Historically, Java has been an application with many security flaws, which modern browsers and related applications have put many measures in place to protect against. Unfortunately, many embedded ampliances, like Qlogic SANbox switches or pre-summer-2016 Supermicro iKVM, use old, insecure Java applets that fail to load properly in these modern browsers due to the very old and unsigned versions of Java applets that they use.
Generally, the most important things to remember are:
- Java 7 allows the "medium" security setting, which allows self-signed Applets to run with exceptions made.
- Java 8 removes the "medium" security setting, but still allows per-URL exceptions to be made, as well as allowing better compatibilty with Internet Explorer.
- It might be easiest and safest to create a Windows virtual machine containing only the old versions and their proper configurations.
Browser compatibility (listed easiest to hardest):
With its final release occuring in 2008, Netscape Navigator actually serves as a great option for Windows users to use Java versions that are also old and insecure. Downloads can be found fairly easily.
As of Firefox version 52 (September 2016), support has ended for most NPAPI plugins, including Java. Consider an older portable version to not disrupt a current, local install of Firefox.
Internet explorer still support ActiveX controls like Java, though it will block it if an old version is detected.
NPAPI support dropped in v45. Due to its modern security and lack of a portable version, Chrome is generally the least-friendly browser for use with Java.