority network) to change to the ethernet network, but they obviously forget
    I do not have total control over the networks themselves, but it occurred to me that I may be able to use a local Mac OS X 10.6.5 server as a DNS server that could be used in the ethernet configuration on the client machines; and perhaps THAT could redirect traffic to any other domains to an error page.
    I only want the clients (while connected to the ethernet network) to be able to visit "http://approved-domain.com" or any of the various "http://*.approved-domain.com sub-domains that exist.
    Again, I know it would be easier with control of the network/router itself, but I don't and am hoping for a workable solution without it.
    A whitelist through a DNS server seemed like a good idea. Is it possible? How might I set it up?

    The wired network only really needs to access http://aproved-domain.com and all other types of traffic are fine for the wireless network
    Oh, well that's radically easier - there may be no need to go to huge lengths here, and users can leave both links active if it's setup correctly - the OS will automatically choose the wired link for approved-domain.com and the wireless link for everything else.
    The simplest solution is just DNS - assuming that the approved-domain.com addresses are on the same LAN subnet as the client's ethernet port all you need to do is setup DNS such that it hands out the LAN address of those services and you're done.
    You see, whenever the client tries to access a server it looks at the destination IP address to work out how to get there. The first thing it checks is whether the IP address is on the same subnet as a link on the client itself. if it is, then the connection uses that link. If it isn't then it checks to see if it has a static route for the target IP address, and if that fails it sends it to the default gateway address (that's why it's called the default gateway - all traffic that doesn't have a more direct route will take that path).
    So as long as your DNS server hands out the LAN address for approved-domain.com there shouldn't be anything more you need to do. Do you have any control over the DNS server for your LAN? or can you change your LAN clients to use a different DNS server that you do control? Those will be important elements in using DNS to manage this setup.

  • Restrict clients from a distribution Point

    Is there any way to restrict distribution points to clients from a particular limiting collection or at least change the priority of a distribution point used?

    Our organization has several entities that provide support desktop. Central IT provides core services support such as networking, directory services and email services to the entire organization.  Central IT also provides Desktop support to a large
    portion of our organization.  We offer the entities of our organization that have their own desktop support use of our tools such as SCCM.  It is configured with collection limiting to limit access to each entities OU so that the admins can administer
    the machines in their ou and that's it.  We also allow them to use the content, i.e. Applications, programs, task sequences etc that we (Centeral IT) create.  In some cases the admins distribute our content to their Distribution points.  I am
    noticing that this causes some of our deployments to use their distribution points for content and not ours.  We don't have a very clear cut IP configuration to break out each entities with their own boundary group.  I just want our clients to use
    our distribution points because with they use other distribution points, we are noticing slowness in deployments such as OSD.

  • How to restrict clients download rate

    Hi everbody,
    i was looking for some time but i couln't even found a old threat. maybe somebody can give me a hint. i have a mac with a timecapsule. and another 2 pc's using the internet via airport (timecapsule). now i'd like to restrict the possible download rate for these two pc`s. how do i do it? can anybody help me.
    cheers

    There is no configuration option on the Time Capsule nor any of Apple's base stations to do something like this.

  • Client JRE Requirement for Portal 9.0.2.6

    I would like to know what the minimum Java Runtime Environment requirement on the client machine is for using Oracle 9iAS Portal 9.0.2.6 and 9.0.4 (10g). I have searched on OTN but to no avail. Does Oracle recommend the Microsoft JVM or the Sun JVM (e.g., Java 1.4.1._02)?
    Thanks,
    Kendra

    Here you find certification information on the Oracle Application Server.
    Peter

  • What can i do to restrict client switching between AP's

    Hello Community.
    Problem is in one office if the client is exact in the middle of the two AP's the clients jumps from one AP to another all the time if he moves one step to right or one step to the left. How do i change these ap switching sensing ? The client uses a WLAN phone and during the AP's switch he get a little noise on the phone.
    Thanks for your help and best regards

    The APs are on differenet channels because of DCA, the power level where on Automatic "1" i set the power level in TPC from Automatic to fixed "2".
    The show wlan:
    WLAN Identifier.................................. 1
    Profile Name..................................... internet
    Network Name (SSID).............................. internet
    Status........................................... Enabled
    MAC Filtering.................................... Disabled
    Broadcast SSID................................... Enabled
    AAA Policy Override.............................. Disabled
    Network Admission Control
      Client Profiling Status ....................... Disabled
       DHCP ......................................... Disabled
       HTTP ......................................... Disabled
      Radius-NAC State............................... Disabled
      SNMP-NAC State................................. Disabled
      Quarantine VLAN................................ 0
    Maximum number of Associated Clients............. 0
    Maximum number of Clients per AP Radio........... 200
    Number of Active Clients......................... 17
    Exclusionlist Timeout............................ 60 seconds
    Session Timeout.................................. 64800 seconds
    User Idle Timeout................................ 300 seconds
    --More-- or (q)uit
    User Idle Threshold.............................. 0 Bytes
    NAS-identifier................................... WLC01
    CHD per WLAN..................................... Enabled
    Webauth DHCP exclusion........................... Disabled
    Interface........................................ management
    Multicast Interface.............................. Not Configured
    WLAN IPv4 ACL.................................... unconfigured
    WLAN IPv6 ACL.................................... unconfigured
    mDNS Status...................................... Enabled
    mDNS Profile Name................................ default-mdns-profile
    DHCP Server...................................... Default
    DHCP Address Assignment Required................. Disabled
    Static IP client tunneling....................... Disabled
    Quality of Service............................... Silver
    Per-SSID Rate Limits............................. Upstream      Downstream
    Average Data Rate................................   0             0
    Average Realtime Data Rate.......................   0             0
    Burst Data Rate..................................   0             0
    Burst Realtime Data Rate.........................   0             0
    Per-Client Rate Limits........................... Upstream      Downstream
    Average Data Rate................................   0             0
    Average Realtime Data Rate.......................   0             0
    Burst Data Rate..................................   0             0
    --More-- or (q)uit
    Burst Realtime Data Rate.........................   0             0
    Scan Defer Priority.............................. 4,5,6
    Scan Defer Time.................................. 100 milliseconds
    WMM.............................................. Allowed
    WMM UAPSD Compliant Client Support............... Disabled
    Media Stream Multicast-direct.................... Disabled
    CCX - AironetIe Support.......................... Enabled
    CCX - Gratuitous ProbeResponse (GPR)............. Disabled
    CCX - Diagnostics Channel Capability............. Disabled
    Dot11-Phone Mode (7920).......................... Disabled
    Wired Protocol................................... None
    Passive Client Feature........................... Disabled
    Peer-to-Peer Blocking Action..................... Disabled
    Radio Policy..................................... All
    DTIM period for 802.11a radio.................... 1
    DTIM period for 802.11b radio.................... 1
    Radius Servers
       Authentication................................ Global Servers
       Accounting.................................... Global Servers
          Interim Update............................. Disabled
       Dynamic Interface............................. Disabled
       Dynamic Interface Priority.................... wlan
    Local EAP Authentication......................... Disabled
    --More-- or (q)uit
    Security
       802.11 Authentication:........................ Open System
       FT Support.................................... Disabled
       Static WEP Keys............................... Disabled
       802.1X........................................ Disabled
       Wi-Fi Protected Access (WPA/WPA2)............. Enabled
          WPA (SSN IE)............................... Disabled
          WPA2 (RSN IE).............................. Enabled
             TKIP Cipher............................. Disabled
             AES Cipher.............................. Enabled
                                                                   Auth Key Management
             802.1x.................................. Disabled
             PSK..................................... Enabled
             CCKM.................................... Disabled
             FT-1X(802.11r).......................... Disabled
             FT-PSK(802.11r)......................... Disabled
             PMF-1X(802.11w)......................... Disabled
             PMF-PSK(802.11w)........................ Disabled
          FT Reassociation Timeout................... 20
          FT Over-The-DS mode........................ Enabled
          GTK Randomization.......................... Disabled
          SKC Cache Support.......................... Disabled
    --More-- or (q)uit
          CCKM TSF Tolerance......................... 1000
       WAPI.......................................... Disabled
       Wi-Fi Direct policy configured................ Disabled
       EAP-Passthrough............................... Disabled
       CKIP ......................................... Disabled
       Web Based Authentication...................... Disabled
       Web-Passthrough............................... Disabled
       Conditional Web Redirect...................... Disabled
       Splash-Page Web Redirect...................... Disabled
       Auto Anchor................................... Disabled
       FlexConnect Local Switching................... Disabled
       flexconnect Central Dhcp Flag................. Disabled
       flexconnect nat-pat Flag...................... Disabled
       flexconnect Dns Override Flag................. Disabled
       FlexConnect Vlan based Central Switching ..... Disabled
       FlexConnect Local Authentication.............. Disabled
       FlexConnect Learn IP Address.................. Enabled
       Client MFP.................................... Optional
       PMF........................................... Disabled
       PMF Association Comeback Time................. 1
       PMF SA Query RetryTimeout..................... 200
       Tkip MIC Countermeasure Hold-down Timer....... 60
    AVC Visibilty.................................... Disabled
    --More-- or (q)uit
    AVC Profile Name................................. None
    Flow Monitor Name................................ None
    Call Snooping.................................... Disabled
    Roamed Call Re-Anchor Policy..................... Disabled
    SIP CAC Fail Send-486-Busy Policy................ Enabled
    SIP CAC Fail Send Dis-Association Policy......... Disabled
    KTS based CAC Policy............................. Disabled
    Assisted Roaming Prediction Optimization......... Disabled
    802.11k Neighbor List............................ Disabled
    802.11k Neighbor List Dual Band.................. Disabled
    Band Select...................................... Disabled
    Load Balancing................................... Disabled
    Multicast Buffer................................. Disabled
    Mobility Anchor List
    WLAN ID     IP Address            Status
    802.11u........................................ Disabled
    MSAP Services.................................. Disabled

  • Restrictions on production client

    hi
    i need to restrict client independent on production client. can any one advise me how to do it?urgent please
    thanks

    Hi,
    When you create new client, there you will get option to set security levels.
    Four possible options for this setting are:
    Changes to repository and client?independent customizing allowed. With this option there are no
    restrictions on this client for changes and development.
    ¨
    No changes to client?independent customizing objects. This option allows for development on
    repository objects but not on client?independent customizing.
    ¨
    No changes to repository objects. This option lets users perform client?independent customizing but
    no development or modifications to repository objets.
    ¨
    No changes to repository and client?independent customizing objects. This setting prohibits any
    client?independent modifications and is common on productive systems.
    So select the second or last option according to your business scenario. your problem will be solved.
    Enjoy......

  • Problem launching e-biz forms using Java JRE 1.6.0_07 and JRE 1.6.0_13

    Got a problem launching Forms from e-biz 11.5.10.2 using JRE 1.6.
    Our setup :
    E-biz: 11.5.10.2
    Forms: 6i Patchset 19
    DB: 10.2.0.3
    JRE: 1.6.0_07 (e-biz is config to use this version)
    on windows desktop clients:
    JRE: 1.6.0_13
    As a non-privileged user account on the workstation, users cannot launch the forms using the 1.6.0_13 JRE.
    When a privilieged(Admin) user account logs in, the forms launch fine using 1.6.0_13.
    We understand that IA enforces many policy settings in our environment, but can anyone identify which types of policy settings would break this access?
    Thanks everyone!
    Gabe

    Thanks for the docs! We've reviewed them, and are satisfied that the JRE family of 1.6 is working properly.
    Our issue is that there are some windows security policies/ maybe group policies, that are restricting the launching of the forms using the newer 1.6.0_13 JRE. This is what we are after, and I would like to know if anyone else has faced similar issue.
    Some more clarification:
    if the workstation has the 1.6.0_07 JRE, and a non-privileged account logs in, the forms launch fine.
    Once 1.6.0_13 is pushed (as our NetAdmin is requesting), the non-privileged account cannot launch forms. Instead, they get an active X request to install 1.6.0_07, which they do not have privilege to install.
    Hope this helps.
    Gabe

  • Clients unable to connect and get DHCP - LAP1142N AP and 5508 WLC

    Hi,
    I have 19 locations, each with 1 or more LAP1142N AP's in FlexConnect mode, AP's are primed using CAPWAP to my 5508 WLC at the datacenter. The AP's join the WLC without issue every time. I have two WLAN's, one guest and one staff, the guest network is open and obtains DHCP from a WatchGuard XTM33 firewall at each of the remote locations. The staff side is WPA2/RADIUS and DHCP is assigned from the WLC. Each AP is assigned a static IP that is not in the DHCP scope. For example: DHCP scope on the branch firewall is 192.168.1.10-250 the AP will be assigned static IP of 192.168.1.1.. The AP's are connected to a HP procurve switch that has a untagged VLAN, the firewall is using the native vlan 1 and so is the AP.
    I have been running this network for over a year and it has not had a single issue until the last two weeks. Nothing on the network has changed or has been upgraded.
    Now for the issue: The issue I am seeing is that clients are no longer able to connect to the AP and do not get DHCP assigned to them. I am able to get it working, if I remove the static IP from the AP, the AP will reboot, join the controller, then begin working, users can connect and DHCP is assigned from the firewall as it should. However, If the AP then reboots, the AP will join back to the controller but no clients can connect nor do they get a DHCP address. So, I then reassign a static IP to the AP again and it reboots, connects to the controller and clients then can connect and get DHCP.
    Attached is a running config from one of the APs
    I've found several posts on this topic, in fact the patch of unassigning or reassigning static IP is one that I found. However, I wanted to post this to see if there is any further assistance I can get on this. I am also waiting on my SmartNet to start up and will be contacting Cisco support as well.
    Thanks for any help.

    Alright, so I finally figured out the issue with this. I had a Mobility Anchor set on the guest WLAN and once I removed that all started working again.
    What is Mobility Anchor?
    A. Mobility Anchor, also referred to as Guest tunneling or Auto Anchor Mobility, is a feature where all the client traffic that belongs to a WLAN (Specially Guest WLAN) is tunneled to a predefined WLC or set of controllers that are configured as Anchor for that specific WLAN. This feature helps to restrict clients to a specific subnet and have more control over the user traffic. Refer to the Configuring Auto-Anchor Mobility section of Cisco Wireless LAN Controller Configuration Guide, Release 7.0 for more information on this feature.

  • Applet won't get client certificate from browser

    Hi,
    We have an applet that runs fine as long as we don't have the web server require a client certificate. This applet runs inside a protected Intranet with a standard client JRE version 1.4.2 The rules of the intranet state that client certificates are required. So we registered our certificates with the JRE plug in in the browser and NaDa...
    I have read all sorts of things out there on the web that says the end user must register a personal Keystore and then we must code the applet to look into the end user's keystore for the certificate and the user must type in their personal password for the keystore into some sort of a form for the applet to read the keystore certificate.
    This sounds illogical and I strongly suspect that I am mis-interpreting what is being said...
    Can anyone help me understand what I am missing? (or perhaps point to a tutorial that has some better info in it...) I have looked at the Sun Java tutorial for applets didn't see any specific info regarding this type of problem- solution.
    Thanks for any pointers or suggestions you might have.
    JpGuy

    Hi,
    We have an applet that runs fine as long as we don't have the web server require a client certificate. This applet runs inside a protected Intranet with a standard client JRE version 1.4.2 The rules of the intranet state that client certificates are required. So we registered our certificates with the JRE plug in in the browser and NaDa...
    I have read all sorts of things out there on the web that says the end user must register a personal Keystore and then we must code the applet to look into the end user's keystore for the certificate and the user must type in their personal password for the keystore into some sort of a form for the applet to read the keystore certificate.
    This sounds illogical and I strongly suspect that I am mis-interpreting what is being said...
    Can anyone help me understand what I am missing? (or perhaps point to a tutorial that has some better info in it...) I have looked at the Sun Java tutorial for applets didn't see any specific info regarding this type of problem- solution.
    Thanks for any pointers or suggestions you might have.
    JpGuy

Maybe you are looking for