Users are Being Prompted for a Java Update
Introduction
Users report that SecureAuth IdP is asking them to upgrade their Java version.
Applies to
This issue affects workstations in an environment with the following specifications
SecureAuth IdP Version | OS Version | Java Version |
|---|---|---|
7.x+ |
| 7u10+ |
Cause
Messages prompting users to upgrade the installed version of Java are generated by the Oracle JRE, not SecureAuth IdP. JRE relies on periodic checks with an Oracle Server to determine if the version of JRE is still considered up-to-date with all the available security fixes.
In the past, if JRE was unable to contact the Oracle Server, the installed version of JRE behaved as though it is the most recent secure version, indefinitely.
Starting with JRE 7u10 and continuing with subsequent releases, all JREs contain a hard-coded expiration date. Once that date is met, the user is prompted to update the installed Java version.
Resolution
There are currently two known methods to resolve this issue
1. Upgrade the impacted workstations to the latest version of Java which can be found at http://www.java.com
Once upgraded to the latest shipping version of Java, the user will no longer be prompted to update
2. Starting with SecureAuth IdP version 7.2.0, a feature known as Device Fingerprinting was introduced which does not require Java to be installed on the user workstation
Contact a Solutions Engineer or SecureAuth Support for more information about this feature