XO Technology Partner Applications Performance Management Browser and Java Support Best Practices Note: The following content is provided as-is and results from making these changes may vary depending on operating system version and applied software patches. Overview: The portal to the Applications Performance Management (APM) Service is accessed by the end user directly over the internet via HTTPS using standard Web browsers to the APM Service web portal. A minimum screen resolution of 1280x1024 pixels or higher is recommended. Recommended Browsers: The following browsers are supported: Microsoft IE9, IE10 FireFox 5+ Google Chrome NOTE: Microsoft IE version 8 (IE8) is no longer supported. The recommendation is to upgrade to one of the supported browsers listed above. The interface web portal uses a combination of HTML, JavaScript, FLoT and Java JRE. With the prior release, the java JRE 1.7 would often produce securityrelated popup messages from your workstation regarding Plug-in vulnerabilities. With the enhanced web portal there is now a signed JAR file that should reduce the number of Java Pop warnings to a single message when initiating use of the Advanced Analysis Troubleshooting screen. When the portal used for accessing the APM Service was originally introduced, the version of JRE that was most commonly used was JRE version 1.6. Since then there have been significant security changes to Java with the introduction of JRE 1.7. Regardless of the browser being used, the browser will execute the Java Runtime that is active on the workstation. Within the APM Service, the screens that invoke Java code execution are found under >>UpTime Select >>Troubleshooting. The charts and graphs are interactive and are running java applets for data coming from the APM hardware probes. Because most users are updating their Java when prompted by Oracle, multiple versions of Java may be installed on a users machine. When a user has multiple versions of a Java Runtime Environment
(JRE), the user may be left with multiple installation directories and several entries in the Add/Remove Programs dialog in the Control Panel. This resulted in unnecessary proliferation of unused JREs and may cause a message that The Java runtime is not found on this machine, and directs the user to install Java 1.6. Best practice is to remove older versions. To uninstall Java, see link - http://www.java.com/en/download/help/uninstall_java.xml. Beginning with Java 7 Update 11 changes to the Java browser plug-in behavior were introduced that force a security prompt asking for confirmation before allowing Java content to run in the browser. This pop up warning may present itself each time a user is attempting to display graphical charts when using the APM Troubleshooting component of the APM Service. Java has further enhanced security to make the user system less vulnerable to external exploits. Starting with Java 7 Update 51, Java does not allow users to run applications that are not signed (unsigned), self-signed (not signed by trusted authority) or that are missing permission attributes. OR
SOLUTION WORKAROUND With Java 17 release 60 and above, the Exception Site List Option was added. Consult the following Page for latest recommendations: https://www.java.com/en/download/help/java_blocked.xml The Exception Site list feature that was added to the Java Console to run the applications blocked by security settings. Adding the URL of the blocked application to the Exception Site list allows it to run with fewer warnings. Steps to Add URLs to the Exception Site list Go to the Java Control Panel (On Windows Click Start and then Configure Java) Click on the Security tab Click on the Edit Site List button Click Add in the Exception Site List window
Click in the empty field under the Location field to enter the URL Add the following URL: http://apps.xo.com https://apps.xo.com (URL should include the http:// or https://) Click OK to save the URL that you entered Click Continue on the Security Warning dialog When you restart your browser and go to the APM Troubleshooting tab, you might get a security popup that allows can choose option Do not show this again for the publisher and location above, which should cut down getting security prompts each time.
Previous Java Console Workarounds prior to: As the Oracle Java distributions continue to evolve over time, the general direction has been to increase the levels of security. The interface where these functions are enabled and disabled on an end user s machine is the Java Control Panel. The Java Control panel can be found listed under the Windows Control Panel, or by typing Java in the Windows Search Programs box. Lower your Security Level: For current Windows systems, use the Security tab on your Java Control Panel to reduce the Security level to Medium. This should setting should reduce the security prompts to the user to a single warning prompt for that browser session. We have found the following two steps have also been helpful, depending on the level of Java. For the newer builds, 25 and later: 1. Disable next-generation Plug-In: On the Advanced tab, uncheck the Enable the nextgeneration Java Plug-in (requires browser restart) Option on the Advanced tab of the Java Control Panel. Note that the Oracle Java distribution will likely reset it as enabled again if a new patch version is installed. 2. Disable Verification: Another setting to try that should disable verification and remove the pop-ups is under the Mixed Code stanza of the Advanced Tab. In previous versions of Java, Disable was the default setting. The Advanced tab can appear slightly different depending on the OS: Here are a couple of examples:
Browser Mixed Content: Additionally you should verify that the browser is set to display mixed content, which is simply that the webpage is able to display content from secure SSL and regular HTTP server connections. This is normally the default setting but worth checking. For example with Windows IE do the following: Open Internet Explorer Go to Tools-> Internet Options-> Security Select the Security tab Click the Custom Level button In the Miscellaneous section change Display mixed content to Enable Click Ok Firefox: Firefox does not have a compatibility mode. Firefox works with all web pages that are W3C compliant. When there are display issues with firefox, some forums recommend clearing the cache and the cookies from sites that cause problems. To Clear the Cache: Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now" To Remove Cookies from sites causing problems: Tools > Options > Privacy > Cookies: "Show Cookies" Google Chrome and IE 10: Users that are using Google Chrome and IE10 have reported that when they access the APM Service and there is a security issue reported by the browser it will allow the user to authorize execution once to Always Allow and the pop-up from Java do not appear.
Beginning in Google Chrome.42, the default browser settings have disabled NPAPI plugins. These should be re-enabled by going to the following page in your Chrome browser: