Over the course of the last year or so, Oracle has been tightening the security for Java deployments. Java WebStart, the technology used by Servoy to deploy Smart Clients to the user, has been affected by this effort. Coupled by a couple of Java releases that had bugs in the Java WebStart functionality, it is an understatement to say that it was a bit of a tough year to be deploying Smart Client solutions.
Through this post I would like to provide some insight regarding our efforts to minimize the impact of the tighter security settings in Java WebStart.
First of all, Java Webstart (JWS) is not dead: JWS is used by many (large) enterprises and thus is not likely to get discontinued shortly. For now and in the foreseeable future JWS will remain part of the deployment options for Rich Internet Applications built in Java.
As Servoy we are also devoted to continue to support the Servoy Smart Client and keep it as one of the possible ways to bring your solution to your customer.
The issues many of you encountered when deploying Smart Clients to your customers and that are related to Java WebStart can be broadly split between bugs and tighter restrictions/new security features. Both groups will be discussed separatly below.
Over the course of this last year, 2 of the XXX Java 7 updates contained bugs related to JWS, which impacted the Servoy Smart Client.
Unfortunately, Oracle does not provide any pre-releases for their Java Security updates (updates of which the version number ends with a 1 or a 5. like 7u51 or 7u45), hence we can only test them at the same time that the Java auto-update mechanism starts updating Java installations
Provided updates for all supported version to resolved limitations in upcoming versions
Keeping a close taps on it