I just upgraded from Java 7u45 to Java 7u51 on OS X 10.9.1. The Hob Java RDP client is completely blocked.
I think this is due to it having an "UNKNOWN" publisher.
We're using 7.4r7 IVE.
I was able to work around the issue by adding my VPN URL to the trusted sites in the Java Security setting, but this is not ideal. We also use Host Checker so now we have a number of Java issues to deal with.
Our Mac users must now do all of the following just to log in and use the Java RDP client in Safari 6.1 or higher:
1. Turn off the pop up blocker in Safari preferences (for all sites)
2. Log into the VPN once so that they are given the opportunity to trust the VPN URL
3. Trust the VPN site and allow the host cheker install to fail
4. Log off of the VPN
5. Configure Safari > Preferences > Security > Java > VPN Site Name > Run plug-ins in "Unsafe Mode"
6. Configure System Preferences > Java > Java Control Panel > Security > Edit Site List > "Name of VPN site"
7. Log back into the VPN.
Is Juniper going to address this?
According to KB28704 the issue is supposed to be resolved in Secure Access (SA) version 7.1R17, 7.3R9, 7.4R7, 8.0R1 and later versions.
I can confirm the issue in 8.0r1 but the steps you had listed I had tried before coming here to see if there was a better fix besides telling our users to add an exception. They did work to allow my HOB client to work again after the update.
JTAC confirmed the error, but did not have a fix. They said to keep using the workaround of putting the VPN URLs into the Java trusted sites list.
Interestingly, I have not found a way to apply this workaround on a Windows system. On OS X you just open the Java control panel, navigate to security and click the manage sites button. From there you can add the URLs for your VPN / VPNs. Just be sure to preface the URL with https.
yes, that is correct, the solution is to enable your appliance as an exception that allows the JRE to run as previously for your site.
Yes, the embedded hob and ssh applets needed to be resigned to prevent the blocking message. This was resolved in 7.4R9