STRPCCMD - JAVA PC COMMAND APPLET

[bruceanthony]

We just upgraded to version 4.7.2 of ProfoundUI and also upgraded our Java to 7.45.
We are using I5 version 6.1, Windows 7 and IE 9

Under certain circumstances we are receiving the following type of error messages:

Unable to execute "cscript......"

TypeError:
Object doesn't support property of method 'runCommand'

I have discovered that this can be fixed by removing the certificate, setting the security level to Medium and then clicking on the "Restore Security Prompts"

This problem can be duplicated in several ways:

Clicking CANCEL the first you are asked to run the PC COMMAND java applet.
Or
Set the JAVA security level back to high, logoff, logon and try the STRPCCMD again.

This is becoming a headache as I have over 50 users using this and I have had to fix the same user several times. Any help you can provide would be greatly appreciated.

Thank you!

[Scott Klement]

If you click cancel when it prompts you, you are telling it not to load the Java applet -- in which case, the other errors are to be expected. You've, essentially, told Java to block the Java applet that is used to run PC commands -- and it's doing what you asked it to!

Unfortuntely, there is no way to eliminate it asking you this anymore. Oracle changed the way Java worked, and now it's a requirement to always ask unless the user checks the box indicating that he'd rather not be asked again.

Changing my Java to 'security high' did not matter in my tests. I also tried 'very high', same thing.... Unless I click 'cancel' in the popup that asks if I want to run the applet, that is.

[David]

Sorry for the problems here.

Oracle are continually making changes in the security requirements, and we've had to make several updates to comply with changing requirements. As it stands now, current applet (since 4.7.1) does comply with all requirements, even up to 7u51 which was released recently.

But, we've found that many users are having issues with Java plug-in behavior after updating. In most cases I've seen, uninstalling Java completely, then re-installing, then rebooting seems to make it work like it should. I think the unfortunate story here is that Oracle has many serious security flaws in previous releases, and they are having a hard time to fix them and also make updates work smoothly. The 7u51 installer actually asks you to restore security prompts while you are installing! I think that maybe they have actually introduced a requirement for this in some situations, and they are not actually coming out and saying that, or it has bugs. Also we recently had to renew our digital signature / certificate used with the applet (an entirely routine/normal process that Java should handle without problems), and I think this also confuses it when updating.

This is why clean install works, and why you're finding that clearing the certificate and security prompts help.

I know this is frustrating, doesn't help much (I'm sorry), but I can assure you that our most recent update does comply correctly with all requirements and should run smoothly if the Java plug-in is behaving like it should.

As you could imagine, we'd certainly like to have another way of running PC commands from a web browser, but as it stands Java is the only workable solution, flawed as it is. For this type of reason, we'd drop it in a minute, if there were another way...

[bruceanthony]

David,

Thank you for your response. Do we have the latest applet with version 4.7.2? If not, can you just send us the latest applet?

FYI: I have also uninstalled and reinstalled JAVA and the problem went away for a day and then came back two days later. Not sure what the user is doing to cause this to happen but I will continue the search as I can't afford to spend an hour each day dealing with the users having this problem.

FYI: Another strange behavior to me at least is that the request to run the applet happens for each distinct server connection, i.e. different i5 partition.

Any other thoughts you might have would be greatly appreciated.

Bruce

[David]

Yes, you have the latest applet with 4.7.2. This includes all the latest security requirements, certificate signing, and we've also tested this version on 7u51 already.

I'm hard pressed to think of anything the user could actually do to introduce any problems, other than doing a Java upgrade or hitting the Cancel button on the prompt screen (if they haven't checked 'always run'). I'd think it very unlikely they are monkeying with the Java settings panel or anything like that.

Couple of things to keep in mind:

1. Should instruct the user NEVER to hit the Cancel (or block, or disallow, or whatever the given web browser calls it) button on the applet security prompt. Maybe they do this if they change their mind, or by mistake? They should hit ok and ask it not to prompt them again. If they do this, the applet is blocked for the duration of the entire browser session! The browser 'session' includes ALL open windows/tabs of the browser. Even entirely unrelated ones.

So, if they do this even once, they have basically hosed it until which point they have closed down ALL windows of the given browser and restarted. That is just how the Java plug-in deals with applet block/allow, and there's no way to avoid it, unfortunately.

2. The fact that you have to accept the applet for each HTTP server is normal. The Java plug-in sees these as different websites. You are not really just allowing the applet to run, you are allowing 'website X to run applet Y', is the way the Java plug-in is designed.

[David]

Another idea...

If you are using this to actually run a PC program, that is one thing, but I see a lot of folks use this to pop up documents, too. Which is ok, but we do have a secure file download utility, as well. If some of your usage is to simply open files, that may help mitigate the problems a bit, as you can have the browser just download the files from the http server without involving Java.

[bruceanthony]

David,

The STRPCCMD calls a VB script that downloads an .xls file using a client access program which is then followed by an open of a word document that uses the .xls file as input to a mail merge. So, it is more than just a download.

We didn't have this problem using ProfoundUI version 4.2.4 which was the version prior to our current version of 4.7.2. I am thinking of switching back to 4.2.4 until we can get this issue resolved. Is there a posibility of just going back to the PC COMMAND APPLET that was in use at the time of version 4.2.4?

Again, Thanx for all your help.

Bruce

[David]

I see. Yes, I looked over the example scripts that you emailed, and you're right, it's more than just a simple download.

Meanwhile, I had tried to email the old applet to you and my mail was rejected by your mail server, it didn't like the attachment. I had sent further email to explain, but I'm afraid that I'm blacklisted there or something now? Did you get any of my emails from yesterday?

If not, please give me a ring, and I can give you FTP account details where you can download it.