Thanks Rick for this very compressive tip! I will give this a try and let the list know about the outcome. @Lee, @Stephen: I absolutely agree with you on the point that the bank in question doesn't give a professional impression on their customers by providing an e-banking solution which is based on technology that everybody knows has no future, and they know it for more than 4 years. When I say no future I mean MSJVM, not Java in general of course. They have announced an "upgraded" version of their app, but refuse to give a firm date on the release date. I managed to steer my company away from using the app for 6 months now, by pointing out the security risks and the additional headache caused by providing this trough Metaframe. This worked for a while, but now they can't accept the fact anymore that they have to use fax and telephone to initiate bank transactions on a daily basis, which they consider a risk as well, and rightly so since the volume is increasing. So I try to make the best out of the situation by isolating the application and running it from a single (virtual) backend server. This will minimize my TCO on this particular app by not touching the live production machines. In case the bank releases a proper solution tomorrow (which, IMHO, should be purely web based) I will not have wasted too much money on their MSJVM based solution. Hope that makes sense ... Daniel ________________________________ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Rick Mack Sent: Samstag, 10. September 2005 01:41 To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: AIE - anyone using this for a Java VM and/or a browser plug-in Hi, The MS Java and Sun Java VMs are capable of co-exisiting. When you go to the control panel Java Plugin applet and tick the box to enable Sun Java support in IE, you're manipulating HKLM values, and some stuff under HKCU. That suggests the VM switch is machine-wide.. So how do you run both VMs? Quite obviously using AIE allows you to redirect the application's registry access to a custom virtual HKLM, or at least the bits you want and fool IE into using one VM or the other. Technically, if you define an AIE for IE/MS JVM and you publish an instance of internet explorer in that AIE, or run create a desktop shortcut to AIERUN iexplore.exe etc, you should be able to change the relevant IE settings so that they're saved in the redirected AIE registry. However there's an extra bit the may not work, and that's the HKLM settings that control whether IE uses the Sun Java components are not. To handle that you've got to run regmon to find out what keys/values are changed when you enable/disable Sun Java support for IE via the control panel Java Plugin Applet. Check that the MS JVM is running after you've done this, and then use regedit to export the relevant registry keys. What you'll then have to do is run up IE inside this AIE, and patch the relevant AIE redirected values by editing the exported reg file from and importing it into the HKCU AIE areas. That should give you an instance of internet explorer that uses the MS JVM. It doesn't have to be a published app if you're using a full desktop because you can use a shortcut to AIERUN to run up IE in the AIE wrapper. I hope this makes sense. If you get into trouble I'll set it up myself and give you some more precise instructions. regards, Rick -- Ulrich Mack Volante Systems On 9/10/05, Daniel Sidler <daniel.sidler@xxxxxxxxxxxxx> wrote: Hi all We have to deal with a web based e-banking app that requires MS Java VM (!). It runs as an applet in IE and also makes use of SSL client certificates. Having read about AIE and using PS4 on a test server I thought HEY!, would that not be a great use of application isolation or what. Especially since Citrix mentions Sun's JRE as an example in their white paper about AIE. So I create an Isolation Environment and use aiesetup.exe to install MSJVM inside. So far so good, but here's where I get stuck. Call me stupid, but how can I make use of this application from Internet Explorer? Do I have to Install IE into the same Isolation Environment as well? Any insights are highly welcome. Cheers, Daniel