1.  Home
  2. MIDRANGE-L
  3. August 2005

RE: Green screen and network security

Hi Paul,

This message is quite clear. It says HTTP/1.1 is required. That means 
it got HTTP/1.0 protocol. Why? Because either the browser is sending 
HTTP/1.0 or a proxy is changing to HTTP/1.0

aXes Terminal Server (aXesTS) requires HTTP/1.1, many proxy servers
only send HTTP/1.0.
 
The aXes User Guide shows browser settings that should be Set to help
with this situation. See Appendix B and make sure the browser Has both
HTTP/1.1 check boxes ticked. 
(http://www.arterialsoftware.com/download/aXesUserGuide123.pdf)

The aXes Reference Guide also has some info on proxies.
 
aXesW3, aXesDE, and aXesWS will work with either HTTP/1.0 or HTTP/1.1 
but aXesTS requires HTTP/1.1. If the browser is correctly configured to 
use HTTP/1.1 as described above then the problem is entirely due to how 
your proxy is configured. It MUST be configured to allow HTTP/1.1 and it 
must not change the HTTP headers for any aXesTS URL (i.e. anything 
starting with /axests) and it must not cache aXesTS transaction files 
(anything starting with /axests) and it must not ignore no-cache or 
reload headers. 
 
Best of all is to configure the proxy to simply pass aXesTS URLs and 
not try to cache or process them.

A small number of customers have experienced this sort of proxy 
problem. They have all been solved by doing one or more of the 
following: 
 
o Correctly configuring the proxy server to handle HTTP/1.1
o Configuring the proxy server to pass-through aXesTS traffic
o Replacing the proxy server with a better one
o Configuring IE to always use HTTP/1.1
o Configuring IE to bypass the proxy server for aXesTS traffic 

Regards,

Bob

| -----Original Message-----
| From: midrange-l-bounces@xxxxxxxxxxxx 
| [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of 
| pnelson@xxxxxxxxxx
| Sent: Friday, 5 August 2005 10:53 PM
| To: Midrange Systems Technical Discussion
| Subject: RE: Green screen and network security
| 
| 
| 
| Bob,
| 
| Your demo session died with this message:
| 
| 400 Bad Request
| 
| AXS8401 HTTP 1.1 is required for aXesTS.
| 
| 
| 
| --
| 
| Paul Nelson
| Arbor Solutions, Inc.
| 708-670-6978  Cell
| pnelson@xxxxxxxxxx
| 
| 
| 
| 
| -----midrange-l-bounces@xxxxxxxxxxxx wrote: -----
| 
| To: "'Midrange Systems Technical Discussion'" 
| <midrange-l@xxxxxxxxxxxx>
| From: "Bob Moore - Arterial" <Bob.Moore@xxxxxxxxxxxxxxxxxxxx> 
| Sent by: midrange-l-bounces@xxxxxxxxxxxx
| Date: 08/04/2005 08:16PM
| Subject: RE: Green screen and network security
| 
| Hi Kruse,
| 
| Try here http://www.arterialsoftware.com/products/axes_index.html
| 
| - No Telnet or other ports
| - No app changes or source needed
| - SSL or other security options
| (http://www.arterialsoftware.com/products/axes_secure_dep_index.html)
| - No client install
| - Load and go (20 min install and totally web enabled)
| - Optionally batch CPW
| 
| Disclaimer: Of course I have interest in aXes.
| 
| Regards,
| 
| Bob
| 
| 
| 
| | -----Original Message-----
| | From: midrange-l-bounces@xxxxxxxxxxxx 
| | [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Kruse, Kat
| | Sent: Friday, 5 August 2005 4:29 AM
| | To: midrange-l@xxxxxxxxxxxx
| | Subject: Green screen and network security
| |
| |
| | We're having some discussions about what would be the most 
| secure way 
| | to provide users traditional green screen access across a network 
| | while protecting the security of the network.
| |
| | Some ground rules/assumptions are:
| |
| | - Telnet to well know ports (23,25,80) is blocked.
| | - The applications involved can't be changed. (e.g. to make 
| them web 
| | friendly, must be green screen)
| | - Only network security is at issue, once they sign on, the 
| | iSeries/400 takes over.
| | - Would prefer no user side software be installed but, if 
| required, it 
| | should be minimal.
| |
| | Anyone want to jump in with their ideas?
| |
| | Kat Kruse
| | IT Engineer
| | Qualcomm Inc.
| | kkruse@xxxxxxxxxxxx
| |
| | --
| | This is the Midrange Systems Technical Discussion
| | (MIDRANGE-L) mailing list To post a message email: 
| | MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list 
| | options,
| | visit: http://lists.midrange.com/mailman/listinfo/midrange-l
| | or email: MIDRANGE-L-request@xxxxxxxxxxxx
| | Before posting, please take a moment to review the archives at 
| | http://archive.midrange.com/midrange-l.
| |
| |
| |
| 
| --
| This is the Midrange Systems Technical Discussion 
| (MIDRANGE-L) mailing list To post a message email: 
| MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change 
| list options,
| visit: http://lists.midrange.com/mailman/listinfo/midrange-l
| or email: MIDRANGE-L-request@xxxxxxxxxxxx
|  Before posting, please take a moment to review the archives
| at http://archive.midrange.com/midrange-l.
| 
| 
| -- 
| This is the Midrange Systems Technical Discussion 
| (MIDRANGE-L) mailing list To post a message email: 
| MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change 
| list options,
| visit: http://lists.midrange.com/mailman/listinfo/midrange-l
| or email: MIDRANGE-L-request@xxxxxxxxxxxx
| Before posting, please take a moment to review the archives
| at http://archive.midrange.com/midrange-l.
| 
|

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.