Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

时间:2022-05-21 06:57:08

In This Document

This document covers the procedure to upgrade the version of the JRE Native Client being used in Oracle E-Business Suite R12.

The most current version of this document can be obtained in Document 393931.1.

There is a change log at the end of this document.

Latest JRE Production Releases

Note: Upgrading to a 3-digit point release JRE version on your EBS web server requires a new version of the txkSetPlugin.* upgrade script which is available in Patch 21624242. See Step 2. Download and Apply the Interoperability and Prerequisite Patches.

Note: Oracle strongly recommends that Oracle E-Business Suite customers move to the latest and therefore most secure CPU version of the JRE Native Plug-in available for any certified Java family (JRE 6, 7 or 8) as listed below.

JRE 8

Oracle will release a Critical Patch update (CPU) at the same time as the corresponding Bundled Patch Release (BPR) for Java SE 8. It is recommended that Oracle E-Business Suite customers use the CPU release and only upgrade to the BPR release if advised to uptake it to fix a specific bug issue. For further information and bug fix details see Java CPU and PSU Releases Explained
Note: In earlier JRE releases Bundled Patch Releases (BPR) were called Patch Set Updates (PSU).

For information on patch requirements and known issues with JRE 8, check the following links within this document:

JRE 1.8.0_101 (8u101) CPU

The latest standard JRE release is available for download through the Java and Oracle Java SE Downloads public sites. This is also available as a patch from My Oracle Support which is listed in the JRE Parameter Settings table.

Known Issues

If you are using IE, the 3-digit release version will not be recognized when using the standard numeric CLSID in your config file. This causes extra pop-ups when running any Java content. See Known Issue: JRE 1.8.0_101 May Cause Extra Pop-Ups When Using IE for further information. Users affected by this issue are recommended to upgrade to JRE 1.8.0_102 instead where this issue is fixed.

JRE 1.8.0_102 (8u102) BPR

The latest standard JRE BPR release is available as a patch from My Oracle Support which is listed in the JRE Parameter Settings table. It is recommended the BPR release is only used if you have been advised to uptake it to fix a specific bug issue.

EBS Related Bug Fixes

This release fixes the following bug issues. If these fixes are required, upgrade to this release instead of JRE 1.8.0_101:

1. Known Issue: JRE 1.8.0_101 May Cause Extra Pop-Ups When Using IE.
2. Coexistence Known Issue: 3-Digit Point Release Versions Not Recognized by Java 8.

JRE 7

The JRE 7 stream has reached 'End of Life and is no longer available through the public download sites. Oracle E-Business Suite users can continue to run JRE 7 during the extended support period of their EBS release. For further information see Java SE 7 End of Public Updates Notice.

JRE 1.7.0_111 (7u111) CPU

JRE 7 has reached 'End of Life', JRE 1.7.0_85 (7u85) and higher point release versions of JRE 7 are no longer available through the public download sites. Oracle E-Business Suite users can continue to run JRE 7 during the extended support period of their EBS release.The standard build and also a build which now has the 'Java Auto Update Mechanism' removed is also available as a patch from My Oracle Support which are listed in the JRE Parameter Settingstable.

 

JRE 6

JRE 6 has reached 'End of Life', JRE 1.6.0_51 (6u51) and higher are no longer available through the public download sites. Oracle E-Business Suite users can continue to run JRE 6 during the extended support period of their EBS release. For further information see Implications of Java 6 End of Public Updates for EBS Users.

JRE 1.6.0_121 (6u121) CPU

This is available as a patch download from My Oracle Support which is listed in the JRE Parameter Settings table.

Section 1: Overview

The Oracle E-Business Suite R12 has two interfaces: a web-based model for modules like iProcurement and iStore, and an Oracle Forms-based model for our professional services modules like Oracle Financials.

This document will explain the steps needed to upgrade to the latest certified version of JRE Native Client for supporting forms-based modules used with Oracle E-Business Suite R12. It is important that you read and follow this document in its entirety before starting an upgrade or applying any patch.

Unraveling Java Terminology

A wide range of products are available for the Java platform. Many of these product names sound similar, and are sometimes even used interchangeably in Sun's own documentation. For more information on Java terminology please see theUnraveling Java Terminology webpage. JRE 6 family refers to JRE 1.6.x. JRE 7 family refers to JRE 1.7.x.

To access Oracle Forms-based content in the Oracle E-Business Suite, end-users require the "Sun Java2 Standard Edition Java Runtime Engine". In this documentation, this is referred to as "JRE", since it is the runtime component required for end-user desktop clients.

For historical reasons, certain parts of this documentation, particularly the installation scripts, may refer to "J2SE". You should interpret these references to be equivalent to "Sun Java2 Standard Edition Java Runtime Engine" or "JRE".

Client JRE and Server JDK Compatibility

JRE releases 6, 7, and 8 on the client tier are all compatible with any certified JDK 6 or JDK 7 release running on the application tier.

Certification Matrices for JRE Releases

For further information on browsers see Document 389422.1 entitled 'Recommended Browsers for Oracle E-Business Suite Release 12'. Historical information on certified JRE releases with deprecated EBS and browser releases is available throughCertify.

Certification Matrix for JRE (64-bit) Releases

This table outlines the currently certified 64-bit Browser, Windows Desktop Client Operating System and 64-bit JRE family with minimum versions as applicable.
Microsoft Office (64-bit) is certified with Oracle E-Business Suite R12 allowing users to run with a full 64-bit client stack if required.

Browser
Version
Windows 10 
(64-bit)
Windows 8.1 
(64-bit)
Windows 7
(64-bit)
IE 11 (64-bit) 1 JRE 1.8.0_51 (64-bit) and higher
JRE 1.7.0_85 (64-bit) and higher
JRE 1.8.0_25 (64-bit) and higher
JRE 1.7.0_10 (64-bit) and higher
JRE 1.6.0_37 (64-bit) and higher
JRE 1.8.0_25 (64-bit) and higher
JRE 1.7.0_10 (64-bit) and higher
JRE 1.6.0_32 (64-bit) and higher

1 Internet Explorer is only certified running Desktop Mode on Windows 8.1 and Windows 10r. The Metro version does not support Java and is not certified for Oracle E-Business Suite.

Certification Matrix for JRE (32-bit) Releases

This table outlines the currently certified 32-bit Browser, Desktop Client Operating System and 32-bit JRE family with minimum versions as applicable.

The Windows 64-bit desktop client operating systems show the Oracle E-Business Suite certification matrix when running 32-bit Browser and JRE Plug-in client based products.

Browser 
Version
Windows 10 
(32-bit and 64-bit)
Windows 8.1
(32-bit and 64-bit)
Windows 7
(32-bit and 64-bit)
Windows Vista
(32-bit)
IE 11 1 JRE 1.8.0_51 and higher
JRE 1.7.0_85 and higher
JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_37 and higher
JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_24 and higher
Not Certified
IE 9 Not Certified Not Certified Not Certified JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_03 and higher
Firefox ESR 45.x JRE 1.8.0_51 and higher
JRE 1.7.0_85 and higher
JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_37 and higher
JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_10 and higher
JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_10 and higher
Firefox ESR 38.x JRE 1.8.0_51 and higher
JRE 1.7.0_85 and higher
JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_37 and higher
JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_10 and higher
JRE 1.8.0_25 and higher
JRE 1.7.0_10 and higher
JRE 1.6.0_10 and higher

1 Internet Explorer is only certified running Desktop Mode on Windows 8.1 and Windows 10. The Metro version does not support Java and is not certified for Oracle E-Business Suite.

Oracle E-Business Suite 12.2 Users are certified running JRE 1.7.0_10 and higher or JRE 1.6.0_27 or higher when running a 32-bit browser.

Compatibility with Higher JRE releases

Oracle E-Business Suite end-users may run or upgrade to higher production releases of the JRE Plug-in on any JRE family certified with Oracle E-Business Suite at their discretion.

Oracle will continue to test and certify the Oracle E-Business Suite with future versions of any JRE family certified with Oracle E-Business Suite in advance of their general availability to the public. Any known compatibility issues or workarounds will be updated within this document as required. All current production versions equal to or higher than the minimum versions stated in the 'Certification Matrices' tables above are compatible with Oracle E-Business Suite r12.

3rd Party Software Support Lifecycle

Oracle's certification of the various third party client operating system, service pack levels and browsers aligns with the respective vendor's support life cycle.

Internet Explorer, Windows desktop operating system and service pack requirements are available from Microsoft.

JRE Minimum Patch Requirements

JRE 8 Minimum Patch Requirements

The JRE 8 desktop Plug-in is certified for the following Windows desktop releases:

  • Windows Vista SP2, Windows 7 SP1 (32-bit & 64-bit), Windows 8.1 (32-bit & 64-bit) and Windows 10 (32-bit & 64-bit)

JRE 8 has the following minimum pre-requisite patch requirements in addition to any JRE 7 Minimum Patch Requirements that have not previously been applied.

Oracle E-Business Suite 12.2
  • SSL Users must apply the following patch to allow use of the default TLS 1.1 and TLS 1.2 settings in JRE 8:

Patch 17555224 conflicts with the October 2013 CPU Patch 17337741. To avoid this conflict or to simply apply the latest release that includes this fix, apply Patch 19849290.

For details about Oracle E-Business Suite R12.2 Online Patching, refer to Oracle® E-Business Suite Maintenance Guide, Release 12.2.

Oracle E-Business Suite 12.1
  • SSL Users must apply the following patch to the 10.1.3. ORACLE_HOME to allow use of the default TLS 1.1 and TLS 1.2 settings in JRE 8:
    • Patch 19568561 - Merge request on top of 10.1.0.5.0 for bugs 18128233 19358438 (OHSTLS 1.2 with Client Certificate Authentication)
    • For further information including a temporary workaround for this issue see - javax.net.ssl.SSLException: Received fatal alert: close_notify
    • Linux x86-64 (64-bit) delivers a 32-bit $ORACLE_HOME despite running on a 64-bit platform. When applying this patch to the 10.1.3 ORACLE_HOME on Linux x86-64 (64-bit), use the 32-bit Linux x86 10.1.0.5 patch.

October 2015 CPU Patch Recommendation

While Patch 19568561 fixes the TLS issues for JRE, further fixes are required to run later Firefox and Chrome browser versions. We recommended applying the 10.1.3.5 Oct 2015 CPU patch which will resolve these TLS issues for both JRE and the browsers. The fix in Patch 19568561 is already included in the Oct 2015 CPU patch listed below:

Unix Users: Patch 21845960 
Windows Server Users: Patch 21845962

For further information on the October 2015 CPU patches see Document 2051000.1 titled, 'Oracle E-Business Suite Releases 11i and 12 Critical Patch Update Knowledge Document (October 2015)'.
For further information on browser issues see Document 389422.1 titled, 'Recommended Browsers for Oracle E-Business Suite Release 12'.

Discoverer Users

See Discoverer with JRE 1.8 for further information.

JRE 7 Minimum Patch Requirements

Oracle E-Business Suite 12.2.x

Currently, Oracle E-Business Suite 12.2 users do not require any additional prerequisite patches to run JRE 7.

Oracle E-Business Suite 12.1.x

The JRE 7 Plug-in has the following minimum patch requirements for Oracle E-Business Suite 12.1.x:

Windows Vista SP2, Windows 7 SP1 (32-bit & 64-bit) Windows 8.1 (32-bit & 64-bit) and Windows 10 (32-bit and 84-bit)

  • Oracle forms 10.1.2.3 or higher with Patch 14614795 or later (See Document 437878.1 titled, 'Upgrading OracleAS 10g Forms and Reports in Oracle E-Business Suite Release 12' for the latest available forms patches)
  • SSL Users
    • 10.1.0.5 (32-bit) version of Patch 6370967 - 'TLS 1.0 handshake fails when the client is running on Vista' applied to the AS 10.1.3 Home. (Note: This patch is also required for Windows XP, Windows 7 and Windows 8)
      • Note: This fix is included in the April 2011 AS 10.1.3.5 CPU patch and later.

Section 2: Pre-Upgrade Steps

Step 1. Source the Environment

Source your environment as appropriate to your Oracle E-Business Suite release.

Oracle E-Business Suite 12.2.x Users

As a configuration change, upgrading the JRE Plugin can be done outside a patch cycle against the RUN file system. While you may still run this upgrade process as part of your PATCH cycle we will use the Run file system in the example below.

On the Application tier as the file system owner source your RUN file system.

Oracle E-Business Suite 12.1.x Users

On the Application tier as the file system owner source your APPS env file.

Step 2. Download and Apply the Interoperability and Prerequisite Patches (If Required)

Note: Historically, the JRE upgrade scripts (txkSetPlugin.*) have been designed to work with JRE plugin versions of up to 2 digits e.g. JRE 1.6.0_07 (JRE 6u7), JRE 1.7.0_85 (JRE 7u85) etc. 
Users wanting to install three digit releases on their server e.g. JRE 1.8.0_101 (8u101) etc. must apply the latest JRE upgrade script which is available through Patch 21624242. This will work with all Java releases irrespective of the version number up to 3 digits. Additionally, the new scripts can also be used to automatically configure the Dynamic and Family CLSID values for IE users if required (The CLSID is only used by Internet Explorer). This is an optional parameter and therefore does not alter the standard command format that has been run historically and will continue be run by the majority of users.

Step 2.1. Apply the JRE Interoperability Patch (If Required)

Note: If you want to change the default JRE Plug-in version you are currently using and have previously applied the interop patch to your environment there is no need to apply it again. Skip this step and continue to Section 3: Upgrade and Configuration and run the JRE Upgrade Script.

Oracle E-Business Suite 12.2.x Users

To install up to a 3 digit Java release on your web server (e.g. JRE 1.8.0_101) or simply to uptake the latest upgrade script, apply interoperability Patch 21624242:R12.TXK.C.

If you are not upgrading to a 3-digit release version you may continue to run the original default scripts that come with 12.2.x if required.

Oracle E-Business Suite 12.1.x Users

To install up to a 3 digit Java release on your web server (e.g. 1.8.0_101) or simply to uptake the latest upgrade script, apply the appropriate interoperability patch.

If you are not upgrading to a 3-digit release version you may continue to run the scripts from the old JRE Plug-in interoperability Patch 4377566 if required.

Note: Due to a change in version numbering branch line standards the new txkSetPlugin.sh version for 12.1.3 will not overwrite the old version from the original Patch 4377566. Before applying Patch 21624242:R12.TXK.B, rename your current version to allow the new version to install normally:

$ mv $FND_TOP/bin/txkSetPlugin.sh $FND_TOP/bin/txkSetPlugin-4377566.sh

OracleAS 10g Patches

It is also strongly recommended that the latest OracleAS 10g patches are applied if they have not been applied previously.

Apply the latest 10.1.2.3 Forms Bundle patch then regenerate the jar files through 'adadmin'.

For information on the latest 10g patch requirements please see Document 437878.1 titled, 'Upgrading OracleAS 10g Forms and Reports in Oracle E-Business Suite Release 12'.

Step 2.2. Download the JRE Plugin

JRE uses a 'Non-Static Versioning' model, meaning, for Internet Explorer users, the version installed here denotes the minimum version that will be used to access Oracle E-Business Suite. (Historically when running a 'Static Versioning'model the version installed would denote the specific version that would have to be used to access Oracle E-Business Suite from the desktop client.)

For further information including the behavior when using 'next-generation Java Plug-in technology' (JRE 1.6.0_10 and higher) see, Appendix B: Static vs Non-Static Versioning and Set Up Options

Note: Only one version of the JRE plug-in can be installed for download through Oracle E-Business Suite. This can be either a 32-bit or a 64-bit version as required.

Download the latest "JRE" update (Do not download the "Server JRE" version) from the Java SE Downloads page or as a patch from My Oracle Support as listed in the JRE Parameter Settings table.

  • Click the JRE Download button for the appropriate Java version
  • Click the Accept License Agreement button
  • Download the Windows x86 Offline (32-bit) or Windows x64 (64-bit) version as required

The latest JRE 6 versions are only available through a patch, see Document 1439822.1, titled 'All Java SE Downloads on MOS' for a list of patch numbers.

If an earlier version of the JRE Plug-in is required, it can be downloaded from the Oracle Java Archive site or as a patch from My Oracle Support as listed in the JRE Parameter Settings table.

  • Click on the required Java SE version link e.g. Java SE 7
  • Select the required Java SE Runtime Environment version link e.g. Java SE Runtime Environment 7u45
  • Click the Accept License Agreement button
  • Download the Windows x86 Offline (32-bit) or Windows x64 (64-bit) version as required

Step 2.2.1. Rename the JRE Plugin File

Rename the downloaded JRE Native Plugin file to j2se<jversion>.exe

The jversion parameter is simply the Java family (18, 17 or 16) concatenated with the point release version in a 5 digit format and is listed in the JRE Parameter Settings table.

For example:

jre-8u51-windows-i586.exe or jre-8u51-windows-x64.exe would be renamed j2se18051.exe
jre-7u85-windows-i586.exe or jre-7u85-windows-x64.exe would be renamed j2se17085.exe
jre-6u101-windows-i586.exe or jre-6u101-windows-x64.exe would be renamed j2se16101.exe

Step 2.2.2. Place the Renamed JRE Plugin on the Web Application Tier

Place the renamed JRE Plugin file onto the web application tier in the directory as appropriate to your Oracle E-Business Suite release.

Oracle E-Business Suite 12.2.x Users

Move the j2se<jversion>.exe file to the web application tier and place it in the following directory in the RUN File System:

$[COMMON_TOP]/webapps/oacore/util/javaplugin

[COMMON_TOP] refers to the top level directory where the common utilities are installed. By default, this is the parent directory of $JAVA_TOP.

Oracle E-Business Suite 12.1.x Users

Move the j2se<jversion>.exe file to the web application tier and place it in the following directory:

$[COMMON_TOP]/webapps/oacore/util/jinitiator/

[COMMON_TOP] refers to the top level directory where the common utilities are installed. By default, this is the parent directory of $JAVA_TOP.

Section 3: Upgrade and Configuration

Step 3. Run the JRE Upgrade Script

To upgrade the JRE Plugin run the txkSetPlugin upgrade script following the instructions as applicable to your operating system.

Step 3.1. Run the JRE Upgrade Script (Unix Users Only)

Run the $FND_TOP/bin/txkSetPlugin.sh script against the web node of the application tier.

The txkSetPlugin.sh script updates the JRE version information in your AutoConfig context file and runs AutoConfig to incorporate the new values throughout your application. This script must be run using the following command:

$ txkSetPlugin.sh jversion [clsid_param]

Where:

Parameter Value Parameter Description
jversion The JRE version you wish to install ion a 5 digit format.
This value is listed in the 'jversion Parameter' column in the appendix JRE Parameter Settings.
clsid_param

This is an optional parameter that is only available if you are running the latest txkSetPlugin script available through the JRE Interop Patch 21624242.
Valid values are dyn to specify a Dynamic CLSID or fam to specify a Family CLSID. For further information see Dynamic and Family CLSID.

The standard command using JRE 1.8.0_51 as an example would be:

$ txkSetPlugin.sh 18051

The command to use the Dynamic CLSID with JRE 1.8.0_51 as an example would be:

$ txkSetPlugin.sh 18051 dyn

The script will prompt you for the following values if it does not find them automatically. If this is the case ensure you have correctly sourced your environment and run the script again:

  • Location of APPSORA.env file, if not present in the default location $APPL_TOP
  • Location of the AutoConfig Context File.
  • Password for the APPS user in the database (If the correct value is returned by the script you may press the return key at the prompt).
Note: This does not not by-pass any of the usual in built security standards. Therefore you may still get warnings about out of date Java versions etc. It will also not ignore the presence of a later Java family being installed on the same desktop. In this case if JRE 8 is also installed on the desktop, there will still be a preference to run using that version over the Java 7 version.

Step 3.2. Run the JRE Upgrade Script (Windows Users Only)

Run the %FND_TOP%\bin\txkSetPlugin.cmd script against the web application tier node.

The txkSetPlugin.cmd script updates the JRE version information in your AutoConfig context file and run's AutoConfig to incorporate the new values throughout your application. This script must be run using the following command:

txkSetPlugin.cmd appsora_path apps_pwd jversion [clsid_param]

Where:

Parameter Value Parameter Description
appsora_path Full path to your APPSORA.cmd file (This may be APPSsid_host.cmd)
apps_pwd Password for APPS user in the Database
jversion The JRE version you wish to install, without decimal points or underscores. (e.g. 17079)
This value is listed in the 'jversion Parameter' column of appendix JRE Parameter Settings.
clsid_param

This is an optional parameter that is only available if you are running the latest txkSetPlugin script available through Patch 21624242.
Valid values are dyn to specify a Dynamic CLSID or fam to specify a Family CLSID. For further information see Dynamic and Family CLSID.

The standard command using JRE 1.8.0_51 as an example would be similar to:

txkSetPlugin.cmd C:\oracle\visappl\APPSORA.cmd apps_pwd 18051

The command to use the Dynamic CLSID with JRE 1.8.0_51 as an example would be similar to:

txkSetPlugin.sh C:\oracle\visappl\APPSORA.cmd apps_pwd 18051 dyn

Section 4: Post-installation Steps

Step 4. Verify your upgrade

The following steps verify that you have successfully upgraded JRE.

Step 4.1. Enable the Java Console and Check Version

Enable the Java Console on your desktop client through the 'Java Control Panel' by setting:

'Control Panel' -> 'Java' (icon) -> 'Advanced' -> 'Java Console' -> 'Show Console'.

Step 4.2. Close All Browser Windows

Close all browser windows and wait until their processes have completed.

Step 4.3. Logon to Oracle E-Business Suite

Logon to the Oracle E-Business Suite and choose an Oracle Forms-based (professional user interface) responsibility.

For information on requirements and possible issues when trying to connect to a new or freshly upgraded Oracle E-Business Suite environment, please see Accessing Oracle E-Business Suite from a Desktop Client in the Appendices section.

Step 4.4. Check your Java Plug-in Version

The Java Console should appear and display lines describing the JRE version being used.

Examples:

JRE 6 32-bit Version

Java Plug-in 1.6.0_38
Using JRE version 1.6.0_38-b05 Java HotSpot(TM) Client VM

JRE 7 32-bit Version

Java Plug-in 10.10.2.18
Using JRE version 1.7.0_10-b18 Java HotSpot(TM) Client VM

JRE 8 64-bit Version

Java Plug-in 11.51.2.16
Using JRE version 1.8.0_51-b16 Java HotSpot(TM) Client VM

Note: If a higher version of JRE than the one just installed is shown, it may be because a higher version has previously been installed on the desktop. You can check the versions installed through the 'Java Control Panel':

Control Panel -> Java (icon) -> Java (tab) -> View (button)

Section 5: Known Issues

Depending on which products technologies and products you are using, there may be some limitations to be aware of and/or other steps you need to perform.

Java Plug-in Issues

JRE 1.8.0_101 May Cause Extra Pop-Ups When Using IE

JRE 1.8.0_101 does not recognize the 3-digit point release from the numeric CLSID: CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA and only picks up the 2-digit number. Incorrectly it therefore looks for 1.8.0_01 on the desktop causing the following pop-up as it cannot be found:

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Selecting 'Run with the latest version' will cause forms to launch using JRE 1.8.0_101.

Selecting 'Cancel' will prevent forms from launching.

To avoid this problem, upgrade to JRE 1.8.0_102 where this issue is fixed..

This issue does not affect users running with a Dynamic or Family CLSID where, If JRE 1.8.0_101 is the latest release on the desktop, it will launch seamlessly.

Oracle Security Alert for CVE-2016-0636

For further information see Oracle Security Alert for CVE-2016-0636.

This issue is fixed in the following JRE releases:

JRE 1.8.0_77 (8u77) and higher 
JRE 1.7.0_99 (7u99) and higher

Firefox Crash

Running Java content with Firefox ESR 38.4.0 using JRE 7 or JRE 8 may cause Firefox to crash. For example, this may be seen when closing your Oracle E-Business Suite browser session.

JRE 8 Users

This has been fixed for JRE 8 users in JRE 1.8.0_66-b18 which is now available for download from the Oracle Java SE Downloads page. This fix is not included in JRE 1.8.0_66-b33 which fixes the Internet Explorer: Applet Launch Delayissue, meaning Firefox users can currently only run JRE 1.8.0_66-b18 to fix this issue.

Consolidated Fix

To fix both the Firefox: Session Crash and the Internet Explorer: Applet Launch Delay issues, apply JRE 1.8.0_66-b35 which is available through Patch 22286087 - Oracle JDK 8 Update 66 b35.

JRE 7 Users

This issue is fixed for JRE 7 users in Patch 22217483 - Oracle JRE 7 Update 91 b33.

Internet Explorer: Applet Launch Delay

Launching Java content through Internet Explorer will show a delay of around 20-25 seconds delay before the applet starts to load (Java Console will come up if enabled). This occurs using the following JRE releases:

  • JRE 1.7.0_91 (Pre build 33)
  • JRE 1.8.0_60
  • JRE 1.8.0_65
  • JRE 1.8.0_66 (Pre build 33)
  • JRE 1.8.0_71

This issue does not affect Firefox where the applet starts as usual after only a few seconds.

JRE 8 Users

This issue is fixed for JRE 8 users in the following releases::

JRE 7 Users

This issue is fixed for JRE 7 users in the following releases:

  • JRE 1.7.0_95 ( Patch 22187044 - Oracle JRE 7 Update 95 ) and higher releases of JRE 7.
  • JRE 1.7.0_91-b33 ( Patch 22217483 - Oracle JRE 7 Update 91 b33 ).
Note: Although Java patches may contain both the JRE and JDK releases you only need the JRE version installed on the desktop client to uptake this fix.

JRE 1.6.0_85

When launching Java through JRE 1.6.0_85 on the desktop, a command window may open from the launcher program, <JRE_INSTALL_DIR>\java\jre6\bin\jp2launcher.exe displaying the message:

Rejecting attempt to specify unsupported characters in command-line argument: -Djava.security.manager

Forms will continue to launch normally but the command window will remain open on the desktop.

This error will also not occur if using JRE 7 and JRE 6 coexistence on your desktop where for example JRE 1.6.0_85 would run on top of JRE 1.7.0_71 as outlined in Multiple Client Java Plug-in Versions.

This issue is fixed in JRE 1.6.0_91 and later. 
This issue is also fixed for 64-bit users in JRE 1.6.0_85-b31 (64-bit) through Patch 19952394 - Oracle JDK 6 Update 85 b31.

Java Update Needed

"Your Java Version is Insecure"

Trying to run a version of JRE that is below the security baseline or past its expiration date can cause the following warning message to display:

Windows 7 Users

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Clicking "Update" will download and attempt to install the latest version of the JRE Plug-in from java.com.
Clicking "Block" will stop the application from running.
Clicking "Later" will close the message and allow the application to run.

Suppressing the Message

If you want to prevent this message appearing again until the next new JRE release becomes available check the "Do not ask again until the next update is available" checkbox and then select the "Later" button.

This option updates the users deployment.properties file as follows:

deployment.expiration.decision.timestamp.10.17.2=5/14/2013 11\:0\:19 
deployment.expiration.decision.10.17.2=later 
deployment.expiration.decision.suppression.10.17.2=true

The above example is based on JRE 1.7.0_17, if the JRE version was 1.7.0_21 the numbering would be "10.21.2" rather than "10.17.2"

An administrator may update this information for all their users deployment.properties file so that they do not need to go through the manual steps outlined above on first launch.

The users deployment.properties file is held in the following directory:

Windows Vista, 7 and 8: %USERPROFILE%\AppData\LocalLow\Sun\Java\Deployment

Other Ways to Suppress this Message

Customers who wish to keep up to date with the later Java releases but also want control over when they upgrade can prevent this message appearing by using a special build of JRE 7 which has the 'Java Auto Update Mechanism' turned off. These versions are available as a patch download, see Document 1439822.1 titled 'All Java SE Downloads on MOS' for a list of JRE versions and their patch numbers. Although Java patches contain both the JRE and JDK releases you only need the JRE version installed on the desktop client to uptake this feature.

The 'Java Auto Update Mechanism' is turned off by default on all builds of JRE 1.6.0_60 (6u60) and higher.

For further information on using this patch please see:

Document 1553875.1 - Handling New JRE Security Dialogs
Document 1557737.1 - Support entitlement for Java SE when used as part of another Oracle Product

JRE 1.7.0_40 and Higher Users

If your installed JRE 7 release falls below the security baseline, or passes it's built-in expiration date, an additional 'JRE Out of Date' warning is shown to users to update their installed JRE to the latest version.

To suppress this specific warning message, add the following entry in the deployment properties file:

deployment.expiration.check.enabled=false

For more information, see Deployment Configuration File and Properties.

JRE 1.7.0_45 (7u45) and Higher

Certificate Revocation Lists Error using LDAP URL

The Certificate Revocation Lists (CRL) check may fail if using an LDAP URL causing forms launch to fail with the following error:

java.lang.ClassNotFoundException: oracle.apps.fnd.formsClient.FormsLauncher.class

The CRL check was introduced in JRE 7u25 so this error may also be seen when using earlier releases than JRE 7u45 in certain circumstances.

How to Fix this Issue

This Issue is fixed in JRE 7u51-b32 and higher which is only available through Patch 17981166.

(All Java patches contain both the JRE and JDK releases. Only extract the JRE version of Java from the patch and install on your desktop to fix this issue.)

Workaround

If you are unable to upgrade at this time, turn off the CRL check in the Java Control Panel as a temporary workaround:

Java Control Panel -> Advanced (tab) -> Perform certificate revocation checks on -> Do not check (not recommended)

Unsigned Entry in Resource Error

Running JRE 1.7.0_45 (7u45) on an Oracle E-Business Suite environment that is using JDK 4 on the application tier will fail with the following error in the Java Console (Jar files signed against JDK 4 are not compatible with this JRE release):

java.lang.SecurityException: com.sun.deploy.net.JARSigningException: Found 
unsigned entry in resource: 
http://server1.example.com:10403/OA_JAVA/oracle/apps/fnd/jar/fndforms.jar 
at com.sun.deploy.cache.CacheEntry.getJarFile(Unknown Source) 
at com.sun.deploy.model.ResourceProvider.getCachedJarFile(Unknown Source) 
at sun.plugin.PluginURLJarFileCallBack$1.run(Unknown Source)
How to Fix this Issue

To fix this issue follow the steps below:

1. Upgrade the JDK version of your application tier node by following the appropriate document below:

  • Using Latest Java 6.0 Update With Oracle E-Business Suite Release 12 (Document 455492.1)
  • Using JDK 7.0 Latest Update with Oracle E-Business Suite Release 12.0 and 12.1 (Document 1467892.1)

2. Regenerate the jar files using the 'force' option through adadmin.

JRE 1.7.0_25 (7u25) and Higher

JRE 7u25 includes a new security function for permissions and attributes in the Jar Manifest file. This can result in the following warning messages appearing in the Java Console:

Missing Permissions manifest attribute for: https://server1.example.com:4443/OA_JAVA/oracle/apps/fnd/jar/fndforms.jar
Missing Codebase manifest attribute for: https://server1.example.com:4443/OA_JAVA/oracle/apps/fnd/jar/fndforms.jar
Missing Permissions manifest attribute for: https://server1.example.com:4443/OA_JAVA/oracle/apps/fnd/jar/fndformsi18n.jar
Missing Codebase manifest attribute for: https://server1.example.com:4443/OA_JAVA/oracle/apps/fnd/jar/fndformsi18n.jar
etc.

For further information regarding this function please see the New JAR Manifest File Attributes section within the Java 7u25 Update Release Notes.

Patch Fix

To fix this issue, apply the following patch as applicable to your Oracle E-Business Suite release. This patch also contains a number of other AD fixes which incorporate the latest jar signing architecture. For further information see Document 1591073.1 titled, 'Enhanced JAR File Signing for Oracle E-Business Suite':

Oracle E-Business Suite 12.2.x Users - Patch 17545215
Oracle E-Business Suite 12.1.x Users - Patch 17191279

JRE 1.7.0_21 (7u21) and Higher

"Your security configuration will not allow granting permission to self signed certificates"

By default, JRE 1.7.0_21 (7u21) and higher will no longer run with a 'Very High' security setting set within the Java Control Panel when using Self-Signed certificates. Trying to run Oracle Forms-based content using such a certificate will pop the following message:

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

After clicking through or closing these messages the following error will appear in the Java Console and forms will not launch:

ExitException[ 6]java.security.cert.CertificateException: Your security configuration will not allow granting permission to self signed certificates,
at sun.plugin2.applet.Plugin2Manager.isAppletTrusted(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

JRE 1.7.0_21 and higher run on a default security setting of 'High'. If you wish to use a 'Very High' security setting please sign the jar files with a Trusted Certificate. The security level can be changed using the slider under the 'Security' tab within the 'Java Control Panel'.

For full details regarding the code signing changes please see - Java Applet & Web Start - Code Signing and Setting the Security Level of the Java Client.

For further information on Jar signing in EBS see Document 1591073.1 titled, 'Enhanced JAR File Signing for Oracle E-Business Suite'.

JRE 1.7.0_11 (7u11)

Security Alert

JRE 1.7.0_11 (7u11) is a CPU security release which includes the fix for Oracle Security Alert CVE-2013-0422. It is highly recommended that customers on the JRE 7 stream upgrade to this release of higher.

JRE 1.6.0_24 (6u24)

Security Alert

JRE 1.6.0_24 (6u24) is a critical patch update which fixes security vulnerabilities in Oracle Java SE including CVE-2010-4476 (Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number) which can affect users running JRE 1.6.0_23 (6u23) and earlier.

For further information regarding this security alert please see alert-cve-2010-4476-305811.html

Although the impact of this vulnerability on desktops is minimal and the desktop will not be compromised Oracle recommends that customers upgrade to "JRE 1.6.0_24 (6u24) or higher" as soon as possible.

Java Certificate Warning - Publisher Unknown

If you are using a self-signed certificate for jar signing the Publisher will display as UNKNOWN in the Java 'Warning - Security' window when running JRE 1.6.0_24 (6u24) or higher. For further information please see Connecting to an Oracle E-Business Suite Instance for the First Time.

General Technology Issues

Adding Custom Jar Files

Adding custom jar files to appsweb.cfg through the use of "userjarfile=<custom.jar>", can cause the forms navigator to function incorrectly after the initial launch of a form. On subsequent form launches the initial navigator window is closed and a new one is opened with the new form. The standard behavior is for the subsequent form to open in the same navigator window. To fix this issue please apply Patch 10150738 by following its readme.

Adding Custom Logo's

When using your own custom logo in Oracle E-Business Suite you may see a pop up displaying the following message:

Do you want to run this application?

An Application is requesting permission to load a resource from location below.

Signing Java content is a requirement when running later JRE releases using secure settings. When adding your own custom logo it is advisable to add this to a jar file so that it is signed through the standard ADADMIN jar regeneration procedure. The following gives an example of how to do this. Your logo file can use any unique name, for the purposes of this example it is named custom_logo.gif.

Copy your logo file to $JAVA_TOP/oracle/apps/media:

$ cp custom_logo.gif $JAVA_TOP/oracle./apps/media/custom_logo.gif

Backup your fndjar.dep file:

cp $FND_TOP/java/make/fndjar.dep $FND_TOP/java/make/fndjar.dep.orig

Edit the fndjar.dep file:

Find the fndaol.jar entry within fndjar.dep and add your image to the others listed there without the extension.

oracle/apps/media/custom_logo

Save the file, then regenerate your jar files through ADADMIN.

Application Freeze/Hang Issues

Resizing the Forms Applet Window

Resizing the forms applet window multiple times may cause the application to freeze when using JRE 1.6.0_10 or JRE 1.6.0_11. This is fixed in JRE 1.6.0_12 (6u12). For further details please see Bug 7485019 - Resizing the Forms Applet Window Hangs the Forms Session.

Right Click in Forms Field

Menu access by right clicking in a forms field may cause the application to freeze when using next-generation Java Plug-in through JRE 1.6.0_10 or JRE 1.6.0_11. This is fixed in JRE 1.6.0_12 (6u12).

Windows Rendering slowly using JRE 1.6.0_10 and Higher

Certain graphics cards (for example NVIDIA GeForce, ATI Radeon) may cause windows to render and display slowly, after moving the form within the window when using next-generation JRE Plug-in technology through JRE 1.6.0_10 or higher. This issue is fixed in JRE 1.6.0_14 and higher.

If JRE upgrade is not possible at this time; to workaround the issue in Oracle E-Business Suite it is recommended to either update the appsbase.htm file on the web server OR update the individual desktop clients.

Solution1: Modify the appsbase.htm file

Change both the $OA_HTML/US/appsbase.htm and $FND_TOP/html/US/appsbase.htm files by adding the following data in the appropriate places as shown below;

1) Add - var xjavarguments = '-Dsun.java2d.d3d=false' to the 'Sun JDK Parameters Section';

var xjdkprogcolor = "%jdk_progresscolor%"
var xjavarguments = '-Dsun.java2d.d3d=false'

2) Add - IEhtml += '' + 'PARAM name= java_arguments value="' + xjavarguments + '"'; to the 'IE Section';

if(xplugin == "jdk"){
IEhtml += ' codebase="' + xpluginurl + '"';
IEhtml += '' + 'PARAM name=java_arguments value="' + xjavarguments + '"';
IEhtml += '' + 'PARAM name=legacy_lifecycle value="' + xsunpluginlifecycle + '"';

3) Add - IEhtml += '' + 'PARAM name=java_arguments value="-Dsun.java2d.d3d=false"'; to the 'IE Section';

IEhtml += '' + 'PARAM name=serverUserParams value="' + xenv + "';
IEhtml += '' + 'PARAM name=java_arguments value="-Dsun.java2d.d3d=false"'; 
IEhtml += '' + 'PARAM name=colorScheme value="' + xuics + '"';

4) Add - PARAM name=java_arguments value="-Dsun.java2d.d3d=false" to the 'Netscape Section';

PARAM name="%nparam4%"   value="%vparam4%"
PARAM name=java_arguments value="-Dsun.java2d.d3d=false"

Solution 2: Update each Individual Desktop Client

1) Open the 'Java Control Panel' on the desktop client, Control Panel -> Java

2) Add -Dsun.java2d.d3d=false to the appropriate JRE version under;

Java -> Java Applet Runtime Settings -> View -> Java Runtime Parameters

File Export / Forms Attachments Functions

JRE 1.6.0_27 (6u27) adheres more strictly to Internet Explorer browser settings. Users may find that the File -> Export and Forms Attachments functions (for example opening Word, *.rtf and Excel attachments) will not work after upgrading to this Plug-in version when running IE6, IE7 or IE8. Trying to run these functions may cause a window to open briefly before closing again and the 'File Download' window will not open.

To fix this issue please set the following browser setting within IE under the appropriate security zone (using 'Trusted Sites' as an example):

  • Navigate to: Tools -> Internet Options -> Security -> Trusted Sites -> Custom level.
  • Set: Downloads -> Automatic prompting for file downloads to Enable

This setting no longer exists in IE9 therefore these functions will not be affected by this issue when running this browser release.

Forms Launch Issues

Applet in iframe is Displayed in FWK Menu Windows

Running Java content using JRE 1.8.0_72 or higher on Oracle E-Business Suite 12.2.x can leave the applet window displaying in the FWK Menu page on the initial launch.

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Patch Fix

To fix this issue, apply the patch below as approproate to your Oracle E-Business Suite release:

12.2.5 Users:

To fix this issue, apply Patch 22892644:R12.FWK.C or later by following its readme.

12.2.4 Users

To fix this issue, apply Patch 23119976:R12.FWK.C or later by following its readme.

Workaround

If you cannot apply the patch fix at this time you can workaround the issue using one of the following methods:

1. Refresh the page.
2. Click a link to open a form.

javax.net.ssl.SSLException: Received fatal alert: close_notify

In JRE 8 the Java Control Panel has the following values checked by default:

Java Control Panel -> Advanced (tab) -> Advanced Security Settings -> Use TLS 1.1
Java Control Panel -> Advanced (tab) -> Advanced Security Settings -> Use TLS 1.2

SSL users running JRE 8 may see the following error in the 'Java Console' when trying to launch forms or other Java content:

javax.net.ssl.SSLException: Received fatal alert: close_notify

SSL users running JRE 7 (where these values have been set) may see a similar error in the 'Java Console' when trying to launch forms or other Java content:

javax.net.ssl.SSLException: Received fatal alert: illegal_parameter

To fix this issue, apply the applicable "OHSTLS 1.2 with Client Certificate Authentication" patch for your EBS release as outlined in the JRE 8 Minimum Patch Requirements.

Workaround

If you are unable to apply this patch at this time or are waiting for its release on your platform, you can workaround the issue by unchecking the following values in the Java Control Panel:

Java Control Panel -> Advanced (tab) -> Advanced Security Settings -> Use TLS 1.1
Java Control Panel -> Advanced (tab) -> Advanced Security Settings -> Use TLS 1.2

FRM-92095: Oracle JInitiator version too low. Please install version 1.1.8.2 or higher.

The above error may be seen when trying to launch forms using the JRE 7.x or higher client Plug-in. To fix this issue please ensure you have applied the JRE 7 pre-requisite Patch 14614795 or later as outlined in JRE 7 Minimum Patch Requirements.

After applying the patch regenerate your jar files through ADADMIN with the the force option on.

Forms Focus Issues

OracleAS 10g Patches

Please apply the latest 10.1.2.3 Forms Bundle patch then regenerate the jar files through 'adadmin'.

For information on the latest 10g patch requirements please see Document 437878.1 titled, Upgrading OracleAS 10g Forms and Reports in Oracle E-Business Suite Release 12'.

JRE8 Users: Possible Focus Loss After Forms Launch

Clicking outside the frame onto the desktop or other application during forms launch may cause a loss of focus within the form once it's launched. This can occur in all Oracle E-Business Suite releases when using JRE 8. If this occurs pressing the 'tab' key should regain the correct focus within the form.

To fix this issue, apply Patch 21539521 or later.

Note: The latest forms MLR that also includes this fix is available through Patch 22698265. Users should apply this latest patch instead of the previous one.

Browser Window Opens Behind the Forms Window

Opening an html page from the forms navigator may cause the html window to open behind the navigator window when using Internet Explorer.

Windows Vista and Windows 7 Users

This is fixed for Windows Vista and Windows 7 users running the default IE tab browser settings or using non tab browser settings in JRE 1.6.0_27 (6u27).

Workarounds

If you are unable to upgrade the Java Plug-in at this time please try one of the following workarounds.

1. Alter the tabbed browser settings in IE7 or IE8

To workaround this issue when using IE7 or higher select the following options in the browser;

'Tools' - 'Internet Options' -> 'General' -> 'Tabs' -> 'Settings' -> 'Enable Tabbed Browsing' -> 'Always switch to new tabs when they are created'.

Also select either 'Let Internet Explorer decide how pop-ups should open' OR 'Always open pop-ups in a new tab' from;

'Tools' -> 'Internet Options' -> 'General' -> 'Tabs' -> 'Settings' -> 'Enable Tabbed Browsing' -> 'When a pop-up is encountered:'

2. Alter the Registry Settings using TweakUI (XP Users)

The Microsoft power tool TweakUI is only available for Windows XP. Altering the registry settings as follows may resolve the issue for all Internet Explorer versions.

  1. Download TweakUI Power Toy from the Microsoft link or other source
  2. Install Tweak UI on the desktop
  3. Select 'Start' -> 'Run' on the desktop and enter tweakui
  4. In the Tweak UI window select 'General' -> 'Focus' and uncheck 'Prevent applications from stealing focus'.

3. Turn off Next-Generation Java

Turning off next-generation java will workaround the issue for all Internet Explorer versions (IE6 and higher) when using the default browser settings. This can be turned off as follows:

Control Panel -> Java -> Advanced -> Java Plug-in -> Enable the next-generation Java Plug-in (requires browser restart)

Firefox Users

This issue is fixed for users running Firefox in JRE 1.6.0_30 (6u30) and higher by setting the following browser options:

  • Tools -> Options -> Content -> Enable JavaScript (checked)
  • Tools -> Options -> Content -> Enable JavaScript -> Advanced… (button) -> Raise or lower windows (checked)
  • Tools -> Options -> Tabs -> Open new windows in a new tab instead  (unchecked)

Type Ahead in Forms

If focus is moved out of the window, while a form is loading (for example if a message window pops up and takes the focus), any characters that were typed before the form opened will not register in the form. This is expected behavior with the native JRE Plug-in.

Forms Closure Issues

Internet Explorer "Close Window" Link - Modal Window

“The webpage you are viewing is trying to close the tab, Do you want to close this tab?”.

Using the "Close Window" link within an HTML page opened from the "Forms Navigator Menu" through Internet Explorer can cause the following modal window to pop.

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

This requires the user to acknowledge they wish to close form by clicking the 'Yes' button therefore creating an extra keystroke.

To fix this issue please upgrade to JRE 1.6.0_27 (6u27) or higher.

Mismanaged Cookie Session Issue

Note: The fix for the Mismanaged Session Cookie Issue is included in the standard release of JRE 1.6.0_23 (6u23) and higher which is available through the usual channels.

Update through the Java Update Mechanism

Users running either of the following two patched JRE releases cannot rely on the Java update mechanism to upgrade to the latest JRE release:

The Java update mechanism is disabled within these releases and cannot be re-enabled through the 'Java Control Panel'. Users must therefore download and install the latest JRE Plug-in from another source. After installing the latest JRE release the Java update mechanism will once again be enabled allowing full functionality.

The Java update mechanism is fully functioning in the usual way for users running the JRE 6u22 patched release listed below:

Running any of the following functionalities using JRE 1.6.0_18 (6u18) through to JRE 1.6.0_22 (6u22) with Internet Explorer 6 or 7 may error with;

'fndgfm.jsp error : The current session is invalid. Unable to proceed without a valid session'.

  • 'File -> Export' functionality
  • Opening attachments in forms
  • Opening an HTML form to a new window from forms.
  • Opening an Applet in a new window from forms
  • Trying to logon again after forms session timeout fails

To fix this issue it is recommended that users upgrade to JRE 1.6.0_23 (6u23) or higher. If you cannot upgrade at this time it is recommended to remain on JRE 1.6.0_17 (6u17) or use one of the patched releases of the JRE 6u22, JRE 6u21 or JRE 6u20 streams of the Plug-in. These versions are only available through the following patches:

JRE 1.6.0_22 build 3 (6u22-b03) through Patch 10189354
JRE 1.6.0_21 build 8 (6u21-b08) through Patch 10021403
JRE 1.6.0_20 build 5 (6u20-b05) through Patch 9915543

Note: If you are affected by this issue, do not download JRE 1.6.0_22, JRE 1.6.0_21 or JRE 1.6.0_20 through the usual channels or through the Java Auto Update Mechanismas these releases do not contain this fix. The standard Java SE versions available are:

JRE 1.6.0_22 build 4 (6u22-b04)
JRE 1.6.0_21 build 6 (6u21-b06)
JRE 1.6.0_20 build 2 (6u20-b02)

Patch Installation Instructions for the Desktop

The patch can be downloaded and installed directly to a desktop as follows:

1. Download the required patch to your desktop 
2. Extract the j2se160xx.exe (where xx = the version of JRE you are installing) 
3. Run the executable to install the Plug-in

Distributing the Patched Releases of the JRE Plug-in to Users

If you wish to distribute a patched release of the JRE Plug-in as a download through Oracle E-Business Suite follow the standard JRE Plug-in upgrade instructions in this document. If users are upgrading to a higher JRE release the Plug-in will be downloaded and installed in the usual way as described in this document.

If users have already installed the same Plug-in version number that does not include the fix from the usual download sources or through the 'Java Auto Update Mechanism', they will not be offered the Plug-in release for download from Oracle E-Business Suite until the current version is uninstalled from the desktop. Using JRE 1.6.0_22 (JRE 6u22) as an example:

JRE 1.6.0_22 (JRE 6u22) Users

If you already have JRE 1.6.0_22 build 4 (JRE 6u22-b04) from the usual download site or through the 'Java Auto Update Mechanism' installed on your desktop, uninstall it as follows:

Uninstall the existing JRE 6u21 Plug-in

1. Uninstall the Plug-in from your desktop (see Uninstalling a JRE Plug-in Version from your Desktop Client)
2. Install the new release on the desktop or download it through Oracle-E-Business Suite

Alternatively, if you download the JRE 6u22-b03 release from Patch 10189354 you can simply overwrite the existing version with the newer release as follows:

Overwriting your Existing JRE6u22 Release

1. Run the patched j2se16022.exe on the desktop 
2. A Java Setup window will open stating;
"This software has already been installed on your computer. Would you like to reinstall it?"
3. Click the "Yes" button
4. Continue with the installation

Workaround

To workaround the issue please disable next-generation java through the 'Java Control Panel' as follows:

Control Panel -> Java -> Advanced -> Java Plug-in -> Enable the next-generation Java Plug-in (requires browser restart)

Note: Turning off next generation java can cause forms launch issues in certain very specific circumstances, see Forms Launch Issues for further information. Running JRE 6u20-b02 may also prevent the file opening when running the 'File->Export' functionality. Please apply Patch 9915543 (JRE 6u20-b05) and turn next generation java on again to fix the problem.

For further information also see Document 1054293.1 .

NLS/MLS Issues

Chinese (*) Characters

Characters in any workflow diagram are incorrectly displayed when using 'Chinese (*)' locale settings on the desktop client, running JRE 1.6.0_17 (6u17) or JRE 1.6.0_18 (6u18). For further details please see Bug 9383553 - Fonts Incorrectly Displayed in Workflow Diagram Using JRE 6u18. This issue is fixed in JRE 1.6.0_19 (6u19)

Accented Characters in Modal Windows

Where two or more keys are required to input accented characters, the accent does not appear when typing into a modal window. For example in the 'Find' field of an LOV, only the non-accented character will show. If you are using Oracle Forms version 10.1.2.2 or earlier, please apply Patch 5526175.

Japanese JIS X 0213:2004 Character Set

The Japanese 'JIS X 0213:2004 Character Set' is included in Windows Vista and is also available through a Microsoft package for Windows XP. This character set only provides partial support for the Oracle E-Business Suite. There is no support for the supplementary character set, while combining characters is partially supported with the appropriate fonts. Currently, there is no Oracle font support, however a solution to this issue is being investigated and will be announced in due course.

Arabic Characters

When Arabic characters Alef and Lam are joined in the middle of a word, they appear incorrectly at runtime. This issue is fixed in JRE 1.5.0_17 and JRE 1.6.0_12 (6u12).

Security Warning Running JRE 6u19 and Later

"Java has discovered application components that could indicate a security concern"

JRE 6u19 and higher include a security setting parameter called, 'Mixed Code (sandboxed vs. trusted) security verification' which checks for the use of mixed code (signed and unsigned) when running an application.

By default the following warning dialog window will display when running certain forms and functionalities in Oracle E-Business Suite.

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

This may occur when running certain forms or functions due to the associated (*.gif) files, for example:

  • Forms Attachments
  • Receivables Transactions form (ARXTWMAI) - (previewscreen_enabled.gif)
  • Telesales eBusiness Center form (ASTRCALL) - (meet.gif)
  • Create Service Request form (CSXSRISR) - (adddocumenttolist_enabled.gif, create_enabled.gif)
  • Maintenance Workbench form (EAMPLNWB) - (runforecast_enabled.gif)
  • Qualifier Setup form (QPXPRQFS) - (aftbar.gif)
  • Order Organizer form (OEXOEORD) - (contextflexfield_enabled.gif)
  • Work Orders Form (EAMWOMDF) - (bomphand.gif, bomcnct.gif)
  • Graphical Kanban Workbench (FLMKBNWB) - (flmphand.gif, flmcnct.gif)

To continue to the form or function click the 'No' button. After selecting this option the form or function will behave normally and the message will not appear again for the remainder of that browser session.

For further information see the Mixing Signed and Unsigned Code webpage.

Available Fixes

Release 12.1.x Users

To fix this issue, apply Patch 17259273:R12.TXK.B (which includes fndjar.dep version 120.55.12010000.35) or later.

Workarounds

If you are unable to apply this patch fix at this time, one of the following workarounds can be used to prevent the activation of the warning window and allow the affected functionalities to work normally in the meantime.

Java Control Panel

Select the following option in the 'Java Control Panel' from the desktop client;

  • Start -> Control Panel -> Java (icon) -> Advanced -> Security -> Mixed Code (sandboxed vs. trusted) security verification
  • Check the option 'Enable - hide warning and run with protections'
  • Click the 'OK' button

deployment.properties File

Add the following entry to the deployment.properties file on the desktop client;

  • deployment.security.mixcode=HIDE_RUN

For information on updating the deployment.properties file, please reference the Deployment Configuration File and Properties document.

SSL Issues

JRE 7 SSL Error

Forms launch may fail for users running JRE 7 on SSL enabled Oracle E-Business Suite environments with the following error in the Java Console:

javax.net.ssl.SSLException: Received fatal alert: illegal_parameter
etc...

To fix this issue please apply the 10.1.0.5 (32-bit) version of Patch 6370967 - 'TLS 1.0 handshake fails when the client is running on Vista' to AS 10.1.3 with OPatch. (Note: This patch is also required for Windows XP and Windows 7)

Note: This fix is already included in the April 2011 AS 10.1.3.5 CPU patch and later, therefore this patch is not required if you have already installed an appropriate CPU patch. For further information on CPU patch releases please seeCritical Patch Updates

SSL Enabled Webcache Environments

If you are connecting to an SSL enabled Webcache instance using JRE 1.6.0_xx please ensure the following parameter is checked in the 'Java Control Panel' on the desktop client';

Control Panel -> Java -> Advanced (tab) -> Use SSL 2.0 compatible ClientHello format

JRE 6 is not truly SSL 2.0 compatible TLS 1.0 clients that support SSL Version 2.0 servers must send SSL Version 2.0 client hello messages. TLS servers should accept client hello format if they wish to support SSL 2.0 clients on the same connection port.

Without this parameter checked, forms will not launch and the following error will appear in the java console;

load: class oracle/apps/fnd/formsClient/FormsLauncher.class not found.
java.lang.ClassNotFoundException:
oracle.apps.fnd.formsClient.FormsLauncher.class
(etc)...
Caused by: javax.net.ssl.SSLException: Received fatal alert:
unexpected_message at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
(etc)...

Product Specific Issues

Customers Online Users

'Visualize Relationships' may not display through Customers Online. The applet window will open with an error, displaying a red cross in the corner. This is due to a JRE Plug-in mismatch between the version being used by Oracle E-Business Suite and the version that is stipulated in the WF_RESOURCES table. For further details please see Bug 9560111 - Visualize Relationships Applet Fails to run with JRE.

Workaround

To workaround the issue if you are unable to apply the patch fix at this time, please update the WF_RESOURCES table with the dynamic classid to allow the use of the latest available Plug-in on any users desktop as follows;

update wf_resources
set text = '8AD9C840-044E-11D1-B3E9-00805F499D93'
where name = 'WF_CLASSID';

update wf_resources
set text = '1.6+'
where name = 'WF_PLUGIN_VERSION';

commit;

Discoverer Users

Discoverer with JRE 1.8

Discoverer users running JRE 1.8.0_25 or higher must upgrade to Oracle BI Discoverer (11g) 11.1.1.7 and also apply Patch 20219002 by following its readme.

Discoverer with JRE 1.7

Discoverer users running OracleBI Discoverer (11g) 11.1.1.7 or higher should apply Patch 20219002 by following its readme.

Discoverer users running JRE 1.7.10 or higher must upgrade to Oracle BI Discoverer (11g) 11.1.1.6 or higher.

Discoverer (11g) 11.1.1.6 users must apply Patch 13877486. (Also see Document 233047.1 titled, 'How To Find Oracle BI Discoverer 10g and 11g Certification Information').

Discoverer with JRE 1.6

Discoverer users running JRE 1.6.0_03 or higher must upgrade to Oracle BI Discoverer 10.1.2.2 CP6 or higher.

JVM Shared, not allowed to set security manager

Discoverer may display the following error when trying to launch from another application or a managed link URL:

SecurityException:
JVM Shared, not allowed to set security manager

To fix this issue please apply the following patch as applicable to your Discoverer release:

Oracle BI Discoverer (11g) 11.1.1.7 Users - Patch 17303613

Oracle BI Discoverer (11g) 11.1.1.6 Users - Patch 17319353

Internet Explorer Users

Multiple Java Console Windows Open

With the 'Show Console' option set in the Java Control Panel, launching a forms based application through IE may cause two separate 'Java Console' windows to open. Accessing further applets from the same Oracle E-Business Suite session may also cause further 'Java Console' windows to appear. This is expected behavior due to Loosely-Coupled IE (LCIE). This functionality splits the browsers frame and its tabs into separate processes on the desktop to improve performance and browser recovery if a tab crashes. This will not always be seen because not every tab will necessarily be started in its own process because LCIE will attempt to balance reliability with performance. Therefore the issue of multiple java console windows is most likely to be seen if running from a high specification multi-core processor desktop.

If required you can prevent the java console from appearing by running the following from your desktop client;

Control Panel -> Java icon -> Advanced tab -> Java Console -> select the 'Hide Console' radio button

Windows Users

JRE Cache Directory

The JRE cache directory can no longer be changed through the Java Control Panel. The Change button is disabled under 'Java Control Panel' -> 'General' (tab) -> 'Settings' -> 'Location'. The default cache is set to a low-integrity directory under the users home:

%USERPROFILE%\AppData\LocalLow\Sun\Java\Deployment\cache

Users wishing to change the cache location must do so through the deployment.properties file:

%USERPROFILE%\AppData\Sun\Java\Deployment\deployment.properties

For information on updating the deployment.properties file, please reference the Deployment Configuration File and Properties document.

Note: If the cache directory is changed to a non low-integrity directory, 'Protected Mode' must be turned off within Internet Explorer 7 at runtime to allow the initial download of new or updated jar files into that cache directory. With 'Protected Mode' turned on, users may get a class not found error in the java console, which stops the application from launching. Once all the files are loaded into the cache, the application will launch correctly with 'Protected Mode' turned on. 'Protected Mode' in IE7 is set through the the appropriate browser security zone in 'Tools' -> 'Internet Options' -> 'Security' (tab) -> 'Trusted Sites' -> 'Enable Protected Mode'. (Trusted Sites is the recommended security zone for use with Oracle E-Business Suite).

Section 6: Appendices

Appendix A: Information for JRE 64-bit Users

Running 64-bit JRE with IE11

Internet Explorer runs in a multi-process architecture whereby there is a Frame (Manager) process and one or more Tab (Content) processes. There is no longer a separate 32-bit and 64-bit install of the browser when running a 64-bit version of Windows. To use JRE 64-bit versions with IE11 see the browser set up requirements under 'Internet Explorer: Running IE 11 in 64-bit Mode' within Document 389422.1.

Java Control Panel

The 64-bit version of JRE does not include the 'Java Auto Update Mechanism' that is available in the 32-bit version. Therefore the 64-bit 'Java Control Panel' does not include an 'Update' tab.

If both the 32-bit and 64-bit JRE versions are installed on the desktop the 64-bit 'Java Control Panel' will default as the viewable version under ' Control Panel':

Control Panel -> Java (icon)

You can view the 32-bit version of the 'Java Control Panel' by running the 'javacpl.exe' from the JRE installation directory, for example:

C:\Program Files (x86)\Java\jre6\bin\javacpl.exe

Appendix B: Static vs Non-Static Versioning and Set Up Options

This section provides information regarding the historical use of 'Static Versioning' and the current 'Non-Static Versioning' models and set up options for Oracle E-Business Suite users.

Overview

Static Versioning (Historical information)

Static versioning denotes the behavior by which a specific version of the Java Plug-in must be used to access an application regardless of whether later JRE Plug-in versions were also installed on the desktop client. This was the default behavior when accessing Oracle E-Business Suite through Oracle JInitiator. This behavior could also be maintained using classic JRE Plug-in releases (JRE 1.6.0_07 and lower) through registry changes on the desktop which ceased with the introduction of next-generation Java (JRE 1.6.0_10 and higher). With static versioning Oracle E-Business Suite would use a specific Plug-in version meaning users could only access the instance if using that particular Plug-in version.

Advantages

  • The web server retains control of the Plug-in version used by all users to access Oracle E-Business Suite.

Disadvantages

  • Taking advantage of the latest (and therefore most secure) Plug-in release requires the web server to be updated with the new Plug-in information before it can be rolled out to the users.
  • Retaining this model requires updates to every desktop client (Unless using the next-generation Java Plug-in technology which then causes extra modal windows to open).
  • It's an outdated concept that goes against the recommendation to use non-static versioning and push Java Plug-in version control to the desktop client.

Non-Static Versioning

Non-Static versioning denotes the behavior by which the latest (and therefore the most secure) Java Plug-in version installed on the desktop client is used to access an application. With this model the Plug-in version set on the web server is the minimum version that can be used to run a forms-based (professional user interface) responsibility from the desktop client. If multiple versions equal to or greater than the version specified are installed on the desktop client the preference will be to connect using latest available version.

Note: Non-static versioning shifts the emphasis of which Plug-in version is used onto the desktop client rather than the version specified on the web server.

Using the Next Generation Java Plug-in Technology

With JRE 1.6.0_10 or higher installed on the desktop client, next generation Java Plug-in technology will be enabled by default. The emphasis of Plug-in version selection and maintenance is shifted towards the desktop client.

JRE 1.6.0_10 and higher uses patch-in-place 'Family JRE' mode by default when installing higher releases of the Plug-in (By default installation is in "C:\Program Files\Java\jre6"). This means that the new install will patch into the same directory used by the old release, overwriting it. To maintain multiple versions with these releases requires install using 'static' mode' (User must change the directory path when installing e.g. "C:\program Files\Java\jre1.6.0_32").

Advantages

  • The web server does not require updating for each new Plug-in release.
  • It is a simple solution for users to run the latest and most secure Plug-in release.
  • This adheres to the recommendation of using non-static versioning and pushing Java Plug-in version control to the desktop client.

Disadvantages

  • It is harder to prevent the use of particular Plug-in versions.

Set Up options

Java Auto Update Mechanism (32-bit JRE)

By default the 'Java Auto Update Mechanism' is enabled in the 'Java Control Panel' when a 32-bit JRE Plug-in is installed on the desktop client. With this enabled users may be automatically upgraded to a later JRE version on their desktop client.

Note: Turning this feature off will not prevent the possibility of an admin user downloading a higher Plug-in version from another source, for example another application or web page Installing another Plug-in version in this way can re-enable the default automatic update behavior.

Note: The 'Java Auto Update Mechanism' is not included in the 64-bit version of the JRE Plugin. JRE (32-bit) versions without the 'Java Auto Update Mechanism' are also available through patch download as outlined in Document 1439822.1, titled 'All Java SE Downloads on MOS'.

Disabling the Java Auto Update Mechanism

JRE Releases with Auto Update Off

Customers that wish to control when their users are upgrade to the latest JRE release may use special versions of the JRE Plug-in that have the 'Java Auto Update Mechanism' turned off. JRE Plug-in releases with Auto Update turned off can only be downloaded through My Oracle Support. The required patch number is listed in the JRE Parameter Settings table within this document. These are also listed in Document 1439822.1, titled 'All Java SE Downloads on MOS' and look for patches named 'Oracle JRE X Update XX with Auto Update Off' e.g. 'Oracle JRE 7 Update 79 with Auto Update Off'.

Auto Update is turned off by default on all builds of JRE 1.6.0_60 (6u60) and higher.

Standard JRE Releases

To prevent the automatic update of higher JRE Plug-in versions this feature may also be disabled when using a standard JRE release with one of the options below:

Option 1: From the 'Java Control Panel'

  • From the 'Start Menu', select 'Control Panel'
  • Double click the 'Java' icon
  • Select the 'Update' tab
  • Uncheck the 'Check for Updates Automatically' box
  • Click the 'Never Check' button on the 'Java Update -Warning' pop up window
  • Click 'OK' to close the 'Java Control Panel'

Option 2: Through the Registry

  • Set all the following keys to 0:
    • HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy\EnableJavaUpdate
    • HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy\NotifyDownload
    • HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy\NotifyInstall
  • If required you may also delete the following key to stop the 'jusched.exe' program launching on startup which will remove the 'update' tab from the java control panel. (This is put back if you later install JRE):
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched

Before editing the Microsoft Windows registry, users are strongly advised to review Windows registry information for advanced users (Microsoft Knowledge Base Article 256986).

Multiple Client Java Plug-in Versions

This section provides an overview of the coexistence of multiple JRE Plug-in versions installed on a single desktop client for use through Internet Explorer.

Note: If you require further control over calling different JRE releases for different applications or security access see the Deployment Rule Set. documentation.

Firefox Browser: If using a Firefox browser it is not possible to run multiple JRE versions simultaneously from the same desktop client as the same user. This browser uses a single cookie session which restricts usage to a single Java version per desktop client at a time. You can access environments using different JRE versions from the same desktop client, but the previous browser session must be completely closed down and a new one started before running a different JRE version. You may still access the same Oracle E-Business Suite environment simultaneously using different JRE versions, but only by using separate desktop clients. Each desktop client would use a specific JRE version.

Coexistence of Different JRE Families on the Desktop Client

In the correct circumstances two different JRE families may seamlessly coexist on the same desktop client and allow connection to the same or multiple Oracle E-Business Suite environments using one plug-in or the other. This can be useful for testing purposes and connection to multiple Oracle E-Business Suite environments that may be calling different Plug-in streams. It may also be possible to connect to the same environment using different Plug-in streams seeAdding Additional JRE Plug-in Versions in EBS.

JRE 1.6.0_121: Coexistance using JRE 1.6.0_121 will no longer function. Using this release in such a scenario may display the following error or similar in the Java Control Panel.

java.lang.ClassCastException:com.sun.net.ssl.internal.ssl.X509TrustManagerImpl
cannot be cast to com.sun.deploy.security.X509ExtendedDeployTrustManager

It is recommended that JRE 6 users run on the latest and therefore most secure release available on the JRE 6 stream.

Security Baseline

The 'Java Security Baseline' function is applicable when different JRE family versions are installed on the desktop client and the web server is calling a lower JRE family version.

The security baselines for the recent releases are as follows:

JRE 8 Security Baseline JRE 7 Security Baseline JRE 6 Security Baseline
1.8.0_101

1.7.0_111

1.6.0_121
1.8.0_91 1.7.0_101 1.6.0_115

The security baselines for each JRE version are stated in the Update Release Notes.

Coexistance Using the Latest JRE Releases

Running different JRE streams seamlessly from the same desktop using the recommended Java security setting or higher (High or Very High) requires the latest available JRE CPU release with the equivalent JRE family baseline. In some cases you may also be able to run this function using a primary release below the latest CPU, however it will cause extra pop-ups and may not function at all.

Note: Ensure you have applied the Jar Manifest permissions and attribute fix to all environments where you require coexistence even if it is running JRE 6, see JRE 1.7.0_25 (7u25) and Higher for the patch requirements. Although this security change is a JRE 8 and JRE 7 requirement you will still require this fix on an environment where you also want to run JRE 6. This is because that environment will initially launch using JRE 8 or JRE 7 which will check the suitability of the Jar file manifest before attempting to hand over control to JRE 6.
Examples:

The table below gives some examples outlining the expected behavior when running multiple JRE releases from the same desktop client. Your web server must explicitly call the secondary JRE version as shown in the table. Java content will initially launch using the primary (highest) JRE family release which will then evaluate certain 'rules', once satisfied it will pass control to the secondary (lower) JRE family release.

Note: When running on the recommended 'High' or 'Very High' security settings; where the expiration date of a JRE release has been reached this function will stop working causing the Warning - Unavailable Version of Java Requested message to pop. JRE expiration dates are available in the JRE 8 Release Notes and JRE 7 Release Notes. JRE releases will expire upon the release of a later version that includes security fixes if you are accessing an Oracle server. For systems unable to reach Oracle servers, the JRE will expire one month later through an internal mechanism. For further information see the JRE Expiration Date page.

Desktop Client
Primary Version

Desktop Client
Secondary Version

web server version
(appsweb.cfg) 1

Java Console Output Example
1.8.0_101 1.8.0_91 clsid:CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA
sun_plugin_version=1.8.0_91
Java Plug-in 11.101.2...
Using JRE version 1.8.0_91 Java HotSpot(TM)..
1.8.0_102 1.7.0_111 clsid:CAFEEFAC-0017-0000-0111-ABCDEFFEDCBA
sun_plugin_version=1.7.0_111
Java Plug-in 11.102.2...
Using JRE version 1.7.0_111 Java HotSpot(TM)..
1.7.0_111 1.7.0_101 clsid:CAFEEFAC-0017-0000-0101-ABCDEFFEDCBA
sun_plugin_version=1.7.0_101
Java Plug-in 10.111.2...
Using JRE version 1.7.0_101 Java HotSpot(TM)...

1 Internet Explorer uses the clsid value for calling the JRE version. Mozilla Firefox uses the sun_plugin_version value for calling the JRE version.

Coexistence Known Issue: 3-Digit Point Release Versions Not Recognized by Java 8

It is currently not possible to run 3-digit point release versions of JRE on top of JRE 8. Only the final 2-digits are recognized and therefore the correct version is not found. For example if trying to use the coexistance rules to run JRE1.7.0_101 on top of JRE 1.8.0_91 a pop up message will display stating:

"This application would like to use a version of Java (1.7.0_01) that is not installed on your system.We recommend running the application with the latest version of Java on your computer."

If you click the "Run with the latest version" button, the Java content will simply launch using JRE 1.8.0_91.

Fix

This issue is fixed in JRE 1.8.0_102.

Coexistence Using Older JRE Releases

It is recommended that users upgrade to the latest JRE CPU release running on 'High' or 'Very High' Java security settings. Using the default settings you cannot run older versions of JRE together. Coexistence of older JRE versions can be achieved but it requires the Java security levels to be lowered. This is therefore not recommended as a long term solution but can be useful for testing purposes for example. Versions that are 2 below the latest security baseline, or versions that are past their expiry date can be deemed Older versions. The following provides a brief overview of the required settings for running older versions of JRE from different families together. The same principles can be used if you wish to run two versions from the same family.

Running JRE 8 and JRE 7 from the same desktop
  • Ensure the web server is set to call the version of JRE 7 you want to use
  • From the Java Control Panel:
    • Add the your environments URL (e.g. https://server.example.com:4443) under: Security (tab) -> Exception Site List.
    • Click Security (tab) -> Restore Security Prompts -> Restore All
    • Clear the Cache: General (tab) -> Settings -> Delete Files
Running JRE 8 and JRE 6 from the same desktop
  • Ensure the web server is set to call the version of JRE 6 you want to use
  • From the Java Control Panel:
    • Add the your environments URL (e.g. https://server.example.com:4443) under: Security (tab) -> Exception Site List.
    • Click Security (tab) -> Restore Security Prompts -> Restore All
    • Uncheck later TLS settings: Advanced (tab) -> Advanced Security Settings -> TLS 1.1 and 1.2
      • (These are checked by default in JRE 8)
    • Clear the Cache: General (tab) -> Settings -> Delete Files
Running JRE 7 and JRE 6 from the same desktop
  • Ensure the web server is set to call the version of JRE 6 you want to use
  • From the Java Control Panel:
    • Reduce the security level to Medium: Security (tab) -> Security Level
    • Click Security (tab) -> Restore Security Prompts -> Restore All
    • Clear the Cache: General (tab) -> Settings -> Delete Files

Dynamic and Family CLSID

In most cases users will continue to upgrade their EBS web server using a CLSID pointing to a specific version. If you are using the latest JRE upgrade scripts through the application of Patch 21624242 there is the additional option of using the 'Dynamic' or 'Family' CLSID in your configuration if required. This is outlined in Section 3: Upgrade and Configuration within this document. While these can be used to exert some control of Java selection, they will still adhere to the usual Java security rules.

The 'CLSID' value is used by Internet Explorer when ascertaining the version of Java to use when running any Java content and is therefore only applicable when using that browser. Firefox uses an open 'mimetype' along with the java_version parameter and therefore provides limited java version control.

Numeric CLSID

Using a numeric CLSID pointing to a specific JRE release is is what has been used historically with Oracle E-Business Suite. This is useful for controlling the minimum JRE version that can used for security or other reasons. The version set here specifies the minimum version of JRE that can be used to access any Java content. If multiple versions are installed on the desktop it will initially try and launch on the latest version from highest JRE family available that is greater than the version specified by the CLSID. Depending on the security rules and the Security Baseline the specified version may then be used to run the Java content.

Dynamic CLSID

The Dynamic CLSID will try to run using the latest version from the highest Java family installed on the desktop. It will only try to download a Java version from the EBS web server if there is no version of JRE available on the desktop. This can be useful if you have different users running different JRE releases and/or families.

Family CLSID

Using the Family CLSID will try and run with the latest version of JRE it can find on the desktop of the stated Java family or a higher Java family. For example if you are using the Family CLSID and have both JRE 6 and JRE 7 installed, Java content will try and launch using the latest version of JRE 7 it can find. If you also have JRE 8 installed it will launch using the JRE 8 release. This can be useful if you have different users running different versions and/or families but you want to restrict users running an old Java family release.

General Warning Messages

Warning - Unavailable Version of Java Requested

Trying to call a version of Java that is past it's expiration date when using the recommended 'High' or 'Very High' security settings will cause the following warning message to pop.

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Selecting 'Run with the latest version' will cause forms to launch using the higher JRE version on your desktop.

Selecting 'Cancel' will prevent forms from launching.

An Application would like access to an out-of-date version of Java

If you have JRE 1.7.0_21 or higher installed on your desktop with Java security set at 'Medium' (Not Recommended) or have JRE 1.7.0_17 or earlier installed on your desktop running with their default Java security settings the following security warning may display:

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Selecting 'Run with the latest version on your system...' will cause forms to launch using JRE 1.7.0_25.

Selecting 'Allow this application to run with the requested version...' will launch using JRE 1.6.0_43 on top of JRE 1.7.0_25.

The choice made by the user in response to this security message is stored in the Java cache. Choosing which version to use is therefore remembered when accessing the environment in future and the warning will not pop again. If you wish to change your choice and run using the other the version to access the environment you can make this message pop again as below:

JRE 1.7.0_40 and Earlier

If running JRE 1.7.0_40 or earlier you can restore the security certificates by clearing the 'Installed Applications and Applets' in the Java Cache:

Java Control Panel -> General (tab) -> Settings (button) -> Delete Files (button) -> (Select) Installed Applications and Applets -> OK (button)

JRE 1.7.0_45 and Later

If running JRE 1.7.0_45 or later you can restore the security certificates by selecting the 'Restore Security Prompts' button:

Java Control Panel -> Security (tab) -> Restore Security Prompts (button) -> Restore All (button)

Note: Running two JRE Plug-in versions from the same desktop client can be managed seamlessly by using IE8 or IE9 32-bit and 64-bit browser as outlined in Appendix A: Information for JRE 64-bit Users.

Adding Additional JRE Plug-in Versions in EBS

It is recommended that only one JRE version is used to access a single Oracle E-Business Suite instance

There may be occasions where it is desirable to test and compare changes in functionality or security across different Plug-in versions in a test system. Users may access the same Oracle E-Business Suite instance from the same desktop client using different JRE client Plug-in versions in the following ways.

The txkSetPlugin script outlined in Step 2.1. Apply the JRE Interoperability Patch section above, is only run for the version of JRE that you wish to have as your default Plug-in.To add additional JRE versions to be run against the same environment follow the steps below.

Adding a JRE Version

Using JRE 1.6.0_91 as an example.

1. Copy the j2se16091.exe file to your $OA_HTML directory to allow user download of the Plug-in at runtime. (The sun_plugin_url parameter below denotes the Plug-in file name and download directory).

2. Take a backup copy of your original $FND_TOP/admin/template/forms_web_1012_cfg.tmp file.

3. Add the following information under [myExtensions] at the bottom of your $FND_TOP/admin/template/forms_web_1012_cfg.tmp file.

Substitute the environment values as appropriate to your own environment. The connectMode and serverPort settings can be copied from your $INST_TOP/ora/10.1.2/forms/server/appsweb.cfg file as required.

Servlet Example:

[J16091]
connectMode=servlet
serverPort=9000
sun_plugin_classid=clsid:CAFEEFAC-0016-0000-0091-ABCDEFFEDCBA
sun_plugin_version=1.6.0_91
sun_plugin_url=https://server1.example.com:8000/OA_HTML/j2se16091.exe
sun_plugin_mimetype=application/x-java-applet
sun_plugin_legacy_lifecycle=false
plugin=jdk
;

4. Enter the forms URL against the ICX: Forms Launcher profile at user level for the appropriate E-Business Suite user. (If required, you may set up a new user through the System Administrator Responsibility for this). In this example, logging in as this user will cause JRE 1.6.0_91 to be used as the Plug-in instead of the default version providing JRE 1.6.0_91 is the highest available version of JRE available on that particular desktop client or a suitable security baseline release.

The name you used in the update above under step 3, e.g. [J16091] must be referenced as the 'config' parameter like the example below:

https://server1.example.com:4443/forms/frmservlet?config=J16091

5. Run autoconfig to filter the changes through to the runtime version of appsweb.cfg.

Appendix C: Desktop Client Information

Accessing Oracle E-Business Suite from a Desktop Client

Administrator privileges are required for installing all JRE Plug-in versions on the desktop client.

IE Browser Settings for User Download of the Java Plug-in (oaj2se.exe)

Oracle recommends that customers running Oracle E-Business Suite through a Microsoft Internet Explorer (IE) browser should use a 'Medium' security setting through the 'Trusted Sites' zone in the browser at runtime. Further information on browser settings are available from Document 389422.1 titled, 'Recommended Browsers for Oracle E-Business Suite Release 12'.

If the appropriate Plug-in or higher is not already installed on the desktop client, you should be prompted to download it when trying to connect to a 'forms link' through an Oracle E-Business Suite forms-based (professional user interface) responsibility.

Note: The oaj2se.exe can usually be downloaded manually by adding '/OA_HTML/oaj2se.exe' to the base url of the environment. For example; if the base url of the environment was 'https://server1.example.com:4443', you could run 'https://server1.example.com:4443/OA_HTML/oaj2se.exe'.

With a medium security setting, after clicking on a 'forms link', a message similar to the following should appear at the top of the browser window;

JRE 6 Users

"The website wants to install the following add-on: 'Java(TM) Runtime Environment 6.0 Update 38' from 'Sun Microsystems, Inc.'. If you trust this website and the add-on and want to install it, click here..."

JRE 7 Users

'The website wants to install the following add-on: 'Java SE Runtime Environment 7.0 Update 10' from 'Oracle America, Inc.'. If you trust this website and the add-on and want to install it, click here...'

If you see this message, follow the steps below to install the Plug-in:

  1. Click on the message above and select 'Install ActiveX Control...'
  2. Once the browser has stopped processing, click on the 'forms link' again, and the oaj2se.exe file should start to download
  3. Once the download has completed, a security warning pop-up window will ask, 'Do you want to install this software?'
  4. Click on the 'Install' button and follow the on screen instructions

Alternatively, you can avoid this message by temporarily altering the security settings for the initial install, using one of the two methods below. Once the Plug-in has been installed on the desktop client, the browser security settings should be reset to 'medium'.

Method A: Change Security Setting to Medium-low

  1. Select 'Tools' -> 'Internet Options -> 'Security' (Tab)' from the browser menu.
  2. Select 'Trusted Sites' -> 'Custom Level' (button)
  3. From the 'Reset custom settings' drop down select 'Medium-low'
  4. Click the 'Reset...' button and accept the changes.
  5. Press the 'OK' buttons on the 'Security Settings' and 'Internet Options' windows.
  6. Close the browser and start a new browser session for the settings to take effect.
  7. After launching Oracle E-Business Suite and downloading the oaj2se.exe file onto your desktop client, please reset the security setting back to 'Medium'.

Method B: Change Individual Parameter Settings

  1. Select 'Tools' -> 'Internet Options -> 'Security' (Tab)' from the browser menu.
  2. Select 'Trusted Sites' -> 'Custom Level' (button)
  3. Under 'Settings' -> 'ActiveX controls and Plug-ins'
  4. Change 'Automatic prompting for ActiveX controls' to 'Enable'
  5. Change 'Download unsigned ActiveX controls' to 'Prompt'
  6. Click the 'OK' button and accept the changes and click the 'OK' buttons to close the window
  7. Close the browser and start a new browser session for the settings to take effect.
  8. After launching Oracle E-Business Suite and downloading the oaj2se.exe file onto your desktop client, please reset
    'Automatic prompting for ActiveX controls' to 'Disable' and
    'Download unsigned ActiveX controls' to 'Disable.

Connecting to an Oracle E-Business Suite Instance for the First Time

"The application's digital certificate cannot be verified. Do you want to run the application?"

If accessing Oracle E-Business Suite using a Forms-based (Professional user interface) responsibility where the Java certificate for the environment you are accessing has not previously been installed into the Java certificate store, the following warning window will display:

JRE 7 Users

JRE 7u40 and Higher Users

If your Jar files are still signed with a self-signed certificate, the option to 'remember the decision' for future logins has been removed in JRE 1.7.0_40 (7u40) and later. This warning message will therefore appear each time you start a new session requiring the user to agree to accept the risk before running.

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Tick the checkbox and click the 'Run' button to open the form.

To prevent this security window popping it is recommended that you sign all your jars using a trusted certificate authority (CA). Signing can be done using either an official CA (such as Verisign, Thawte etc.) or an in-house CA. For further information on Jar signing requirements see Document 1591073.1 titled, 'Enhanced JAR File Signing for Oracle E-Business Suite'.

Running with a Self-Signed Certificate

If your Jars are signed with a self-signed certificate you can still launch Java content and also prevent this window from popping by utilizing a Deployment Rule Set. However, the DeploymentRuleSet.jar file must itself be signed with a certificate from a Trusted CA, either an official CA (such as Verisign, Thawte etc.).

If your Jars are signed with a self-signed certificate you can also still launch Java content using a self-signed certificate by utilizing the Exception Site List feature from the desktop. However, this will not suppress this warning message. Users will still be required to respond to this warning each time they launch a new session.

JRE 7u21 and Lower Users

If accessing Oracle E-Business Suite using a Forms-based (Professional user interface) responsibility where the Java certificate for the environment you are accessing has not previously been installed into the Java certificate store, the following, or similar, security warning window will display:

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Check the 'I accept the risk and want to run this application' box to verify you trust the certificate. 
Click the 'Hide Options' button and check 'Do not show this again for apps from the publisher and location above'
Click the 'Run' button to open the form. 
Once the certificate has been successfully installed, this message will not appear again when accessing this environment from your desktop client.

JRE 6 Users

JRE 6u60 and Lower Users

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Check 'Always trust content from this publisher' to verify you trust the certificate.
Click the 'Run' button to open the form.
Once the certificate has been successfully installed, this message will not appear again when accessing this environment from your desktop client.

JRE 6u65 and Higher Users

To further enhance Java security the option to install the certificate into the Java certificate store and remember the decision for future logins when using self-signed certificates has been removed in JRE 1.6.0_65 (6u65) and higher. This warning message will therefore appear each time you start a new session if using self-signed certificates. To prevent this message appearing sign your jar files using a trusted CA by following Document 1591073.1.

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

Click the 'Run' button to open the form.

Note: If you are using a self-signed certificate for jar signing the Publisher will display as UNKNOWN in the Java 'Warning - Security' window as shown above. This is an intended change in behavior to avoid misrepresentation and spoofing attacks. Trusted signing authorities will continue to display the publisher name as in previous JRE Plug-in releases.

Uninstalling a JRE Plug-in Version from your Desktop Client

To uninstall a JRE Plug-in version from your desktop client:

1. From the Windows 'Control Panel' click on 'Programs and Features'.
2. Select the appropriate version of 'J2SE Runtime Environment' and click the 'Uninstall' button.
3. Select the appropriate options in the dialogs which follow. (An administrator's password is required for this).

Reverting to a Previous Java Plug-in Version

If you wish to revert back to previously installed version of the Java Plug-in to be used in the Oracle E-Business Suite, please re-install the required version by re-running the txkSetPlugin script with the appropriate parameters. Running this script is explained in Step 5.1. Run the JRE Upgrade Script (Unix Users)and Step 3.2. Run the JRE Upgrade Script (Windows Users). This will automatically update the JRE parameters in the configuration files of your Web Application Tier.

Appendix D: Reference Information

JRE Tracing options

JRE native Plug-in has the following levels of tracing available;

0 ­ off
1 ­ basic
2 ­ network, cache and basic
3 ­ security, network and basic
4 ­ extension, security, network and basic
5 ­ LiveConnect, extension, security, network, temp and basic

The trace level can be enabled by entering the appropriate number key for the tracing level required in the java console window once it has launched. This can however be problematic as the speed of the jar download may mean that the initial information is not captured. You may enable the required trace level before start up by updating the 'Java Runtime Parameters' in the 'Java Control Panel':

1. Open the Java Plug-in Control Panel on your desktop through: Start -> Settings -> Control Panel -> Java 
2. Ensure Advanced (tab) -> Java Console -> Show Console is checked
3. Ensure Advanced (tab) -> Debugging -> Enable tracing is checked
4. Enter the required tracing level under Advanced (tab) -> Java Runtime Parameters (Using tracing level 5 as an example):
-Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|cache|security|ext|liveconnect|temp

The Java Console output can also be written to a log file by enabling logging in the 'Java Control Panel':

1. Open the Java Plug-in Control Panel on your desktop through: Start -> Settings -> Control Panel -> Java 
2. Ensure Advanced (tab) -> Debugging -> Enable logging is checked

The log file will be written to the <User Application Data Folder>\Sun\Java\Deployment\log folder which by default is located in the following directory:

Windows Vista, 7, 8 and 10
%USERPROFILE%\AppData\LocalLow\Sun\Java\Deployment\log

Please see the Tracing and Logging page for further information.

JRE Parameter Settings

JRE Parameter and Bug Numbers for Recent Releases

The following table shows the required parameter values and patch numbers for recommended versions of JRE for use with Oracle E-Business Suite.

Occasionally a one off patch release of JRE may also be recommended to fix a specific problem. All JRE patch numbers are listed in Document 1439822.1, titled 'All Java SE Downloads on MOS'. Many of the special builds listed in that document are not required for EBS users and are therefore not tested against EBS. Unless specifically instructed otherwise only use the standard releases listed in the table below.

Note: Odd number versions (e.g. 1.8.0_101) denote that it is a Critical Patch Update (CPU) release. Even number versions (e.g. 1.8.0_102) are generally Bundled Patch Releases (BPR). Users are recommended to only use the BPR release if they are being impacted by any additional fixes, if any, affecting Oracle E-Business Suite.
JRE Version sun_classid sun_ver_name jversion
Parameter
Patch No.
Std. Public Build 1
Patch No.
Auto Update Off Build 2
JRE 8
1.8.0_102 clsid:CAFEEFAC-0018-0000-0102-ABCDEFFEDCBA Version=1.8.0_102 18102 Patch 23218390 Not Applicable
1.8.0_101 clsid:CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA Version=1.8.0_101 18101 Patch 23218347 Not Applicable
1.8.0_92 clsid:CAFEEFAC-0018-0000-0092-ABCDEFFEDCBA Version=1.8.0_92 18092 Patch 22599093 Not Applicable
1.8.0_91 clsid:CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA Version=1.8.0_91 18091 Patch 22599162 Not Applicable
1.8.0_77 clsid:CAFEEFAC-0018-0000-0077-ABCDEFFEDCBA Version=1.8.0_77 18077 Patch 22961063 Not Applicable
1.8.0_74 clsid:CAFEEFAC-0018-0000-0074-ABCDEFFEDCBA Version=1.8.0_74 18074 Patch 22648233 Not Applicable
1.8.0_73 clsid:CAFEEFAC-0018-0000-0073-ABCDEFFEDCBA Version=1.8.0_73 18073 Patch 21873987 Not Applicable
1.8.0_72 clsid:CAFEEFAC-0018-0000-0072-ABCDEFFEDCBA Version=1.8.0_72 18072 Patch 22187076 Not Applicable
1.8.0_71 clsid:CAFEEFAC-0018-0000-0071-ABCDEFFEDCBA Version=1.8.0_71 18071 Patch 22187034 Not Applicable
1.8.0_66 clsid:CAFEEFAC-0018-0000-0066-ABCDEFFEDCBA Version=1.8.0_66 18066

JRE8u66-b35 Patch 22286087
JRE8u66-b33 Patch 22097409
Standard Build Patch 21689815

Not Applicable
1.8.0_65 clsid:CAFEEFAC-0018-0000-0065-ABCDEFFEDCBA Version=1.8.0_65 18065 Patch 21688507 Not Applicable
1.8.0_60 clsid:CAFEEFAC-0018-0000-0060-ABCDEFFEDCBA Version=1.8.0_60 18060 Patch 21421716 Not Applicable
1.8.0_51 clsid:CAFEEFAC-0018-0000-0051-ABCDEFFEDCBA Version=1.8.0_51 18051 Patch 21045690 Not Applicable
1.8.0_45 clsid:CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA Version=1.8.0_45 18045 Patch 20418617 Not Applicable
1.8.0_40 clsid:CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA Version=1.8.0_40 18040 Patch 19517701 Not Applicable
1.8.0_31 clsid:CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA Version=1.8.0_31 18031 Patch 19815880 Not Applicable
1.8.0_25 clsid:CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA Version=1.8.0_25 18025 Patch 19137932 Not Applicable
JRE 7
1.7.0_111 clsid:CAFEEFAC-0017-0000-0111-ABCDEFFEDCBA Version=1.7.0_111 17111 Not Applicable Patch 23218354
1.7.0_101 clsid:CAFEEFAC-0017-0000-0101-ABCDEFFEDCBA Version=1.7.0_101 17101 Not Applicable Patch 22599161
1.7.0_99 clsid:CAFEEFAC-0017-0000-0099-ABCDEFFEDCBA Version=1.7.0_99 17099 Not Applicable Patch 22961080
1.7.0_97 clsid:CAFEEFAC-0017-0000-0097-ABCDEFFEDCBA Version=1.7.0_97 17097 Not Applicable Patch 22350219
1.7.0_95 clsid:CAFEEFAC-0017-0000-0095-ABCDEFFEDCBA Version=1.7.0_95 17095 Not Applicable Patch 22187044
1.7.0_91 clsid:CAFEEFAC-0017-0000-0091-ABCDEFFEDCBA Version=1.7.0_91 17091 Not Applicable JRE 7u91-b33 Patch 22217483
Standard Build Patch 21689625
1.7.0_85 clsid:CAFEEFAC-0017-0000-0085-ABCDEFFEDCBA Version=1.7.0_85 17085 Not Applicable Patch 21054749
1.7.0_80 clsid:CAFEEFAC-0017-0000-0080-ABCDEFFEDCBA Version=1.7.0_80 17080 Patch 20418657 Patch 20418664
1.7.0_79 clsid:CAFEEFAC-0017-0000-0079-ABCDEFFEDCBA Version=1.7.0_79 17079 Patch 20418638 Patch 20418648
1.7.0_76 clsid:CAFEEFAC-0017-0000-0076-ABCDEFFEDCBA Version=1.7.0_76 17076 Patch 19815950 Patch 19815962
1.7.0_75 clsid:CAFEEFAC-0017-0000-0075-ABCDEFFEDCBA Version=1.7.0_75 17075 Patch 19815915 Patch 19815936
1.7.0_72 clsid:CAFEEFAC-0017-0000-0072-ABCDEFFEDCBA Version=1.7.0_72 17072 Patch 19288554 Patch 19288585
1.7.0_71 clsid:CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA Version=1.7.0_71 17071 Patch 19138158 Patch 19138320
1.7.0_67 clsid:CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA Version=1.7.0_67 17067 Patch 19295656 Patch 19295660
1.7.0_65 clsid:CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA Version=1.7.0_65 17065 Patch 18763605 Patch 18763733
1.7.0_60 clsid:CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA Version=1.7.0_60 17060 Patch 18673774 Patch 18673810
1.7.0_55 clsid:CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA Version=1.7.0_55 17055 Patch 18143574 Patch 18143605
1.7.0_51 clsid:CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA Version=1.7.0_51 17051 Patch 17777900 Patch 17777912
1.7.0_45 clsid:CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA Version=1.7.0_45 17045 Patch 17046821 Patch 17046813
1.7.0_40 clsid:CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA Version=1.7.0_40 17040 Patch 17186023 Patch 17186034
1.7.0_25 clsid:CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA Version=1.7.0_25 17025 Patch 16631582 Patch 16631990
1.7.0_21 clsid:CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA Version=1.7.0_21 17021 Patch 16534054 Patch 16534018
JRE 6
1.6.0_121 clsid:CAFEEFAC-0016-0000-0121-ABCDEFFEDCBA Version=1.6.0_121 16121 Not Applicable Patch 23218364
1.6.0_115 clsid:CAFEEFAC-0016-0000-0115-ABCDEFFEDCBA Version=1.6.0_115 16115 Not Applicable Patch 22599160
1.6.0_113 clsid:CAFEEFAC-0016-0000-0113-ABCDEFFEDCBA Version=1.6.0_113 16113 Not Applicable Patch 21874006
1.6.0_111 clsid:CAFEEFAC-0016-0000-0111-ABCDEFFEDCBA Version=1.6.0_111 16111 Not Applicable Patch 22187051
1.6.0_105 clsid:CAFEEFAC-0016-0000-0105-ABCDEFFEDCBA Version=1.6.0_105 16105 Not Applicable Patch 21689666
1.6.0_101 clsid:CAFEEFAC-0016-0000-0101-ABCDEFFEDCBA Version=1.6.0_101 16101 Not Applicable Patch 21054818
1.6.0_95 clsid:CAFEEFAC-0016-0000-0095-ABCDEFFEDCBA Version=1.6.0_95 16095 Not Applicable Patch 20418674
1.6.0_91 clsid:CAFEEFAC-0016-0000-0091-ABCDEFFEDCBA Version=1.6.0_91 16091 Not Applicable Patch 19816086
1.6.0_85 clsid:CAFEEFAC-0016-0000-0085-ABCDEFFEDCBA Version=1.6.0_85 16085 Not Applicable Patch 19138237
1.6.0_81 clsid:CAFEEFAC-0016-0000-0081-ABCDEFFEDCBA Version=1.6.0_81 16081 Not Applicable Patch 18763636
1.6.0_75 clsid:CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA Version=1.6.0_75 16075 Not Applicable Patch 18143596
1.6.0_71 clsid:CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA Version=1.6.0_71 16071 Not Applicable Patch 17777920
1.6.0_65 clsid:CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA Version=1.6.0_65 16065 Not Applicable Patch 17046855
1.6.0_60 clsid:CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA Version=1.6.0_60 16060 Not Applicable Patch 17021678
1.6.0_51 clsid:CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA Version=1.6.0_51 16051 Patch 16631640 Patch 16631997
1.6.0_45 clsid:CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA Version=1.6.0_45 16045 Patch 16457117 Patch 16534039

1 Patch No. Standard Public Build: This patch contains the same JRE build that was/is available from the public download sites and through the 'Java Auto Update Mechanism'.

2 Patch No. Auto Update Off Build: This patch contains the standard JRE build (usually build 30) with the 'Java Auto Update Mechanism' turned off. This is specifically for customers who wish to keep up to date with the latest Java 32-bit releases but also want control over when their users upgrade. The auto update function is only available for the 32-bit versions of JRE. All JRE 64-bit releases come with auto update turned off by default.

Note: Java patches generally contain both the JRE and JDK releases. Please extract and use the JRE version of Java from the patch, the JDK version is not required for the purposes of this document.

JRE Parameter Settings for Earlier Releases

The following table shows the required parameter values for earlier releases of JRE.

JRE Version sun_classid sun_ver_name jversion
Parameter
JRE 7
1.7.0_17 clsid:CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA Version=1.7.0_17 17017
1.7.0_15 clsid:CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA Version=1.7.0_15 17015
1.7.0_13 clsid:CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA Version=1.7.0_13 17013
1.7.0_11 clsid:CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA Version=1.7.0_11 17011
1.7.0_10 clsid:CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA Version=1.7.0_10 17010
JRE 6
1.6.0_43 clsid:CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA Version=1.6.0_43 16043
1.6.0_41 clsid:CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA Version=1.6.0_41 16041
1.6.0_39 clsid:CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA Version=1.6.0_39 16039
1.6.0_38 clsid:CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA Version=1.6.0_38 16038
1.6.0_37 clsid:CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA Version=1.6.0_37 16037
1.6.0_35 clsid:CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA Version=1.6.0_35 16035
1.6.0_34 clsid:CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA Version=1.6.0_34 16034
1.6.0_33 clsid:CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA Version=1.6.0_33 16033
1.6.0_32 clsid:CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA Version=1.6.0_32 16032
1.6.0_31 clsid:CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA Version=1.6.0_31 16031
1.6.0_30 clsid:CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA Version=1.6.0_30 16030
1.6.0_29 clsid:CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA Version=1.6.0_29 16029
1.6.0_27 clsid:CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA Version=1.6.0_27 16027
1.6.0_26 clsid:CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA Version=1.6.0_26 16026
1.6.0_25 clsid:CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA Version=1.6.0_25 16025
1.6.0_24 clsid:CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA Version=1.6.0_24 16024
1.6.0_23 clsid:CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA Version=1.6.0_23 16023
1.6.0_22 clsid:CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA Version=1.6.0_22 16022
1.6.0_21 clsid:CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA Version=1.6.0_21 16021
1.6.0_20 clsid:CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA Version=1.6.0_20 16020
1.6.0_19 clsid:CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA Version=1.6.0_19 16019
1.6.0_18 clsid:CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA Version=1.6.0_18 16018
1.6.0_17 clsid:CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA Version=1.6.0_17 16017
1.6.0_16 clsid:CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA Version=1.6.0_16 16016
1.6.0_15 clsid:CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA Version=1.6.0_15 16015
1.6.0_14 clsid:CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA Version=1.6.0_14 16014
1.6.0_13 clsid:CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA Version=1.6.0_13 16013
1.6.0_12 clsid:CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA Version=1.6.0_12 16012
1.6.0_11 clsid:CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA Version=1.6.0_11 16011
1.6.0_10 clsid:CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA Version=1.6.0_10 16010
1.6.0_07 clsid:CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA Version=1.6.0_07 16007
1.6.0_06 clsid:CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA Version=1.6.0_06 16006
1.6.0_05 clsid:CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA Version=1.6.0_05 16005
1.6.0_04 clsid:CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA Version=1.6.0_04 16004
1.6.0_03 clsid:CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA Version=1.6.0_03 16003

Related Notes

Change Log

Date Description
Jul 19, 2016 Added JRE 1.8.0_101 (8u101) 32-bit and 64-bit PSU Releases as certified desktop Plug-ins.
Added JRE 1.8.0_102 (8u102) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.7.0_111 (7u111) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.6.0_121 (6u121) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.

Added Known Issue: JRE 1.8.0_101 May Cause Extra Pop-Ups When Using IE
Added JRE8u102 as the fix for the Coexistence Known Issue: 3-Digit Point Release Versions Not Recognized by Java 8

Jul 1, 2016 Added Patch 23119976:R12.FWK.C to fix the Applet in iframe is Displayed in FWK Menu Windows issue for EBS 12.2.4 users.
Jun 21, 2016 Added Patch 22892644:R12.FWK.C to fix the Applet in iframe is Displayed in FWK Menu Windows issue for EBS 12.2.5 users.
Apr 25, 2016 Added the latest forms MLR Patch 22698265 to the JRE 8 Users: Possible Focus Loss After Forms Launch section. 
This may be applied instead of the older Patch 21539521.
Apr 19, 2016 Added JRE 1.8.0_91 (8u91) 32-bit and 64-bit PSU Releases as certified desktop Plug-ins.
Added JRE 1.8.0_92 (8u92) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.7.0_101 (7u101) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.6.0_115 (6u115) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.

Added Coexistence Known Issue: 3-Digit Point Release Versions Not Recognized by Java 8

Mar 24, 2016

Added the following releases for Oracle Security Alert for CVE-2016-0636:

JRE 1.8.0_77 (8u77) 32-bit and 64-bit Releases as certified desktop Plug-ins.
JRE 1.7.0_99 (7u99) 32-bit and 64-bit Releases as certified desktop Plug-ins.

Mar 16, 2016 Added Mozilla Firefox ESR 45.x as a certified browser.
Feb 25, 2016 Removed Win XP and EBS 12.0.6 information.
Feb 8, 2016

Added the following releases for Oracle Security Alert for CVE-2016-0603:

JRE 1.8.0_74 (8u74) 32-bit and 64-bit PSU Releases as certified desktop Plug-ins.
JRE 1.8.0_73 (8u73) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
JRE 1.7.0_97 (7u97) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
JRE 1.6.0_113 (6u113) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.

Jan 19, 2016 Added JRE 1.8.0_72 (8u72) 32-bit and 64-bit PSU Releases as certified desktop Plug-ins.
Added JRE 1.8.0_71 (8u71) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.7.0_95 (7u95) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.6.0_111 (6u111) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Jan 7, 2016 Added JRE 1.7.0_91-b33 as a fix for the Firefox: Session Crash and Internet Explorer: Applet Launch Delay issues for JRE 7 users.
Dec 11, 2015 Added JRE 1.8.0_66-b35 which is a Consolidated Fix for the Firefox: Session Crash and Internet Explorer: Applet Launch Delay issues for JRE 8 users.
Nov 18, 2015 Added JRE 1.8.0_66-b18 which fixes the Firefox: Session Crash issue for JRE 8 users running Firefox ESR 38.4.0.
Nov 17, 2015 Added JRE 1.8.0_66-b33 32-bit and 64-bit releases which fix the Internet Explorer: Applet Launch Delay issue for JRE 8 users.
Oct 20, 2015 Added JRE 1.8.0_65 (8u65) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.7.0_91 (7u91) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.6.0_105 (6u105) 32-bit and 64-bit CPU Releases as certified desktop Plug-ins.
Added JRE 1.8.0_66 (8u66) 32-bit and 64-bit PSU Releases as certified desktop Plug-ins.
Added October 2015 CPU Patch Recommendation to JRE 8 Minimum Patch Requirements.
Sep 8, 2015 Superceded JRE interop Patch 20591013 with Patch 21624242
Sep 3, 2015 Added Patch 21539521 which fixes the JRE 8 Users: Possible Focus Loss After Forms Launch issues.
Aug 18, 2015 Added JRE 1.8.0_60 (8u60) 32-bit and 64-bit minor update releases as certified desktop Plug-ins
Aug 11, 2015 Firefox ESR 31 is no longer supported by the vendor as reflected in the Certification Matrix for JRE (32-bit) Releases.
Aug 7, 2015 Added Windows 10 Certification for JRE 1.8.0_51 and 1.7.0_85.
Jan 24 , 2007 Initial document created.
Document 393931.1 by Oracle E-Business Suite Development