Hi Bonnie- I got an eye-opening glimpse into your world at the Redmond Identify Summit this year.
Saw a fantastic presentation about the challenges and an eventual Identity as a Service Solution in the cloud that was concocted for the Tennessee DOE. They came up with an astonishing solution to a very complex problem with all the disconnected districts and entities, regulations, privacy concerns etc. I talked to one of the principals at length and one of the takeaways was that it wasn't so much about money as the disconnected landscape and all the crazy hoops that needed to be jumped through creating mass inefficiencies. Presentation is online here if interested- http://oxfordcomputergroup.com/us/wp-content/uploads/sites/3/2015/01/Case-Study-Tennessee-Department-of-Education-FINAL.pdf -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Miller Bonnie L. Sent: Thursday, April 02, 2015 1:51 PM To: [email protected] Subject: RE: [NTSysADM] RE: Java and proxy.pac Wow, thanks Ben--I will be looking at this again tomorrow--this is good stuff. Sorry for the edu-speak... "Once our Server applications analyst ... has the rights to receipt printing in our SIS ..." means the guy who has the rights to run the problem Java applet to test is on a well-deserved vacation right now =) SIS = Student Information System. Most US school districts have one, either internal or hosted, and rights are locked down according to various state and federal laws as it has all sorts of data on the students and staff. I don't actually even have a logon to it, and I don't need one for my job. The applet that prints receipts for things (like paying for your ASB card) is what we have repro'd the problem with. -B -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Ben Scott Sent: Thursday, April 2, 2015 10:52 AM To: [email protected] Subject: Re: [NTSysADM] RE: Java and proxy.pac On Wed, Apr 1, 2015 at 12:27 PM, Miller Bonnie L. <[email protected]> wrote: > Once our Server applications analyst ... has the rights to receipt > printing in our SIS ... I don't know what that means. :-) > I did see something about the space chars and tried going through the > file to make sure there weren't any tabs, etc ... Notepad++ ... You can do a search for \t with the Search Mode set to Extended to find all tabs. But our PAC script is full of tabs and works with Java. An unprintable but weird character (like a CTRL+G or something) might cause Java to puke, though. Try telling Notepad++ to "Show all characters" and look for anything that's not space (middle dot), tab (arrow), or end-of-line. Also make sure the end-of-line is consistent (if using CR+LF, it should be CR+LF everywhere). > On the MIME types, is there something that needs to be added/defined > for the .pac file type? The web server should return the PAC script with a Content-Type of "application/x-ns-proxy-autoconfig". This is typically accomplished by telling the server that any file ending in ".pac" has that type. I don't know if recent versions of IIS define it that way out of the box. In the past, I know you had to tell it manually. Some clients care about MIME types for the PAC script, others do not. Java may care, so this is worth checking. You can see what your web server is doing with a decent Telnet or TCP client. (Unfortunately bugs in the Microsoft Telnet client make it a bad choice for this.) PuTTY works well in RAW mode, or use a *nix Telnet client if you have one. Then connect to the web server on port 80, and type the following at the web server: HEAD /path/to/proxy.pac HTTP/1.1 Host: https://urldefense.proofpoint.com/v2/url?u=http-3A__web.server.name.example.com&d=AwIGaQ&c=hLS_V_MyRCwXDjNCFvC1XhVzdhW2dOtrP9xQj43rEYI&r=TA_mjBT8bS0r8rLrnubGjA&m=OWZLRZh-9NV5TjZT2St1jDgZTY-y5ChwTR-oLYlw7Jg&s=lv-MXsi3ld1snYrBAh5b8Ch9dfWKmGECIvAwdS_mBqo&e= Make you press ENTER twice after the "Host" header. You should get the HTTP headers back for the proxy script. Look for "Content-Type". If it's not "application/x-ns-proxy-autoconfig" you have a problem. -- Ben PG&E is committed to protecting our customers' privacy. To learn more, please visit http://www.pge.com/about/company/privacy/customer/
