Warning: E-Business Suite Issues with Sun JRE 1.6.0_22

I'm afraid that this blog article comes bearing continued bad news about our latest JRE release.

jceecolorlogo2.gif
My colleagues in the Java division shipped Java Runtime Environment 1.6.0_22 (a.k.a. JRE 6u22, internal version 1.6.0_22-b04) last week.  See the 1.6.0_22 Update Release Notes for details about what has changed in this release.  This release is available for download from the usual Sun channels and through the 'Java Automatic Update' mechanism.

Unfortunately, like other recent JRE releases, this latest release of JRE 6u22 (1.6.0_22-b04) still has the 'Mismanaged Session Cookie' issue that we reported in earlier articles.  This can cause a failure of the following E-Business Suite functions with certain desktop and browser combinations, notably for IE 6 and 7 users:
  • 'File -> Export' functionality
  • Opening attachments in forms
  • Opening an HTML form to a new window from forms.
  • Opening an Applet in a new window from forms
  • Trying to login again after forms session timeout fails

A JRE plug-in release with fixes for these issues is only available through patch 10189354.  Patch 10189354 contains JRE 1.6.0_22-b03.  This fixed version is not available as a download from Sun or through the Java Update Mechanism (which continues to offer only JRE 1.6.0_22-b04).  This fix will not be available through the normal Sun distribution channels until a future release of JRE 1.6.

Summary of options for EBS sysadmins

At this stage, your options are to:
  1. Remain on JRE 1.6.0_17; wait for JRE 1.6.0_23 or later
  2. Deploy any standard JRE release later than 1.6.0_17, with the understanding that some of your users may encounter issues related to "Mismanaged session cookies"
  3. Deploy JRE 1.6.0_22-b03 (released via patch 10189354)
  4. Disable next-generation Java through the 'Java Control Panel'
I understand that this is a frustrating state of affairs and I apologize for the continued delay in resolving this once and for all.  We're continuing to work with our colleagues in the Java division to get this set of fixes into the main JRE codelines.  I'll post updates here as soon as I have more information to share.

The preceding is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision.  The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle.
Comments:

Hi Steven

Anything that we can do (as customers) to add more pressure to our friends in the Java Division so they roll out the fixes needed by the eBS application?

Regards

Posted by Ricardo Sanz on October 13, 2010 at 09:23 PM PDT #

Hello,

On August 13th, the following fix was release:
Special JRE 6u21-b08 Build Now Available for EBS Customers.
Could you please confirm the above version of JRE does in fact have the following issues fixed:
* 'File -> Export' functionality
* Opening attachments in forms
* Opening an HTML form to a new window from forms.
* Opening an Applet in a new window from forms
* Trying to login again after forms session timeout fails

I'm asking because I did not see this version mentioned in the articles' summary of options. We are currently preparing to roll out JRE 6u21-b08 and would like to know if we are still moving in the right direction.

Posted by sunoracle on October 13, 2010 at 10:02 PM PDT #

Hello, Sunoracle,

Yes, you can use 6u21-b08 if you wish; that build contains the fix for the mismanaged session cookie issue.

That said, each new JRE release contains additional fixes for stability, security, and performance. If you were upgrading to a new JRE release at this point, it might be prudent to consider 6u22-b03 instead, since it contains additional fixes over 6u21-b08.

Regards,
Steven

Posted by Steven Chan on October 14, 2010 at 01:36 AM PDT #

Hi, Ricardo,

It never hurts to ask your Oracle account manager to escalate this internally on your behalf.

Regards,
Steven

Posted by Steven Chan on October 14, 2010 at 03:35 AM PDT #

Hi,
We plan to upgrade EBS for using JRE. Which version of JRE you recommend? the last JRE 1.6.0_22-b03 ? or JRE 1.6.0_21-b08 ?
which one is good, no bug?

Thanks

Posted by Mai on October 19, 2010 at 08:31 AM PDT #

I would like to know where to start with this as well. I just deployed 1.6.0_22 in a test environment and haven't seen the problems you describe so far. I did use patch 10189354, so am I OK?

Posted by Susan on October 21, 2010 at 01:13 AM PDT #

Is there a particular group that we should be asking them to escalate TO?

Posted by Chris Green on October 21, 2010 at 07:46 AM PDT #

@ Mai, Unless there is any compelling business need from your end to sway the decision, I would suggest you take the latest version of java ( JRE 1.6.0_22-b03 from patch 10189354)

@ Susan, Patch 10189354 contains the fixed version of JRE 1.6.0_22-b03 so you are good to go

@ Chris, your Account Manager should be able to track down the correct team, but they can contact Steven if they need direction in that regard

Hope this is helpful

regards

Mike Shaw

Posted by Mike Shaw on October 21, 2010 at 04:57 PM PDT #

Chris (and anyone else interested in mounting a letter-writing campaign),

Concerns about this ongoing situation can be directed to the Sun Java engineering team. It is always helpful to hear from you about the specific types of pain that these issues cause.

Regards,
Steven

Posted by Steven Chan on October 28, 2010 at 07:17 AM PDT #

Hello Mike/Steven,

This blog states that "A JRE plug-in release with fixes for these issues is only available through patch 10189354.". However, note 290807.1 does not specify so. This note provides three patch options to address the mismanaged session cookie issue. If what you state above is correct, the note requires to be amended to only suggest JRE available via 10189354 (ie. 1.6.0_22-b03) for IE6/IE7 users.

Regards,
Rakesh

Posted by Rakesh Tripathi on November 04, 2010 at 03:04 AM PDT #

Hello, Rakesh,

Different workarounds for different JRE releases exist. This blog article states that the workaround for the issue with JRE 1.6.0_22 is released via patch 10189354. This is correct.

If you have a different JRE release, you can apply either patch 10189354 to move up to JRE 1.6.0_22, or a different patch if you wish to remain at that lower JRE release level.

Regards,
Steven

Posted by Steven Chan on November 04, 2010 at 04:59 AM PDT #

Steve,

We have also encountered similar issues after our JRE upgrade but we have completely un-installed and re-installed JRE( after opening forms it automatically down load new version of Java/JRE) on local machines resolved our issues completely. I hope this issue is due to corruption of Java in local machines.

Posted by Prashanth on November 18, 2010 at 12:29 PM PST #

Hi, Prashanth,

Glad to hear that that approach worked for you. Thanks for sharing that with us.

Regards,
Steven

Posted by Steven Chan on November 19, 2010 at 01:30 AM PST #

I have tried the Update 23 b03 early release from here: https://jdk6.dev.java.net/6uNea.html and it it appears to not have the cookie issue like 22 b04 did. We've been running on 22 b03 just fine but we do run in to quite a few users who get the latest release and have issues. It will be be great when the maintstream release has this problem fixed.

Posted by Raegan Gibb on November 22, 2010 at 02:39 AM PST #

Raegan,

Thanks for sharing your experience here. I agree: this upcoming fix may do the trick. Our internal testing suggests the same thing, and we're cautiously optimistic about this for the first time in a while. Stay tuned -- more details coming soon.

Regards,
Steven

Posted by Steven Chan on November 23, 2010 at 02:48 AM PST #

Since these as separate branch/patch (i.e. aren't released to the world via the Oracle's generic java download) I'm presuming the patched version isn't recommended to for use if your environment has other applications using Java. How about bringing J-Initiator back so we can at least upgrade java for our other apps?

jh

Posted by john hebert on November 29, 2010 at 05:25 AM PST #

John,

JInitiator is based on JDK 1.3, a product that's over 10 years old. The effort required to uplift that product is far beyond the effort required to fix this issue with JRE 1.6.

Stay tuned. More news coming soon.

Regards,
Steven

Posted by Steven Chan on November 30, 2010 at 01:23 AM PST #

Hi,

@Steve - you asked: It is always helpful to hear from you about the specific types of pain that these issues cause.

We're working on upgrading from 11.5.10.2 to R12.1.1, and have had major issues with versions of Java on user's PCs.

We're having to set up an automated roll out to desktop PC for many hundreds of users, using one of the patched versions of Java.

In the meantime, during UAT, we find that sometimes desktop support have installed the standard public java install on user's PCs. That then means those users sometimes get the problem in R12 when launching web pages from forms, which then prevents them logging in again, meaning we have to roll back to an older patched Java - thus invalidating the work that our desktop support colleagues did in installing the new Java! Agreed that this could be solved with better communication with our desktop support colleagues, but it is going to be a headache having to keep running a non-standard version of java in place because the public version does not include these fixes.

We plan to go live in early 2011, and it would be great if the latest public release of Java included these Oracle specific fixes in them - otherwise we'll be chasing our tails for many hundreds of our EBS users, once we are on R12.1.1 on PROD.

Posted by Jim on November 30, 2010 at 06:26 AM PST #

Hi, Jim,

Thanks for sharing your experiences here. This sounds very frustrating -- and worse -- time-consuming to work around.

I know it's probably cold comfort, given that you're struggling with this right now, but I'm cautiously optimistic that good news is just around the corner. Stay tuned.

Regards,
Steven

Posted by Steven Chan on November 30, 2010 at 06:45 AM PST #

Java 1.6.0_23 came out today. Any idea if it has the has the 'Mismanaged Session Cookie' issue that you reported in earlier articles?

Posted by Jay Weinshenker on December 07, 2010 at 06:54 AM PST #

Yes, refer http://blogs.oracle.com/stevenChan/2010/12/mismanaged_session_cookie_issue_fixed_ebs.html

Posted by Mike Shaw on December 07, 2010 at 04:27 PM PST #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
4
5
6
7
8
9
10
11
12
13
14
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today