You can petition the professor (and loop in whoever is responsible for IT security, and work your way up the university bureaucracy as needed, pointing out that Java browser plugins are insecure and the university is putting student data and university network infrastructure at risk by requiring them to be enabled. Far better cause than most of the things I saw student petitions about, and a lot of those were addressed anyhow.
For the record, I completed my Bachelors in Computer Engineering in 2010, in the US. I never once needed a Java web plugin. I don't know how "widely used" it was back then, much less today, but it certainly wasn't required.
Admittedly, universities are... lets say "not the most security-conscious" of environments. But I still say there's no excuse for ongoing use of Java (and it does put student and university machines at risk). It's really not actually required in the academic world, and there *are* alternatives.