There are a number of possible solutions depending on budgets and complexity, and also number of users who need this.
You could, for example, set up a terminal server and run the app under terminal services so that you can lock down the environment and keep it sandboxed so that no malware can reach the terminal server.
If you are running Win 7 business or ultimate editions, you could place the application and Java environment into "XP Mode" so that it runs in a virtual machine environment on the user workstations. This VM could also be locked down to minimise infection risks.
Finally, you could run the app as a virtual app using Symantec Workspace Virtualisation, so that the app and its Java Runtime are hosted in their own virtual layer. Apps in a virtual layer can interact with the base operating system but you do have control over the level of interaction, and you can also reset the virtual layer to the just-installed state as and when required, to get rid of any content that has been added since the layer was installed.
The problems caused by apps needing specific versions of the Java runtime is not uncommon and therefore many corporates have had to go down a virtualised or terminal services route to support multiple runtime versions concurrently.
The problem you appear to have is caused by users having too much internet access and insufficient lockdown, and your proxy server allowing too much content through, as you have had to spend so much time clearing up malware in the past. You may not have the authority to restrict this, but has anyone analysed the support cost of allowing such free access to the internet?