Extra Java security warnings appear when trying to run the application


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • Mail Express, v3.3 and later
  • EFT v6 - 7.3.3.20 Web Transfer Client (WTC)
  • Secure Ad Hoc Transfer Client (SAT)

NOTE: This article describes a symptom that occurs specifically with Java v7u45 or earlier, due to the situation described in MORE INFORMATION below. Please read the entire article before making any changes to your system to determine whether this applies to you. Regardless, always be sure that you have the current version of Java installed, as they issue security updates quite frequently.

Download the current Java version from: http://www.java.com/en/download/manual.jsp.
SYMPTOM

Extra Java security warnings appear when trying to run the application.

RESOLUTION

  • Contact Support for the updated JAR files. (Installing a new JAR requires clearing the Java cache. Refer to  "How do I clear the Java cache" for details.)
  • Upgrade to the latest versions of our software as they come available.
  • Allow the software to run when presented with the Java security prompt.
For EFT's WTC or SAT:

Do the following depending on whether you have Java 7u45 installed:

  • When Java 7u45 is installed with older versions of our software, you can allow the software to run when presented with the Java security prompts. When you install the updated versions of our software or the updated JAR files, you will no longer receive the extra prompt.
  • If a version of Java earlier than u45 is installed with any versions of our software, you will need to change the security level as shown below or else the WTC and SAT clients will not run at all.

For Java version older than u45:

    1. Click Start > Control Panel > Java. The Java Control Panel appears.
    2. Click the Security tab.
    3. Security tab

    4. Set Security Level slider to Medium, then click OK.

For Mail Express:

If you are using a version of Java prior to 7u45, the Java-enabled uploader in Mail Express portals may present this prompt when you attempt to send an email:

If you can update your Java version:

  • Click Update and you will no longer see the prompt.

If you do not want to update your Java version:

  • Open the Java Control Panel, and on the Advanced tab specify a Mixed code setting:
    • Enable – show warnings if needed—With this option set, there is a prompt that asks the user to either block or unblock the email when you attempt to send an email from the upload portal.
    • Enable – hide warning and run with protections—This option does not alert the user that there is a discrepancy in the Java software.  This second option provides the best user experience.

MORE INFORMATION

As of Java 7u25, the "Permissions" and "Caller-Allowable-Codebase" manifest attributes were added to Java. As of Java 7u45, these attributes are required by the JRE to avoid extra user prompts. These attributes will be added to upcoming versions of our software. Upgrade to the latest versions of our software as they become available.

For more information about the Java update, refer to https://blogs.oracle.com/java-platform-group/entry/updated_security_baseline_7u45_impacts.

"The Java Security Baseline has been increased from 7u25 to 7u45. For versions of Java below 7u45, this means unsigned Java applets or Java applets that depend on Javascript LiveConnect calls will be blocked when using the High Security setting in the Java Control Panel."

Download the current Java version from: http://www.java.com/en/download/manual.jsp.