[THIN] Re: AIE - anyone using this for a Java VM and/or a browser plug-in
- From: "Daniel Sidler" <daniel.sidler@xxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Mon, 12 Sep 2005 13:14:59 +0200
Thanks Rick for this very compressive tip! I will give this a try and
let the list know about the outcome.
@Lee, @Stephen: I absolutely agree with you on the point that the bank
in question doesn't give a professional impression on their customers by
providing an e-banking solution which is based on technology that
everybody knows has no future, and they know it for more than 4 years.
When I say no future I mean MSJVM, not Java in general of course.
They have announced an "upgraded" version of their app, but refuse to
give a firm date on the release date. I managed to steer my company away
from using the app for 6 months now, by pointing out the security risks
and the additional headache caused by providing this trough Metaframe.
This worked for a while, but now they can't accept the fact anymore that
they have to use fax and telephone to initiate bank transactions on a
daily basis, which they consider a risk as well, and rightly so since
the volume is increasing.
So I try to make the best out of the situation by isolating the
application and running it from a single (virtual) backend server. This
will minimize my TCO on this particular app by not touching the live
production machines. In case the bank releases a proper solution
tomorrow (which, IMHO, should be purely web based) I will not have
wasted too much money on their MSJVM based solution.
Hope that makes sense ...
Daniel
________________________________
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Rick Mack
Sent: Samstag, 10. September 2005 01:41
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: AIE - anyone using this for a Java VM and/or a
browser plug-in
Hi,
The MS Java and Sun Java VMs are capable of co-exisiting.
When you go to the control panel Java Plugin applet and tick the box to
enable Sun Java support in IE, you're manipulating HKLM values, and some
stuff under HKCU. That suggests the VM switch is machine-wide..
So how do you run both VMs? Quite obviously using AIE allows you to
redirect the application's registry access to a custom virtual HKLM, or
at least the bits you want and fool IE into using one VM or the other.
Technically, if you define an AIE for IE/MS JVM and you publish an
instance of internet explorer in that AIE, or run create a desktop
shortcut to AIERUN iexplore.exe etc, you should be able to change the
relevant IE settings so that they're saved in the redirected AIE
registry.
However there's an extra bit the may not work, and that's the HKLM
settings that control whether IE uses the Sun Java components are not.
To handle that you've got to run regmon to find out what keys/values are
changed when you enable/disable Sun Java support for IE via the control
panel Java Plugin Applet.
Check that the MS JVM is running after you've done this, and then use
regedit to export the relevant registry keys.
What you'll then have to do is run up IE inside this AIE, and patch the
relevant AIE redirected values by editing the exported reg file from and
importing it into the HKCU AIE areas.
That should give you an instance of internet explorer that uses the MS
JVM. It doesn't have to be a published app if you're using a full
desktop because you can use a shortcut to AIERUN to run up IE in the
AIE wrapper.
I hope this makes sense. If you get into trouble I'll set it up myself
and give you some more precise instructions.
regards,
Rick
--
Ulrich Mack
Volante Systems
On 9/10/05, Daniel Sidler <daniel.sidler@xxxxxxxxxxxxx> wrote:
Hi all
We have to deal with a web based e-banking app that requires MS
Java VM
(!). It runs as an applet in IE and also makes use of SSL client
certificates.
Having read about AIE and using PS4 on a test server I thought
HEY!,
would that not be a great use of application isolation or what.
Especially since Citrix mentions Sun's JRE as an example in
their white
paper about AIE.
So I create an Isolation Environment and use aiesetup.exe to
install
MSJVM inside. So far so good, but here's where I get stuck. Call
me
stupid, but how can I make use of this application from Internet
Explorer? Do I have to Install IE into the same Isolation
Environment as
well?
Any insights are highly welcome.
Cheers,
Daniel
Other related posts:
