How can I globally re-enable Java for my users?
I support a large number of users who are... let's say, technically challenged. virtually every site they need to use for work requires Java, as do many of the ones they use at home. It's not practical for me to go around and train them all how to figure out whether a site uses Java and how to enable Java when necessary.
Is there any way for me to just globally enable Java on their systems?
Forcing them all to switch to Chrome or IE would bring other problems, but will be significantly easier than trying to train them new behaviors with Firefox.
Additional System Details
- Google Update
- Shockwave Flash 11.9 r900
- Adobe PDF Plug-In For Firefox and Netscape 11.0.05
- Next Generation Java Plug-in 10.25.2 for Mozilla browsers
- NPRuntime Script Plug-in Library for Java(TM) Deploy
- Unity Player 4.1.3f3
- iTunes Detector Plug-in
- WildTangent Games App V2 Presence Detector
- AmazonMP3DownloaderPlugin 1.0.15
- The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
- The plug-in allows you to open and edit files using Microsoft Office applications
- Office Authorization plug-in for NPAPI browsers
- CANON iMAGE GATEWAY Mycamera Plugin
- User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0
Sorry to hear that you are displeased with Mozilla's choice to block Java products. They did this because of Oracle's poor security history. Mozilla takes the safety and security of users very seriously.
Here is a Mozilla article relating to your topic.
How To Enable Java
Modified by Wesley Branton
Disabling one of the central technologies of the web without warning is really not an acceptable response, and that article really didn't have anything to do with my topic, which was "How can I globally re-enable Java for my users?".
Obviously the devs have decided that usability is less important than safety, and that's fine: there are other browsers. But if you want companies to keep using Firefox, you need, at an absolute minimum, to offer the option of building a whitelist on one system and then easily distributing it to other systems. That might at least make it possible to use FF in a business environment, rather that forcing every user to manually allow each site on the intranet themselves.
Again, very sorry to hear that you are displeased with Mozilla's choice to disable Java. As said before, Oracle has an extremely poor security record and does little to repair serious security bugs.
The most recent update, for example, patched a serious known bug that had been reported multiple times. When the bug was reported in took them almost another 2 months to repair the issue. During this time Mozilla announced that they were going to automatically disable Java.
I am also not quite sure what you are asking.
Would you like to remotely activate Java for users because this is not possible for obvious security reasons.
If this is not what you are trying to do, please explain below.
Again, sorry for any inconvenience that we have caused and I hope that you will continue to browse with Mozilla Firefox.
Modified by Wesley Branton
I'm not sure how this is complicated: I want a way that I can allow my users to use sites that require Java without forcing them to enable Java for each site. Examples of how this could work:
-- A white-list file that I generate and go install on their computer containing all the work-related sites we need (about 15 different sites, and about 40 different computers, plus the ones they use at home... figure 60-80 computers, 20-40 of which require off-site home visits).
-- An easy way to globally enable Java despite the risks.
This isn't a complicated request. This isn't rocket science. This is a request that you allow us to use common standard technologies, and make our own decisions without crippling us.
And in fact, I've already switched half a dozen of my users to Chrome or Safari: they were unable to connect to sites that require Java, and I didn't have the time to manually go through for each of them and enable Java for every site. I anticipate switching the rest over the course of the next few weeks. I'm also told central IT intends to not explain the problem to anyone who asks: they're simply going to state that Firefox has broken a core technology of the web, and that the user in question should switch to Chrome. A reasonable response and solution would go a long way towards changing that.
Starting in Firefox 24, all versions of the Java plugin are "Click to Play" blocked, meaning that you have to click to activate Java for each site. See the How to allow Java on trusted sites article for more information.
Note: To make sure that your Java plugin is working, you can visit the test pages listed in the article, Use the Java plugin to view interactive content on websites. If an "Activate Java" message box appears, click inside the box to activate the Java plugin.
When you see the "Activate Java" message box, simply click it to load the Java content normally.
If there is no visible area to activate Java content in the page, click the red plugin icon in the address bar. In the message panel that opens, choose "Allow Now" to enable Java content temporarily.
The next time you visit the site or any other that uses Java you will see this message again.
If you want to always activate Java for a particular site, you can use the "Allow and Remember" option shown above.
After activating Java, you may also see a "Security Warning" dialog box, asking you to confirm that you want to run Java. This warning comes from Java itself, not from Firefox.
Does this solve your problem? Let us know.
Sorry, but your request is not possible. Creating a file to change users' settings is bordering on hacking.
I wish you luck in the future.
I hope you'll continue to use Firefox.
The people who answer questions here, for the most part, are other Firefox users volunteering their time (like me), not Mozilla employees or Firefox developers.
If you want to leave feedback for Firefox developers, you can go to the Firefox Help menu and select Submit Feedback... or use this link. (You'll need to be on the latest version of Firefox to submit feedback). Your feedback gets collected at http://input.mozilla.org/, where a team of people read it and gather data about the most common issues.
Modified by Wesley Branton
please be aware that google might also be blocking java by default for security purposes and is even planning to totally remove the support for npapi-based plugins like java in chrome in the not-so distant future: http://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html
I have found another Firefox question with a solution for your problem.
It can be found here.
Waka_Flaka_Flame: That's actually exactly the problem I'm trying to get around, so your response isn't actually helpful.
ComputerWhiz: "Sorry, but your request is not possible. Creating a file to change users' settings is bordering on hacking. "
I'm sorry, what? Having Mozilla give us the option to create an importable whitelist file is "bordering on hacking"? Man, I'd better remove all those install pref files, and the sysprep files I use when imaging machines, and all that sort of stuff before someone catches me using them.
That's a ridiculous argument. There are tons of systems that work that way. Have you ever installed a file that modified how a program worked, like a Registry file in Windows, or an update to a piece of software? What I'm asking for is the same thing.
"I have found another Firefox question with a solution for your problem.
It can be found here. "
This was actually almost useful. I'd been looking for an option that's more "We have to use Java whether we trust it or not" and less "Screw security! Let's let EVERYTHING work, even viruses!", but this is the best I've seen. So, thank you for posting it.
philipp: While it's true that Chrome is blocking NPAPI plugins, including Java, they also gave a lot of warning, and allow a simple workaround, which is to use a flag to force authorization of the plugin. They're saying it will probably be completely disabled by sometime in 2014, "depending on customer feedback." So not quite the same as "Oh, it's Monday afternoon, I'd better go enter my timesheet for last week. What do you MEAN, Java doesn't work? What the hell? It worked this morning, there's been no announcement, and now it just doesn't work and there's no way to re-enable it for everything I use it for, which is everything I do at work?"
I assume Allow and Remember for this site doesn't cut it for you?
Please do note we are not Mozilla developers, but volunteers, though I understand the point in having a option to always be enabled, even if its the most insecure plugin to possibly run in your web browser.
I am though not sure how to disable the new click to play UI other than a addon.
Allow me clarify my above post.
Because there is not whitelist built into Firefox, creating a file to change settings is not allowed.
This would jeopardize the security to Firefox users.
In some cases, this can be classified as hacking.
I suggest that you just send instructions on how to always enable Java on your sites.
Hi amckenzie4, you wrote:
I'm also told central IT intends to not explain the problem to anyone who asks: they're simply going to state that Firefox has broken a core technology of the web, and that the user in question should switch to Chrome.
This is sad. The click-to-play UI is largely self-documenting and an opportunity to educate users about security, not just to get their jobs done but to help them and their families after hours. I would think that conversation should happen more often and not less often. But I also believe in user empowerment (e.g., training, user groups, peer-to-peer support), so I know I'm out of the mainstream of IT thinking on this kind of thing.
With such a blatant statement its clear you lot are simply oracle haters, perhaps like I am a Microsoft hater, however you are supposed to have the better neater faster Browser than Microsoft. I must say this is the 2nd time this year I have started telling users to use IE again and it just kills me. Reading the other posts, I see that you have plenty of supporters in your views "Java is Evil, Oracle is Evil" etc, but the person above made a decision to use Java as a platform for whatever reason, be it server side, an upload applet, or a full blown cad system and I guess your reasoning is that we all rewrite those man years of software in web2 or some new amazing language. The blatant statements as the plugins are disabled most certainly scare the hell out of our customers and their IT representatives are likely to ban Java altogether when they read what you are saying. To me this is sabotage and I sincerely hope that Oracle come after your asses with a law suit. What has happened to Mozilla ? It was such a nice idea, such a nice start, you gained everyone's trust and now we see your real face, you want to be the ones who killed Java, the ones who really upset Oracle. Well of course it is of no interest to you, but you are most certainly the ones who annoyed me. I can tell you Java is not bad, its just amazing server side, it has stability 2nd to none if you are writing apps which need to run and run and run regardless of how much data comes through it is excellent. I guess there are other ways to write applets with drag and drop and typical GUI functionality these days, but hey we all wrote ours back in the days when there were no decent alternatives and all of a sudden you guys expect us to port them instantly to some amazing Mozilla friendly plugin and as nobody really likes re-inventing the wheel and most programmers have new projects to work on and have extreme difficulty convincing their bosses that it will increase turnover if that man year they signed off 8 years ago be repeated although the customer requirement has not changed at all, the app has simply stopped working because Mozilla do not like Oracle. I will be told to fix it for IE and hear "Hey, 4 years back you idiots convinced the whole company that Mozilla was better than IE", now that same browser (well you lot) are responsible for our hot line phones ringing all day saying "my applet has disappeared". I so sincerely wish it could be me who could get some revenge, unfortunately it is going to be Microsoft getting their revenge as you are going to see the numbers switching back to IE. As the person above also mentioned, the average user is not Einstein and they are probably restricted in what they can do. once they have clicked that button then the plugin is disabled and they probably need to call their IT rep to log on as administrator and clear their caches etc to to give them a 2nd chance. Really really annoying, I most sincerely hope that your Birkenstock sandals get thrown out by the cleaner, or your vegetarian lunch gives you food poising.
Sorry that you feel this way about Mozilla's decision to automatically disable Java plugins.
Please be aware that Mozilla is in no way stopping users from manually enabling Java for websites. They have simply disabled it by default so that users are not always threatened by hackers attempting to exploit Java.
Mozilla is in no way "Oracle haters". They have taken these actions to protect the security of their users. Mozilla feels that all members on Firefox deserve to browse in a safer environment.
Mozilla is hoping that the development of the HTML5 programming language will progress and can be used as a safer alternative to Java.
For any other comments, questions, or concerns please post them at this Bugzilla page.
Hope that you will continue to browse with Mozilla Firefox.
Modified by Wesley Branton
hello mallyh, response time to security threats is a major factor & as it has been shown in the past browser vendors like mozilla or google have been able to ship fixes to the userbase within 24 hours after they got notified of vulnerabilities. whereas oracle's policy seems to be to collect all vulnerabilities (unless they go totally rampant in the wild), release a fix for them quarterly and leave users out in the rain in the meantime: http://www.oracle.com/us/support/assurance/vulnerability-remediation/security-fixing/index.html
such a model seems to be quite remarkable in the current environment and the damage that has been done in the past by vulnerabilities in the java browser plugin. as a user my trust in this model is very limited and therefore i appreciate that java content won't be executed per default for the vast majority of the userbase unless they actively decide to do so.
not to get me started on oracle's practice to bundle crap-toolbars in its critical(!) security updates...
Hi mallyh, the support volunteers here are not to blame for the contents of the blocklist, so hopefully we won't be poisoned by our lunches. Based on what I have read, the blocklist is changing today to turn off the automatic click-to-play for the current JRE. It usually takes a few hours before Firefox downloads the latest edition of the file, so check it again tomorrow and see whether life is back to normal. I'm not sure what the future holds, but hopefully better integration of click-to-play between the built-in Java feature and the Firefox feature.
Please be aware that the Java disabling was rolled back earlier today.
Thank you and we are sorry for any inconvenience that this may have caused.
Thank you for browsing with us at Mozilla.
On the plus side, it appears that the Mozilla devs realized they'd just gone out and alienated a huge fraction of their userbase, since they've now backed down. Comment 80 in the bug report states that the breaking of Java has been rolled back, and everyone should be working by Friday.
I find it interesting that one of the Java people from Oracle chimed in (Comment #68) and said, in essence, that no one from Mozilla had bothered to inform Oracle that this step was being taken, and that perhaps better communication would help prevent this sort of screwup in the future.
The click-to-play interface is NOT largely self-documenting. When Java stopped working for me, I assumed the application I was using had updated and I was behind in my Java updates. Once I found out what the problem was, I watched for it: the red indicator in the URL bar really isn't very obvious, and I didn't notice it until I found out I was supposed to be looking for it. That's not self-documenting. That's like saying "Well, I don't understand why you couldn't figure out that there was a problem with your car. I mean, the red light in the glove compartment was OBVIOUSLY lit."
Given that I have users who can't figure out which button to push when there's only one one (marked "OK"), it's not worth my time to try to teach them all to look for an inconspicuous icon in a location they've never looked. For that matter, most of my users don't know what I mean if I say "address bar" or even "the place where you type in the address of a web site", because they've never typed one in. They get someone (IT, a co-worker, their kids) to create a bookmark for them. If you're fortunate enough to work in an environment where that's not true, I envy you. But for many of us, that's the day to day reality. Go look at what Chrome did: That's self documenting. A big pop-up with an explanation is something my users will at least notice and call me about. What the Firefox devs did is something they'll never even see.