Technically their system does accept connections from Server 2003 at this time. The concern is that they are saying that the requirements will change but cannot tell me what they will be.
Talking to the vendors technical people is what I attempted from the beginning, The last guy I talked to told me the certificate was what controls whether or not a connection is allowed. He could not give me any specifics of what would or would not be acceptable in the future as it "was out of his hands." That is really what gave me the idea that perhaps they simply attempt an SSL connection. The White/Black list approach is what I had expected. Since their tech people can't tell me the criteria it seems unlikely that they are using that approach. I had hoped to get a clear answer so there will be no surprises later but with the apparent level of understanding in their technical department I am inclined to believe they have someone else managing that aspect of their code. I will simply assume that they will handle things in a reasonable matter. If they ultimately lock out the Terminal Services approach we will need to invest in a W7 or 8 laptop just for that application. Thanks again, Joe On Wed, Aug 6, 2014 at 5:22 PM, Ted Roche <[email protected]> wrote: > On Wed, Aug 6, 2014 at 2:58 PM, Joe Yoder <[email protected]> wrote: > > > > When I viewed source at the sign in > > page of the GFS.com site I found no reference to userAgent. > > > Yeah, you wouldn't see it there. The login form submits the user ID and > password to the application (a JSP app called autologin) which is likely > where the processing takes place. You can't see this code in your browser; > it's part of their backend web application. > > > > I realize that > > I probably need to learn a lot more before I can be sure that the > > application is not looking at the userAgent information but wonder if I > am > > even looking for the right thing. > > > > - Is it possible that the application simply attempts an SSL > connection > > and throws a "Browser/Operating System not supported" message if none > > can > > be established? > > > > It's possible, certainly. It's a known variant of Murphy's Law that > "anything a programmer can do wrong, a programmer has done wrong." > > This could be a case where the programmers have a "white list" of known > browser versions, types and characteristics, and your browser isn't meeting > their criteria. Or a blacklist of forbidden versions, which yours might > be. > > Besides the "user agent" string, there are a number of other properties > passed back and forth about what the browser will and will not accept and > what the server is capable of sending, and it's possible your browsers > don't meet those criteria. Perhaps Java is required and is disabled on the > server, or the version of the browser you are using on the server isn't up > to snuff. > > > > > - Is there a valid reason that an application should refuse a > connection > > from a Terminal Services session if the browser in that session > supports > > the appropriate SSL connection? > > > > I can't think of one off the top of my head, as I've never tried such an... > inventive solution. However, it's pretty much up to the client what they > want to do with their web site. In the middle of the bad-old browser wars, > I offered a client a significant discount for an in-house app if they > agreed to only run it in Firefox, as it eliminated a lot of tedious > testing. > > My suggestion is to contact the vendor and find out if you can talk to > someone on the technical staff about their specific requirements. > > > > -- > Ted Roche > Ted Roche & Associates, LLC > http://www.tedroche.com > > > --- StripMime Report -- processed MIME parts --- > multipart/alternative > text/plain (text body -- kept) > text/html > --- > [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/CABQeDnW9ZU+XoAtS=NNXrNyq0mfKi7kTk=m6mazlqest6ku...@mail.gmail.com ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
