<div>
Which would be an easier option do you think?
</div>


Which would be an easier option do you think?

<div>
<div class="content wysiwyg-content">
Recently we upgraded to the latest Java version on our XenApp 6.5 published desktop environment. &nbsp;(Java 8 Update 25).<br />
<br />
Now all of our internal websites that use Java are being blocked as there is no more &quot;Medium&quot; security level in Version 8. The only way around is to add the site to the Java Security Exclusions list. This is annoying as we have a lot of internal sites that use Java. <br />
<br />
The other issue I have is that even if users add the exclusion, the Exclusions list is not saved when the user logs out of the XenApp Session. The XenApp profiles all seem to work fine except for retaining the Java setting. <br />
The hosts are all Sever 2008 R2 9as is the profile server). XenApp is running Rollup pack 4 and using Citrix Profile Management. My Docs, Desktop etc are all redirected to the profile store. Only the users profile settings are roaming. <br />
<br />
Out of the 2 issues, I would prefer to look at the Java side 1st, however I'm guessing that is not going to be an option.
</div>
</div>


Recently we upgraded to the latest Java version on our XenApp 6.5 published desktop environment.  (Java 8 Update 25).

Now all of our internal websites that use Java are being blocked as there is no more "Medium" security level in Version 8. The only way around is to add the site to the Java Security Exclusions list. This is annoying as we have a lot of internal sites that use Java. 

The other issue I have is that even if users add the exclusion, the Exclusions list is not saved when the user logs out of the XenApp Session. The XenApp profiles all seem to work fine except for retaining the Java setting. 
The hosts are all Sever 2008 R2 9as is the profile server). XenApp is running Rollup pack 4 and using Citrix Profile Management. My Docs, Desktop etc are all redirected to the profile store. Only the users profile settings are roaming. 

Out of the 2 issues, I would prefer to look at the Java side 1st, however I'm guessing that is not going to be an option.

Recent Java Update (v8 u25) blocking access to all internal sites (that use Java)

Java is a platform-independent, object-oriented programming language and run-time environment, designed to have as few implementation dependencies as possible such that developers can write one set of code across all platforms using libraries. Most devices will not run Java natively, and require a run-time component to be installed in order to execute a Java program.

Java

Java application servers that support the Java EE platform and features include JOnAS from Object Web, WildFly (formerly JBoss AS) from JBoss, Geronimo from Apache, TomEE from Apache, Resin Java Application Server from Caucho Technology, Blazix from Desiderata Software, Enhydra Server from Enhydra.org, and GlassFish from Oracle. Commercial Java app servers include WebLogic by Oracle, WebSphere from IBM and the open source JBoss Enterprise Application Platform (JBoss EAP) by Red Hat.

Java App Servers

Web browsers are applications used primarily to display documents, files and media from the Internet, identified by a Uniform Resource Identifier (URI) that can be a page, image, video or other file. Some browsers require the use of add-ons or extensions to safely render the information they receive; others have systems built into them to perform the same functions.