JRE 1.6.0_20 Build 5 Fixes E-Business Suite Compatibility Issues

Good news, worth sneaking under the publication wire prior to my vacation:  Sun Java Runtime Engine (JRE) 1.6.0_20 Build 5 (6u20-b05) fixes the mismanaged cookie session issue which could affect JRE 1.6.0_18 (6u18) to 1.6.0_20 (6u20-b02) users. This JRE release is only available through Patch 9553040. The Sun download version remains at 1.6.0_20 build 2 (6u20-b02), therefore you cannot uptake this fix through the Java automatic update facility. It is expected that this fix will be available through the usual delivery mechanism from Sun once JRE 1.6.0_21 (6u21) is released.  Until then, you can download it here:

patch-9553040.png

Patch 9553040 contains both a JRE (jrefb-6u20-rev-b05-windows-i586.exe) and a JDK (jdkfb-6u20-rev-b05-windows-i586.exe) executable. You only need to extract and install the JRE version from this patch to fix this issue.

Patch Installation Instructions
  1. Download patch 9553040
  2. Extract the jrefb-6u20-rev-b05-windows-i586.exe
  3. Run the executable to install on the desktop
If you wish to distribute this release as a download through Oracle E-Business Suite and users do not already have an earlier release of JRE 6u20 installed on their desktop, follow the installation instructions in the appropriate note:
If your users already have jre6u20 installed on their desktop, please uninstall the earlier release or over write it by installing this later version over it.

Related Articles

The preceding is intended to outline our general product direction.  It is intended for information purposes only, and may not be incorporated into any contract.   It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision.  The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle.

Comments:

Make sure you download the Windows (32-bit) verion of patch 9553040. We made the mistake of downloading the Linux version of patch 9553040 which caused a lot of confusion.

The README.txt file that comes with the Windows (32-bit) patch does *NOT* make sense. The README.txt file STILL says to upgrade Java on your Application Server and your Database server which we did NOT need to do. We did NOT upgrade java on our App server and DB server. Desktop works great without it.

Please have Oracle Development fix the README.txt file. Take out the part where it says the following. This is *NOT* needed.

"2. Upgrade the JDK within the Application Server $OH per the instructions in Note 272808.1
3. Upgrade the JDK within the Database $OH per the instructions in Note 418399.1?

Posted by Dan Caldwell on June 02, 2010 at 08:55 AM PDT #

Hello Dan,

It is a little confusing, however you need to bear in mind that this patch is a Javasoft patch (not an eBiz patch) for the JDK *and* the JRE

You certainly need the Windows version of this patch in order to extract the JRE, however the README "instructions for installing the patch" refer to the JDK only. The note at the bottom of the readme refers to the JRE and says to "follow the Oracle product instructions for using the standalone JRE" i.e. for eBusiness suite customers, it's Note 393931.1 or Note 290807.1 that you should be following to get the instructions for installing the JRE from this patch

These steps are also mentioned in Steven's original article for reference

Hope this helps

Mike Shaw

Posted by Mike Shaw on June 02, 2010 at 04:40 PM PDT #

I've just upgraded to JRE 16020 in a dev environment when I saw this note so I went ahead and applied this patch - not working for me - IE just doesn't open Forms.
Backed out to the old 16020 - works fine. Not sure what I could be doing wrong, have repeated the steps for each and if backing out was successful then presumably my steps to apply it were OK as well?

In short, already applied interop patch so:
- download windows patch
- extract windows exe (jrefb-6u20-rev-b05-windows-i586.exe)
- copy to $COMMON_TOP/util/jinitiator
- stopall
- maintenance mode
- txkSetPlugin.sh 16020
- maint mode off
- startall

Posted by Geoff on June 03, 2010 at 11:11 AM PDT #

Hello Geoff,

Sounds a bit odd. The best thing is to raise a Service Request (SR) with Oracle Support so we can investigate your specific circumstances

regards

Mike Shaw

Posted by Mike Shaw on June 03, 2010 at 04:45 PM PDT #

Hi Mike,

We were testing the JRE 1.6.0_20 build 5 and found that the attachment form in Custom Support doesn’t open. After clicking the attachment icon, nothing happens and application locks at that point. Both build 2 and build 5 and Turning Off/On Next-Generation Java has the same behavior (Please see SR# 3-1830124241).

Best Regards,
Jennifer.

Posted by Jennifer Chen on June 08, 2010 at 03:53 AM PDT #

Hello Jennifer,

Sorry to hear you ran into a problem and thanks for letting us know. Looking at the SR it seems your issue is resolved by Note 1113734.1 ?

regards

Mike

Posted by Mike Shaw on June 08, 2010 at 04:41 PM PDT #

Hi,

What about Mac OS X 10.6.3 users?

A couple of weeks ago, JRE_1.6_20 was pushed by Apple for Snow Leopard.

Since then, I can no longer access a release 12.1.1 instance (I can actually, but using Windows and Parallel). I get errors while Java tries to start.

I have an SR open, but it's going nowhere.

Any ideas where I can look?

Thanks.

Posted by François Gendron on June 09, 2010 at 07:52 AM PDT #

Hi Mike,

Yes. The attachment works for both the JRE 1.6.0_20 build 2 and build 5 after we applied 9410366. In build 2, it requested authentication again when the attachment form was launched. Build 5 fixed this double authentication problem.

Thanks very much for looking into our SR.

Best Regards,
Jennifer.

Posted by Jennifer Chen on June 09, 2010 at 09:48 AM PDT #

Just a follow up - I currently have all our Business Analysts running 1.6.0_20 b5 in our development instance (11.5.10.2 ATG RUP 7 with D2K Patchset 19) and they are now all of a sudden experiencing the mouse loosing focus issue that people saw in earlier versions of Java 1.6.0 that was fixed for awhile there.

I have the business analysts disable the java next generation plugin to see if that helps, but it looks like you all have a code regression on your hands.

Please note BAs were running 1.6.0_20 b2 and 1.6.0_18 and 1.6.0_16 and not experiencing the forms focus mouse issue.

Posted by Jay Weinshenker on June 10, 2010 at 04:12 AM PDT #

Hi,

I applied this to the server so it would be pushed out to all the users. (9553040) It doesn't appear to work too well. When I click on a forms responsibility (Purchasing) the first window opens and the java icon appears in the tray but the application fails to open. I applied this one the same way I did with the 1.6.017 release, although I didn't need to apply the interoperability patch again. Any suggestions on why the app screen will not come up?

Thanks,
Chris

p.s love the blog

Posted by Chris on June 10, 2010 at 04:23 AM PDT #

Quick note for anyone testing this.

I've found that for some features, such as attachments in the Invoice workbench, you will get a security warning from java.
Warning - Security
Java has discovered application components that could indicate a security concern
Name: oracle.forms.engine.Main

The responses are Yes or No to blocking unsafe components.
Choosing either allows the functionality to proceed...without problems it seems. You only get asked this once per java session.

I'm on 11.5.10.2. Client is Windows XP via IE.

Posted by John Towns on June 10, 2010 at 07:31 AM PDT #

Hello Jay,

Sorry you are experiancing issues on the latest version. I havent seen any previous report of this, did you raise a SR for this yet ?

regards

Mike

Posted by Mike Shaw on June 10, 2010 at 04:32 PM PDT #

Hello Chris,

Thanks for your support of this blog.

It would be best for you to raise a Service Request so we can investigate the specifics of your environment. It would probably be useful to get the Java Console enabled to capture any messages there, for example you may be hitting the issue in Note 1113734.1 which Jenny experienced.

regards

Mike

Posted by Mike Shaw on June 10, 2010 at 04:55 PM PDT #

@ John

I am not sure the behaviour you noted is expected, so would be great if you can raise a Service Request so this is noted and investigated.

Did you try recompiling JAR files (with force option) to see if it still reproduces ?

thanks

Mike Shaw

Posted by Mike Shaw on June 10, 2010 at 04:58 PM PDT #

Hi Mike,

No I've not re-compiled JAR files as I'm not testing for an upgrade on the server. I'm testing for a client update only. Like many people out there we occasionally have individual client PCs that get java updates 'forced' upon them by other applications or desktop management tools that puts them ahead of the server. I'm looking to see if moving to 1.6.0_20-rev is preferable for anyone on 1.6.0_16 to 1.6.0_20 currently.

This is beside the point a little but I strongly recommend that any users that still are using the 'blue/grey' web interface under 11.5.10 move to the new interface. The other way of saying this is: those users, responsibilities, applications or sites that have the profile option: 'Self Service Personal Home Page mode' set to 'Personal Home Page', should move to the setting 'Framework only'. I believe the old-style Personal Home Page which uses MOD_PLSQL has been de-supported for some time (see note 368628.1), and that interface seems to have particular issues with the latest versions of java on the client. At the very least make sure your holders of the SYSADMIN account or your System Administrators have moved to the new interface, so they will still be able to log in and change the profile option for other users if an unplanned java update occurs.

To sniff out users on the old interface use this:

select u.USER_NAME, v.PROFILE_OPTION_VALUE from
fnd_profile_option_values v,
fnd_profile_options o,
fnd_user u
where v.PROFILE_OPTION_ID = o.PROFILE_OPTION_ID
and o.PROFILE_OPTION_NAME = 'APPLICATIONS_HOME_PAGE'
and level_id = 10004
and level_value = u.USER_ID
and v.PROFILE_OPTION_VALUE = 'PHP'
and nvl(u.END_DATE, sysdate+1) > sysdate

Posted by John Towns on June 14, 2010 at 07:54 AM PDT #

@ Chris

I suggest you look into the Personal Home Page setting I've discussed in a previous comment. Since you refer to clicking on a responsibility rather than a menu item I suspect you are running the old interface. I had two users have the same issue as you when their PC's java client was upgraded by some desktop management software, but by changing the 'Self service personal home page mode' from 'Personal Home Page' to 'Framework only' the issue was resolved.

The easiest way to make the change is to update the profile option at the site level and ensure that user settings are removed or set the same way. But the user interface change needs to be communicated to users as it is a little different and slightly clunky to be honest, so you might get some strong resistence to change.

That can be overcome somewhat by introducing users to the 'favourites' or 'start page' features on the new interface.

Posted by John Towns on June 14, 2010 at 09:45 AM PDT #

Mike,

No SR yet, as it has happened only once. As it will be going in to PROD this coming weekend, expect an SR coming shortly thereafter if/when the issue crops up. I'll update this blog with it and you have my contact info if you need further info.

Posted by Jay Weinshenker on June 14, 2010 at 09:45 PM PDT #

@ Jay,

Mouse loosing focus issues are notoriously complex, so your experience may vary greatly. But I found patch 8717874 resolved our issues and we are on the same RUP.

I also found this support note helpful:

Diagnosing Forms Mouse Focus Problems Using JRE [ID 760250.1]

Also, since I've added a few comments here I want to disclose that I am no expert in these issues and I left the employ of Oracle Consulting back in the nineties. Please defer to the advice of Mike, Steven and Oracle Support over mine in all cases.

Posted by John Towns on June 15, 2010 at 10:03 AM PDT #

Following document Deploying Sun JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite 11i [ID 290807.1] Patch 9553040 was applied. This has raised some issues which needs attention over go live time. The ebiz instance is accessed by over 3000 usesrs around the world. Hence the magnitude of work post deployment is vary high for these issues.

1. SUN JRE 6 update 20 built 5(patch 9553040) to be installed on client desktops require uninstall and then fresh install of SUN JRE. This is a huge task. Are there workarounds for the same.

2. An alternative to 1 is SUN JRE 6 UPdate 21 becoming available on Sun JAVA Server. Would UPdate 21 be released soon , so that by automatic updates this becomes available on all client machines.

2. Sec 5 KNOWN issues Documents "Security Warning Running JRE 6u19 and Later". This issue is still present after deploying SUN JRE 6 update 20 built 5(patch 9553040). Is there another workaround for this.

was a bug log for this ???

Posted by jemar_98 on June 16, 2010 at 04:39 AM PDT #

Hi, Jemar,

1. I think someone in the Sun JRE Support team might be better-able to comment on enterprise deployment strategies than the members of this blog.

2. We can't comment on release dates here, I'm afraid. JRE 1.6.0_21 is coming, but nobody's permitted to speculate about specific release dates at all.

3. Your best bet would be to log a formal Service Request via My Oracle Support (formerly Metalink) to get one of our security specialists engaged. We're not permitted to discuss security issues here.

Please feel free to forward your Service Request number to me if it gets stuck in the support process for some reason.

Regards,
Steven

Posted by Steven Chan on June 17, 2010 at 04:17 AM PDT #

Hi, Chris,

Adding to John's helpful suggestion, if the problem persists, I'd like to get someone in our ATG Support team to help you debug this. Please log a formal Service Request via My Oracle Support (formerly Metalink) to get one of our ATG specialists engaged if this is still an issue for you.

Please feel free to forward your Service Request number to me if it gets stuck in the support process for some reason.

Regards,
Steven

Posted by Steven Chan on June 17, 2010 at 04:23 AM PDT #

Hi, Francois,

Can you email your Service Request number to me? I'll have one of our Mac specialists in Development work with Support on this.

Regards,
Steven

Posted by Steven Chan on June 17, 2010 at 04:28 AM PDT #

We are receiving the security message John Towns mentioned:

I've found that for some features, such as attachments in the Invoice workbench, you will get a security warning from java.
Warning - Security
Java has discovered application components that could indicate a security concern
Name: oracle.forms.engine.Main

The responses are Yes or No to blocking unsafe components.
Choosing either allows the functionality to proceed...without problems it seems. You only get asked this once per java session.

Is there a way to suppress this warning? We are on Vista, IE8, JRE 6 update 20 build 5 patch.

Thanks.

Posted by Barbara LaVecchia on June 29, 2010 at 12:17 AM PDT #

Hello, Barbara,

I'd like to have one of our JRE specialists investigate this further. Please log a formal Service Request via My Oracle Support (formerly Metalink) to get one of our engineers engaged.

Please feel free to forward your Service Request number to me if it gets stuck in the support process for some reason.

Regards,
Steven

Posted by Steven Chan on June 29, 2010 at 01:33 AM PDT #

I found the reason we are getting this security warning and how to suppress it on www.java.com.

http://www.java.com/en/download/help/error_mixedcode.xml

This is not a great solution for us because most of our users do not have admin rights to update their java options. It is as bad as unchecking the "Enable next generation..." option. We no longer know how to deploy Java updates with specific options the way it could be in the past since these settings are now user based.

Any suggestions?

Thanks.
Barb

Posted by Barbara LaVecchia on June 29, 2010 at 03:01 AM PDT #

Hello, Barb,

Thanks for the additional details. I would definitely like to have one of my EBS engineers look into this in partnership with our Sun JRE colleagues. The only way that I can do that, however, is via a reproducible testcase, which we can only get through a formal Service Request.

Can you log a Service Request and send me the number?

Regards,
Steven

Posted by Steven Chan on June 30, 2010 at 04:10 AM PDT #

Thanks Barb for taking the time to post the answer on how to supress the mixed code warning. I've tried that and it works for me too.

When it comes to setting these properties for your users you might want to have a look at a Deployment Configuration File. The documentation below relates to 1.5.0 but I imagine it's still in use. Apparently you can point users to a centrally managed set of properties. And those are properties that are otherwise set by the Java Control Panel.

http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/properties.html#dp_user_level

For details on setting the precise value we are interested in see this:
http://www-01.ibm.com/support/docview.wss?uid=swg21427068&myns=swgrat&mynp=OCSS5RCF&mync=R

Specifically this section from the URL above:

----------------------------------
4. If the clients are restricted to change the Java control panel, a system wide deployment property can be set and deployed to the client machines to avoid the warning message from being displayed.

a) Add deployment.config file (if it does not already exist) in either C:\Windows\Sun\Java\Deployment
or C:\Program Files\Java\jre6\lib
The contents of deployment.config file should be:
deployment.system.config=file:\C:/deploy/deployment.properties
deployment.system.config.mandatory=false
b) Add deployment.properties to the URL specified in deployment.config file
deployment.properties file, in this example is located at C:/deploy
and contains the following.
deployment.security.mixcode=HIDE_RUN OR
deployment.security.mixcode=DISABLE

The administrator could then distribute these two files to the client machines to prevent the warning message.......
----------------------------------

Barb, I've not tried this myself, but I think it looks like a good place to start.

Posted by John Towns on July 01, 2010 at 09:11 AM PDT #

Barb, John,

One of my engineers confirms that we're investigating this general class of issues via bug 9761089. We're working on getting a set of GIF files *that we know about* added to fndaol.jar to address this issue. The key point here is that we're working on the files that we know about, but there may be others.

The reason I have emphasized logging formal SRs in both of your cases is that the behaviour that you're seeing may be triggered by some other underlying cause. If you log an SR, it will help us validate whether our current planned fix is sufficient or not.

As I noted before, I would be very interested in having someone in my team work with you on investigating this further, but will need to work this via a Service Request. Feel free to send me your SR numbers when you've logged them.

Regards,
Steven

Posted by Steven Chan on July 02, 2010 at 01:16 AM PDT #

We tried the Java deployment steps John Towns suggested and they don’t work because each config file is based off the user. Therefore when the file is created, it hard codes the user's profile path into it which will only work with that user. This method used to work with earlier Java versions.

I will submit a Service Request and let Steven know the number when it is logged.

Thanks.
Barb

Posted by Barb LaVecchia on July 08, 2010 at 08:46 PM PDT #

Steven,

I submitted a service request, 3-1918284991, but did not know what product to associate it with because there is no Java choice. I'm sure it will bounce around until it lands with the right analysts.

Thanks.
Barb

Posted by Barb LaVecchia on July 08, 2010 at 09:32 PM PDT #

Hello Barb,

I checked the SR is with the eBiz AT team and have also updated the SR to ask for some clarifications

regards

Mike Shaw

Posted by Mike Shaw on July 11, 2010 at 05:16 PM PDT #

The person responsible for deploying our java updates is out of the office this week. He will answer the question in the SR about the method used to deploy.

In the SR, it is recommended to use update 17 and wait for the fixes in update 21. Our network security team required that we apply update 18 or above to address critical security issues. Reverting to update 17 is not an option. Right now we are at update 20 build 2, with one test machine at update 20 build 5.

Thanks.
Barb

Posted by Barb LaVecchia on July 13, 2010 at 10:00 PM PDT #

Hi,

I see that JRE 1.6.21 is now being officially offered on the www.java.com website.

Can you confirm that this version has fixed the problems and is ready to use in Oracle Apps (obviously, we will do some testing of our own first) ?

Thanks,

Alan

Posted by Alan Rosenthal on July 16, 2010 at 01:06 AM PDT #

Hi, Alan,

I'm afraid not. I've just posted a more in-depth discussion about JRE 1.6.0_21 here:

Warning: E-Business Suite Issues with Sun JRE 1.6.0_21
http://blogs.oracle.com/stevenChan/2010/07/warning_e-business_suite_issues_with_sun_jre_160_21.html

Regards,
Steven

Posted by Steven Chan on July 19, 2010 at 06:11 AM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
4
5
6
7
8
9
10
11
12
13
14
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today