In JDK 9, the Java browser plug-in will be a thing of the past
In the version 9 release of JDK, Oracle will finally drop the Java browser plug-in, and nobody is shedding a tear over it.
To the uninitiated, it may have seemed like another damning headline from Oracle, intimating another nail in the coffin of the Java programming language. To the informed enthusiasts who have defended and advocated on the behalf of the world's most popular cross-platform programming language, however, the death of the Java browser plug-in has been received with open arms.
Software developers are not bemoaning the death of the browser-based Java applet, but they are instead collectively wiping their brows, sighing under their breath with the happy knowledge that they can put Java applet technology behind them.
A promise not delivered
Invariably, each browser behaved differently, and each platform and operating system had its own quirks, so the WORA hope turned into WODE.
Running Java programs within a browser was always a great idea, but the reality of cross-platform, write once run anywhere applications (WORA) delivered through the browser never lived up to the promise. Invariably, each browser behaved differently, and each platform and operating system had its own quirks, so the WORA hope turned into WODE: a write once, debug everywhere reality. Compounded by the fact that Java support on handheld devices such as Apple iPhones is completely scant, using browser based-Java applications as a mode of distributed application delivery simply isn't a smart choice in today's world.
A flawed security model
The worst problem is the number of security holes that have been attributed to the Java browser plug-in in recent years. Big headlines have been made out of the potential for hackers to exploit a given shortcoming of the plug-in, creating a great deal of uncertainty and fear in the minds of the everyday user. Java developers were always aware that very few of the publicized Java exploits were attributable to the standard edition of Java that runs desktop applications or powers the back-end servers of the world's biggest banks, governments and insurance companies. But perception can be as important as the reality, and the ongoing discoveries of security flaws with the Java browser plug-in were seriously undermining Java's credibility.
It should be noted that application delivery through a browser isn't completely dead. Java Web Start technology still allows for Java Network Launch Protocol (JNLP) files to be delivered through a browser, and when a user runs the file, a Java application will run and be able to connect to the server that delivered the JNLP file to the client.
E*Trade provides a very impressive, Java-based application for monitoring stocks' prices and linking back to their Web-based trading application. The JNLP file is delivered through the browser, and the result is an impressive Java application. So the delivery of Java applications to the end client through a browser isn't completely dead; it's just that the process has changed, and as a result of making the change, the big security hole known as the Java browser plug-in has been permanently plugged.
Will losing the Java browser plug-in change the way you deploy Java applications over the Web? Let us know.
Promises made by Java 9
Top seven Java platform strategies
Java programming turns 20