Dear all

We face the following Problem with the new Java Version 8 Update 201: https://imgur.com/a/DTe02wn Other Java Application like Abacus don't have the Problem

The problem only exists if the client updates the JAVA Client to 8_201. It also exists on other installations from our partener who have the update installed. The error means the following in English: Enter credentials to access <default> on "server name / IP":

If I type in my username and password it works. But the Window will come up at the next start. Does anyone know a solution for this?

I tried many things out in the Java Settings but non helped, as it worked with the old Java Client.

In% temp% the file JavaDeployReg.log which has the following error:

[2019/02/07 13: 35: 44.844] GetLatestJavaws32or64Home ():
[2019/02/07 13: 35: 44.844] GetLatestJavawsVersion ():
[2019/02/07 13: 35: 44.844] checking 32-bit
[2019/02/07 13: 35: 44.844] Processing key: 1.0.1
[2019/02/07 13: 35: 44.844] check JRE registry to see if it's corrupted webstart key
[2019/02/07 13: 35: 44.844] failing to recover the key when attempting to open the key FAIL, error code [2]
[2019/02/07 13: 35: 44.844] Processing key: 1.0.1_02
[2019/02/07 13: 35: 44.844] check JRE registry to see if it's corrupted webstart key
[2019/02/07 13: 35: 44.844] failing to recover the key when attempting to open the key FAIL, error code [2]
[2019/02/07 13: 35: 44.844] Processing key: 1.0.1_03
[2019/02/07 13: 35: 44.845] check JRE registry to see if it's corrupted webstart key
[2019/02/07 13: 35: 44.845] failed to recover the key when attempting to open the key FAIL, error code [2]
[2019/02/07 13: 35: 44.845] Processing key: 1.0.1_04
[2019/02/07 13: 35: 44.845] check JRE registry to see if it's corrupted webstart key
[2019/02/07 13: 35: 44.845] failed to recover the key when attempting to open the key FAIL, error code [2]
[2019/02/07 13: 35: 44.845] Processing key: 1.2
[2019/02/07 13: 35: 44.846] check JRE registry to see if it's corrupted webstart key
[2019/02/07 13: 35: 44.846] failed to recover
[2019/02/07 13: 35: 44.846] Processing key: 1.2.0_01
[2019/02/07 13: 35: 44.846] check JRE registry to see if it's corrupted webstart key
[2019/02/07 13: 35: 44.846] failed to recover
[2019/02/07 13: 35: 44.846] Processing key: 11.201.2
[2019/02/07 13: 35: 44.846] GetLatestJavawsVersion ():
[2019/02/07 13: 35: 44.846] checking 64-bit
[2019/02/07 13: 35: 44.846] failed to open SOFTWARE \ JavaSoft \ Java Web Start
[2019/02/07 13: 35: 44.846] latestVersion: 11.201.2 latestHome: C: \ Program Files (x86) \ Java \ jre1.8.0_201 \ bin

Can I give mabye more Information?

Thanks so much and best regards Zueger Nico :)

asked 07.02 at 09:16

Zueger's gravatar image

Zueger
11113
accept rate: 0%

edited 11.02 at 02:42

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
8.0k11650

Addendum: The JAVA Authentication Window only appears if we use SSO.

(08.02 at 08:36) Zueger Zueger's gravatar image

Nico, is the only change you did updating the Java version on the client or did you update anything on the Ivy Engine side as well? What version of the Engine are you using?

(11.02 at 04:08) Andreas Rusch Andreas%20Rusch's gravatar image

I Only updatet the Client local Ivy Engine is 6.0

(11.02 at 04:59) Zueger Zueger's gravatar image

I see you are using 32-bit JRE version. Have you tried the 64-bit version?

(14.02 at 06:42) Andreas Rusch Andreas%20Rusch's gravatar image

Yes, when I use the 64-bit Version the same Error appears.

(14.02 at 06:55) Zueger Zueger's gravatar image

Can you share your authentication provider settings? https://developer.axonivy.com/doc/latest/EngineGuideHtml/integration.html#integration-single_sign_on Do you have Windows+BasicAuth or only Windows auth? Is negotiation enabled or strictly enforced NTLM?

(15.02 at 05:14) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image

It's Windows Auth. only and enabled Providers are only NTLM

(21.02 at 07:16) Zueger Zueger's gravatar image

I think @Andreas Rusch has already found a solution for this problem. ... le'ts wait for the publication of his answer :)

(22.02 at 10:08) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image
showing 5 of 8 show 3 more comments

After a lot of research I finally found the cause of the problem:

With jre8_201 Oracle introduced (without mentioning it in the release notes, thanks very much!) a new authentication parameter (as security property) jdk.http.ntlm.transparentAuth in the JRE configuration file <jre_home>/lib/net.properties. It also sets the default value to disabled (other possible values are allHosts and trustedHosts), therefore completely disabling transparent authentication on Windows.

Possible solutions: So far I found two ways to get around the problem:

  1. The obvious one is to change the setting in the net.properties file to allHosts (former default) or trustedHosts (a better recommendation).
  2. The less obvious solution is to configure your jre8_201 runtime in the Java Control Panel in the Java tab -> View... Here you can add e.g. -Djdk.http.ntlm.transparentAuth=trustedHosts to the Runtime Parameters section.

alt text

Note that these are only client side solutions. I haven't found a solution to override this behavior from the server (in the JNLP file). I am not even sure if we can do that as this is a security property and there are more restrictions on setting them than normal system properties.

Hope it helps.

link

answered 22.02 at 10:33

Andreas%20Rusch's gravatar image

Andreas Rusch
30123
accept rate: 80%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×48

Asked: 07.02 at 09:16

Seen: 906 times

Last updated: 22.02 at 10:33