Reset Search
 

 

Article

KB30366 - Impact of Google Chrome browser’s NPAPI based plug-in deprecation on Java applets and the Pulse Secure products

« Go Back

Information

 
Last Modified Date4/24/2017 4:05 PM
Synopsis
This article describes the impact and the workaround for installing and launching Pulse Secure components from Google Chrome browser once Google disables support for NPAPI plugins
Problem or Goal
Background Information:

When logging in from a Google Chrome browser, Pulse Secure products use a Java applet (called the Setup Applet) to install client components such as the Pulse Secure Desktop Client, Network Connect, Windows Terminal Services, etc. The Java applet is also used to communicate between the browser and the installed client components. To launch Java Applets from browsers they rely on a Java Plugin (the Java Plugin is a NPAPI based plugin)

Since Sept 2015 (Chrome v.45) Google Chrome has deprecated the support for NPAPI based plugins including Java plugin, for more details refer to this Chrome link

What is the impact of this on Pulse Secure Products?
Once NPAPI plugins are disabled, end-users will not be able to install or launch Pulse Secure components from a Chrome browser using Pulse Secure's Java Setup Applet. Additionally end-users will not be able to use any other Pulse Secure's Java Applet based features such as JSAM, Premier Java RDP (HOB), etc from Google Chrome browsers.
Cause
Solution
Starting in 8.2R1, Pulse Secure has introduced PSAL (Pulse Secure Application Launcher) for installing and launching of client applications such as Pulse Client without relying on Java or Active-X Plugins.  PSAL uses custom URL support in browsers (pulsesecure://) to communicate between itself and the browser ato deliver and to launch client applications. The custom URL when invoked, will automatically trigger the PSAL client and this transition is mostly transparent to the end-user.  

An overview of PSAL and the end-user experience is documented in KB40102 For more information, refer to the Administrative Guide. 

If an upgrade to 8.2R1 is not possible, you may use one of the workarounds listed below.

Workarounds:
  1. Use an alternate supported browser (Internet Explorer) to login and install and/or launch the Pulse Secure component
  2. In certain deployments it may be possible to directly launch the client component (For example Pulse Secure Desktop client and Network Connect) without using a browser
Note:
As of the release of 8.3R1 only Java Setup Applets functionality (i.e. ability to deliver, install and launch other Pulse Secure client components)  has been added to PSAL. However other Pulse Secure functionality such as launching JSAM, Premier Java RDP (Hob) or other Java Applets accessed via the PCS client-less rewriter engine will not work on browsers that have deprecated support for Java Plugin technology 
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255