• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Does Java client programming have a future?

 
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
One of the reasons I got into Java programming way back when was the promise of developing client applications that people around the world could use in a web browser. First there were applets, and then webstart, and for a while things were great. But then Flash took over much of the rich interactive UI stuff while Java has steadily been buried under layer after layer of security restrictions.

Today when I go to a webpage that embeds a simple applet (like a graph viewer), I am greeted with a grey box saying that the Java plugin has been disabled. If I want to use it at all, I have to open my Control Panel, run the Java security manager and manually enter the domain name and then refresh the webpage. Even after that I get a ton of warning messages about how it is not secure and 'are you really sure you want to run this'? And then there's that little yellow triangle with the exclamation mark that appears to the upper right of every Frame or Dialog, just to perpetually remind you that you're in danger every moment you're interacting with the app.

Only a technically savvy user who really wants to use my software will make it through this gauntlet. Frankly, the whole thing does to Java what those warnings on cigarette packages do to smoking. No casual browser is going to want to use it. And I resent the implication that I am some malicious criminal just because I'm posting a useable application online. What ever happened to the sandbox model? Isn't that supposed to stop malicious programs from doing bad things?

Is Oracle ever going to get it's act together and restore Java to it's once promising role as a cloud based application provider, I should I just resign myself to Java client programming sliding further into irrelevancy?
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The problem is that the sandbox was never 100% secure, and that despite a great many security fixes by Sun and Oracle especially during the Java 6 and 7 lifetimes, it continues to be porous. I think it has come to point where it's accepted -e.g. by browser vendors- that it will continue to be so, just like Flash/Flex is, and that warnings and prevention need to be tougher to protect users.

I think that -despite the efforts around JavaFX- client-side Java is doomed, and that HTML5 is the way to go for cross-platform applications, with the added benefit of also making it easier to target mobile devices. Server-side Java is still in a prominent position for supplying cloud-based applications - just not the GUI, as was once envisioned.
 
Ranch Hand
Posts: 10198
3
Mac PPC Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Mark McKay wrote:One of the reasons I got into Java programming way back when was the promise of developing client applications that people around the world could use in a web browser. First there were applets, and then webstart, and for a while things were great. But then Flash took over much of the rich interactive UI stuff while Java has steadily been buried under layer after layer of security restrictions.

Today when I go to a webpage that embeds a simple applet (like a graph viewer), I am greeted with a grey box saying that the Java plugin has been disabled. If I want to use it at all, I have to open my Control Panel, run the Java security manager and manually enter the domain name and then refresh the webpage. Even after that I get a ton of warning messages about how it is not secure and 'are you really sure you want to run this'? And then there's that little yellow triangle with the exclamation mark that appears to the upper right of every Frame or Dialog, just to perpetually remind you that you're in danger every moment you're interacting with the app.

Only a technically savvy user who really wants to use my software will make it through this gauntlet. Frankly, the whole thing does to Java what those warnings on cigarette packages do to smoking. No casual browser is going to want to use it. And I resent the implication that I am some malicious criminal just because I'm posting a useable application online. What ever happened to the sandbox model? Isn't that supposed to stop malicious programs from doing bad things?

Is Oracle ever going to get it's act together and restore Java to it's once promising role as a cloud based application provider, I should I just resign myself to Java client programming sliding further into irrelevancy?



Those days of tech centric UI is gone. The emphasis is on using a UI technology that is capable of communicating with a wide variety of backend server systems. In my experience, Java was never kind enough at native UI frameworks like we have for .NET. There was a hype around Java FX, but to me it resembles an API like Java Swing and Java Swing is already doomed. In that sens what Ulf points out is probably the best choice - HTML5!
 
Rancher
Posts: 2759
32
Eclipse IDE Spring Tomcat Server
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The promise of java being the platform that people would build client side apps that would run everywhere has been dead for 10 years now. You are realizing this just now? HTML and JavaScript are powerful enough to build a rich interactive UI on.
 
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Mark McKay wrote:Only a technically savvy user who really wants to use my software will make it through this gauntlet. Frankly, the whole thing does to Java what those warnings on cigarette packages do to smoking.

It was missed attention of Sun's staff when there was new emerging technology at hand - the J2EE. And now the situation is the same - Oracle is gaining profit from mature enterprise market while missing the background - the cloud computing and virtualization stuff. It's a critical point now, when even enterprise market can slide in the position of Java applets. And the solution for Oracle is Java presence in the cloud and virtual computing. It seems impossible to prevent sliding without Java OS, which can provide a sound base for Java in the new field. But what the Oracle will do - who knows ...
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I wouldn't say client-side Java didn't get enough attention - the transition of AWT from Java 1.0 to 1.1, and then from AWT to Swing were big projects. But Sun/Oracle don't have unlimited resources, and at some point it made sense to let Swing stagnate since the battle for both the desktop GUI and the rich web GUI were not longer winnable. (Given that, I'm actually amazed that so much effort was put into JavaFX, but that's a different discussion.) Adobe had (and has) much more at stake with Flash/Flex, and so far they haven't managed to make their web platform secure, either.

I find the point about enterprise markets going the way of applets unconvincing. From a JEE viewpoint it doesn't matter much whether enterprise apps are run within a company data center, or in some form of hosted environment (which includes cloud or virtual). And I don't think a Java OS will help much with enterprise Java, although it would open up some intriguing possibilities for client-side Java, but that, too, is an entirely different discussion.
 
author & internet detective
Posts: 41860
908
Eclipse IDE VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My understanding was that if you have a trusted certificate on your applet, users don't get that prompt. See screenshot in Java docs. The problem being that almost all applets were written before Java added that and don't have a certificate. Or the desire to add one. (like the cattle drive here.)
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The problem is that most applets are not-for-profit works, so presumably the author would at best add a self-signed certificate (which is the only free one available). And that counts as non-trusted until the user adds it to the trusted list, so at least initially the user will still see a scary warning.

This whole scheme doesn't make sense - adding a certificate gives the applet access to the entire computer, which is not what the applet wants or needs. Thus I think it makes the overall security weaker instead of stronger.
 
Alexey Bezrodnov
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ulf Dittmer wrote:From a JEE viewpoint it doesn't matter much whether enterprise apps are run within a company data center, or in some form of hosted environment

Of course, from the applet point of view there is no difference between the web of 199x and the contemporary web - both provide just the same execution environment. But something tells me that the applet's view is absoltely wrong.

Only some strong efforts can prevent JEE environment from sliding in the same direction as was the case with applets. And the base for such efforts is Java OS.
reply
    Bookmark Topic Watch Topic
  • New Topic