3 Replies Latest reply on Feb 21, 2017 11:27 AM by phoffmann

    Java - What's using/calling it?

    grimmda Apprentice

      We're to a point where we are pretty far behind with our JRE not from a "patching it" standpoint, but with "because we have stuff that uses the older version" point.  Lots of different web based apps, and other apps installed make calls to java and we have no idea.  Lets say there's 1000+ things that could be using it.  Maybe its only 20, we don't truly know.

       

      We met with Oracle this week and they discussed with us a product they have called "Advanced Management Console" and it's hard to see the forest through the trees vs the sales talk.  It looks like the core thing this product will do is show us on ANY PC we install their "Agent" on, what's calling each thing java based on any PC.  That's huge.

       

      Here's the datasheet on the product: http://www.oracle.com/us/technologies/java/javase-advanced-suite-ds-401373.pdf

      http://www.oracle.com/us/technologies/java/javase-advanced-suite-ds-401373.pdf

       

      Are any of you pulling this off now in LANDesk WITHOUT this tool?  Are any of us using this tool from Oracle?
      Or is it just a "tool" from Oracle... You know what I mean :>

       

      Thanks

        • 1. Re: Java - What's using/calling it?
          phoffmann SupportEmployee

          Most folks will know their estate and have "known suspects" (Browsers, for a start) that need to be killed off (and stay dead) for java to be updated.

           

          You can define a list of processes that'll get shot down & kept down before patching a specific thing.

           

          If you want to trace a "which program makes use of Java" and you don't know what it is - that's trickier. You could try using SysInternal's Process Explorer (free download from Technet) and check for "Open Handle" on your java executables potentially.

           

          If memory serves (it's been a long time), Java's logging about "Hey, THIS thing called me" is somewhere between "non-existant" and "sub-optimal" (it's been a few years since I've had to wrangle with it, but I doubt much has changed, sadly ).

           

          It's a royal pain in the neck - that's for sure.

          • 2. Re: Java - What's using/calling it?
            grimmda Apprentice

            Thanks for responding phoffmann!

             

            Hey folks, even if that's your answer, throw in a "I have the same question".  Given there's 196 views on this thread and not much of a response doesn't surprise me.  Thanks for including the per/PC way to investigate using Process Explorer and "Open Handle" I've heard of that.  I was hoping for a little bit bigger look from the enterprise than per PC. 

            • 3. Re: Java - What's using/calling it?
              phoffmann SupportEmployee

              90% of it amounts to knowing your environment and it's app stack.

               

              That should have you be familiar with "known suspects" (so - browsers being the guaranteed item, then in-house applications that use Java, etc.).

               

              There's always going to be that "unknown factor" - which you can usually mitigate via proper communication.

               

              I.e. - contacting the "usual problem groups" (anyone with local admin rights who maybe shouldn't have them ... any one doing dev type work), and asking / telling them. Good relationships here benefit everyone ... whereas a last resort of "OK, we're going to execute any running JAVA instances we find & keep 'em dead ... so on your head be it if your stuff breaks halfway through" generally tends to end up in a lot of bad blood (but may be a necessary evil).

               

              You shouldn't have to do a "per PC" approach through most of the estate ... most of the estate someone "should know" (prep work & comms & relationships will help you here the most) and you can handle that way. You shouldn't have to reverse-engineer things for yourself.

               

              "Delegate" what you can / where it makes sense. You don't have to re-invent the wheel from scratch .