Skip to main content

Google Chrome Support for Java Enabled SecureAuth IdP Realms

Introduction

This document discusses changes to the Google Chrome browser which affect Java support.

Applies to

This issue affects workstations running Java 7+ in an environment with the following specifications:

SecureAuth IdP Version

OS Version

Java Version

7.x+

  • Windows Server 2008

  • Windows Server 2008 R2

  • Windows Server 2012

  • Windows Server 2012 R2

7+

Discussion

Saying "good-bye" to NPAPI in Chrome

Netscape Plugin Application Programming Interface (NPAPI) is a cross-platform plugin architecture in use by many web browsers since 1995, including current versions of Chrome. Google believes the '90s-era architecture used in NPAPI has become a leading cause of hangs, crashes, security incidents, and code complexity. Therefore Chrome will be phasing out NPAPI support in September 2015.

How does this impact Java support in Chrome?

The Java plugin for web browsers uses the NPAPI plugin architecture slated for deprecation in Chrome at the end of 2015. At this time, Oracle has not announced a replacement plugin and is recommending that Java users consider alternatives to Chrome as soon as possible. Starting in September 2015, there will be no available Java support for the Chrome browser from Oracle.

How does this impact Java realms in SecureAuth IdP?

When Google deprecates NPAPI support from Chrome in September 2015, there will be no Java support for the browser. Since a SecureAuth IdP Java workflow requires a JRE, Chrome users will not meet the prerequisites for accessing a Java realm. While some functionality could be offered with the SecureAuth IdP Fallback function, it is not recommended in this use case. See the alternatives section below for best practices.

Alternatives for Java in SecureAuth IdP

SecureAuth recommends that customers looking for alternatives to Java in their SecureAuth IdP environment to reconfigure the Java realm to use Device Fingerprinting. This solution requires no client software to be installed on the user workstation, supports the desktop and mobile version of IE, Chrome, Firefox and Safari, and all information is stored securely on the server-side data store. Contact SecureAuth Support for a consultation on switching the workflows to Device Fingerprinting.