Idea Details

JRE1.8 support

Last activity 06-13-2019 09:55 AM
Anon Anon's profile image
11-05-2014 12:14 AM

SiteMinder can use JRE 1.7.


But, JRE existent version is 1.8.


I hope to support JRE 1.8.


09-23-2016 05:24 PM

Java 1.8 support for the Red Hat version of CA SSO Policy Server is now available.  Please see the announcement here:

06-11-2015 08:17 AM

so ccording to herb we have  to buy oracle's extended java support  and nothing further will be done.



ill just respond by dinging CA on ALL surveysgoing forward. ill give my tech proper credit, since i have  one dedicated one due to my company's contract  and  he's good he'll get 10s, but all CA questions will get 0s

0s until this is supported across the board.

06-04-2015 04:47 PM

We get "dinged" by security because of stale Java versions related to CA products all of the time. It does get a bit embarrassing when we have to explain to security that our security suite doesn't support the more up to date (and hopefully more secure) versions of Java.

05-28-2015 07:38 AM

did you just state you expect us to buy extended support for java?

did oracle pay you?


I know that Todd McCartney called to discuss this with me, and that you likely responded from his  asking you, but this just shows a complete lack of understanding of the community's concern.


i will hold off commenting further because i feel like im still in  shock, days after the initial read, at how absurd that is  and how off the mark you are.

05-26-2015 09:58 AM

"As outlined in the Oracle JDK Support Roadmap, after April 2015, Oracle will not post further updates of Java SE 7 to its public download sites. Customers who need continued access to critical bug fixes and security fixes as well as general maintenance for Java SE 7 or older versions can get long term support through Oracle Java SE Support."


"Long Term Support

Customers who need continued access to critical bug fixes and security fixes as well as general maintenance for Java SE 7 or older versions can get long term support through Oracle Java SE Support."



So, for many years with extended support license from Oracle is what I have gathered. So what about folks who don't have that? Guess they would be out of luck. And if customers have to keep an eye on buying extended licensing for any product that CA relies on (OS, Java, etc), instead of general mainstream support, that just further adds to the cost of owning the CA product versus another that stays up to date with general availability; so no matter how it is spun, there is no benefit to the customers here except those who may already have extended support for said Oracle product (some may not have at all and others different licensing model from Oracle [what happens when that might change?]).


Now of course many may already have extended support from Oracle for products; but it's not guaranteed and is just an additional cost if there's no other reason for it except to use the CA products which don't support newer general availability versions.


If CA expects its customers to have extended licensing for components such as this, it would be better to bundle in the necessary Java functionality and use some extended support agreement between CA and Oracle to ensure bug-fixes and security updates in its product (if possible); instead of having customers needing to ensure they get all the necessary extended support for all the 'pieces'. That would limit the amount of extra licensing necessary by your customers. Not sure about others, but I would have no problem with that so long as CA kept up to date with necessary security fixes in the specific version of Java being leveraged.


Without that, I would expect any product I use to keep up to date with the mainstream support lifecycles of any components it relies on - or uncouple itself from those as to not have such a dependency if it cannot do so.

05-22-2015 03:53 PM

Hi,  I believe there may be a bit of a misperception in this thread that is worth providing additional data around.  Oracle will continue to support and build fixes for Java 1.7 for many years.



You can find that here:



(Updated December 19, 2014)


Oracle provides this updated roadmap for Javac SE and Oracle Java SE products (Oracle Java SE Support, Oracle Java SE Advanced, Oracle Java SE Advanced Desktop and Oracle Java SE Suite) to help customers better understand the maintenance and support options available. Java SE major releases are publicly maintained for a minimum of 3 years from general availability date (GA date), or later, as described in the next section. Java SE releases are updated for the public with bug fixes, security fixes, and minor updates for a period of at least 3 years before the release reaches end-of-public-updates (EoPU). Oracle Java SE product releases - starting with Java SE 7 - are supported for no less than eleven (11) years from initial release date, enabling IT managers and ISVs to plan their upgrades according to their individual business practices. The following provides a more detailed review of the Java SE products support roadmap, along with examples specific to available major releases. All customers should refer to their specific service contract to determine their support entitlement. See the Oracle Lifetime Support Policies for complete details.



  Customers who need continued access to critical bug fixes and security fixes as well as general maintenance for Java SE 7 or older versions can get long term support through Oracle Java SE Support.



CA will deliver support for Java 1.8, but some of the capabilities in Java 1.7 have been deprecated in 1.8 and that will required code changes in future CA SSO  releases to enable support for 1.8.  More details will be provided as that work progresses. 

05-08-2015 09:30 AM

what's the latest Status?

04-27-2015 11:21 AM



i think that's being optimistic.


to quote Herb

Support for Java 1.8 within the Admin UI will be offered in the next release under development now.   Broadening support across other components will follow

04-27-2015 11:16 AM

It sounds like Java 1.8 support will be in the next release of product. Could you confirm which release will have this support? We are about to upgrade to 12.52 SP1.

04-27-2015 09:21 AM



i love how that was not announced or any other signs of planning until the ides of April.


Any chance you can give us timelines for other pieces?

or do we need an ER for each one and the JDK?



04-13-2015 10:43 AM


Java is used in a number of different components across the product.  We would like to offer support as quickly as possible.  Support for Java 1.8 within the Admin UI will be offered in the next release under development now.   Broadening support across other components will follow.  The specific dates for support are not yet ready to be communicated, but we will be providing support.  As more information can be shared we will update this idea as one path of our communication around this topic.


04-08-2015 04:28 PM

another visibility bump

04-08-2015 12:42 PM



I haven't heard any news yet. Maybe we should ask for a way to contact Herb and Shawn, the two Product Managers, so that we may all email them.

I doubt CA would post the email addresses...



04-07-2015 12:02 PM

Any news yet from any CA rep? Would be nice if there was some response to the customers here instead of leaving us out in the cold.

04-06-2015 08:10 AM

it's april now. where's the "CA SiteMinder / CA SSO will support Oracle Java 1.8 as of version r12.5x due  out in <Month> later this year"


i expect 12.53.

i hope <Month> is April or May but i know that's unlikely

04-02-2015 03:52 PM

bump of the bump...I think they're just gonna ignore us O_o.


Here's hoping it's in the works and just nobody is replying online here. Of course since we can't open enhancement request tickets anymore this is only place we got.


Just hope security doesn't start yelling at us in the next couple months when vulnerabilities crop up that can't be addressed. As j_possel mentioned, worst case in a high severity issue would be pulling the plug on the application until fixed/mitigated, which would really suck. Guess if they pulled it on SiteMinder we could all just open Sev 1 tickets and force 24x7 assistance until it's fixed

04-01-2015 10:47 AM

random visibility bump.

03-30-2015 03:46 PM

does this version only relate to SiteMinder?

03-30-2015 08:34 AM

random visibility bump.

03-27-2015 12:03 PM

At this point I believe that it is critical that CA addresses the upcoming Java 1.7 end of life. At a minimum, a target release date needs to be communicated so we can make plans to get off of the current version.   It would be rather embarrassing, for all of us, if we were forced to shut down SiteMinder due to a vulnerability associated with an unsupported version of Java.  I hope this would never happen, however the risk will increase the longer we are forced to use an unsupported version of Java. 

03-27-2015 06:50 AM

java 8 is the latest java on which all the application are switching to.Java 7 will be out of support soon but still siteminder is using java 1.6 x .

Is there any plan to move to some higher version of java as per support .

03-25-2015 01:55 PM

Guess there's still no official response ....come on, even a road map? Like due out summer-time or next year would be helpful.

03-25-2015 07:03 AM

Not supporting current versions of Java (or OSes for that matter) kill SiteMinder and CA when competing against other products/companies.

03-24-2015 09:58 AM

random visibility bump.

03-23-2015 11:39 AM

random visibility bump.

03-20-2015 03:18 PM



We should recruit people on here from all over. starting Monday, if we can organize it, have  people add a reply at specified  intervals. does every 6hours sound  good? or should we be more aggressive? every 4? every 3?


i'm thinking  if we start at 00:00 zulu and have the added comment simply be "xx00 zulu bump" we'll take a few days to get it either by annoying the forums team into talking them into  planning it, or by having someone realize they are a security product with a reliance on another product, and ironically do not regularly incorporate security updates to said product they are dependent upon.


gotta love the irony.....

03-20-2015 11:44 AM

Yep, sounds like a plan. Guess we can have them trickle in one at a time so it'll regularly get bumped up

03-20-2015 11:05 AM

Pretty sure our only option is to vote this up and have our entire teams log in and vote it up.

maybe post to it daily so they see it on the list all the time.

03-20-2015 11:02 AM

Wish they'd respond to this one with at least some road map dates. Security beats up on us to keep current with patches and fixes but product seems to lag behind for being a security tool of all things. 1.7 family is pretty much dead and 1.8 is still not supported even after being out for a year.

03-20-2015 10:57 AM

If selected (why its not yet planned is beyond me) they should  also do JDK 1.8


i mean, did CA not read


clearly stated on "(Updated December 19, 2014)" that " after April 2015, Oracle will not post further updates of Java SE 7 "


we're nearly at April 2015. for security reasons i would hope CA will release a 1.8 series certified PS and such during the month of April 2015

02-26-2015 08:58 AM

HA. No, I didn’t realize you weren’t there anymore. Now your comments make more sense. We are constantly being dinged by our security compliance area about being on a very old version of Java (still on 12.0, so using 1.6) on our federation and policy servers. I am guessing 1.8 won’t be support until the next major release.

02-26-2015 07:50 AM

Erm, I think you don't realize I haven't been @ CA for a while now.


What I know from being there is that the Federation and some other API related items are tied very closely to the version of Java. the security redesigns that normally make the major version changes prevent that functionality.


Because CA does not keep on top of that we, their clients, have to request something they, as another security company, should be making compatible asap by default without said requirement.

02-26-2015 07:33 AM

Are you saying CA DOES support Java 1.8 on the current version of Siteminder (12.52.SP1 CR1) and CA has not posted this to the support matrix? Or are you saying CA hasn't posted the reason why CA has not kept on top supporting current releases of Java?

11-18-2014 11:48 AM

This is something CA has not  kept on top of. As Java redesigns  for enhanced security requiring new major versions, we will need to post these =o/