New in the Community? Get started here

Schneider Electric Exchange Community

Discuss and solve problems in energy management and automation. Join conversations and share insights on products and solutions. Co-innovate and collaborate with a global network of peers.

Register Now
Knowledge Base
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Discover the Exchange Community Top members of July 
Discover the latest features your community has to offer: register to the webinar here

I/A Series R2 / G3 graphics not displayed after update to Java 7 Update 51 or later

Issue

I/A Series R2 / G3 graphics are not displayed when using web browser after the Java version is updated to Java 7 Update 51 or later. A dialog box indicates "Application Blocked - Application Blocked by Security Settings."

Product Line

TAC IA Series

Environment

  • I/A Series R2
  • I/A Series G3

Cause

From Java 7 Update 51 and onwards, Java has enhanced the security model to make user system less vulnerable to the external exploits. The new version of Java does not allow users to run the applications that are not signed (Unsigned), Self signed (not signed by trusted authority) and the applications that are missing permission attributes.

  • Risks involved in running each kind of applications
    Unsigned applications: An application without a certificate (i.e. unsigned apps), or missing application Name and Publisher information are blocked by default. Running this kind of application is potentially unsafe and present higher level of risk.   
    Self signed application (Certificate not from trusted authority)
    An application with self-signed certificate is blocked by default. Applications of this type present the highest level of risk because publisher is not identified and the application may be granted access to personal data on your computer.
  • Jar file missing Permission Attribute
    Permissions Attribute verifies that the application requests the permission level that developer specified. If this attribute is not present, it might be possible for an attacker to exploit a user by re-deploying an application that is signed with original certificate and running the application at a different privilege level.

Resolution

As a workaround, the user can use Exception Site list feature to run the applications blocked by security settings. By adding the URL of the blocked application to the Exception Site list allows it to run with some warnings.

Steps to Add URL to the Exception Site list:

  1. In control panel go to the Java Control Panel
  2. Click on the Security tab and verify that the Security Level is set to "High" or "Medium".
  3. Click on the Edit Site List button
  4. Enter your site details (This example http://www.SBO-Site.com) where www.SBO-Site.com is the address of the R2 Enterprise Server or UNC serving graphics, expressed either by name or by IP address.
  5. Click the Add in the Exception Site List window.
  6. Select continue
  7. Repeat the process, adding the addresses of all the site's Enterprise Servers and UNCs/JACEs.

If this computer is used for browsing I/A Series G3 site graphics or StruxureWare for Building Operation site graphics, the addresses of those sites may be added as well.

Tags (1)
Labels (1)
No ratings