Sealed Media for protected documents
- From: "Jenifer M. Nech" <Jenifer.Nech@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 30 Mar 2004 15:37:36 -0600
My users are unable to open any Adobe pdfs from Harvard Business
http://www.hbsp.com
Upon further investigation I find the product from
http://www.sealedmedia.com needs to connect to a server and exchange
data. I can't get any help from the companies. They say to talk to the
system administrator....
Harvard business sent me this but I could not figure out what to change
on ISA to allow this comunication.
Any help out there for me?
1 Access to the License Server public port: Typically, a License Server
will be configured to listen on port 80, as this is a common port to
which most clients have access. The port that your server uses will be
shown in the Self-Test window. You should confirm that your firewall or
proxy servers allows a client TCP access to your License Server's
external port.
2 User-Agent string: The first two Self-Tests use Internet Explorer to
make the requests. The third request carries the User-Agent of the
Unsealer itself, which is User-Agent: SoftSEAL. Some proxies deny
traffic based on the User Agent string; frequently, they only allow
known clients. In this case, the first two tests (which appear to come
from IE) pass, but the third (using an unknown
User-Agent) fails. If your proxy performs this blocking, you will need
to add "SoftSEAL" as a trusted User Agent.
3 Content Type: Some proxies and firewalls deny traffic based on the
"Content-Type" field in the HTTP header. The Content-Type for the first
Self-Test request depends on the webserver and the URL defined for the
Default URL. Generally, it will be "text/html".
The second and third requests are made to the license server, which in
both instances returns a content type of Content-Type:
application/octet-stream. This is a common Content-Type for web traffic,
referring to binary data. However, because it is binary, some proxies
will be configured to disallow it on the chance that such packets may
contain a virus or similar executable data. This Content-Type must be
allowed if sealed content is to be viewed. (Note that sealed content
does not contain any executable data.)
4 HTML analysis: Some proxy servers deny traffic based upon an
examination of HTML carried in the HTTP packets. Such proxies may deem
the SealedMedia protocol to be invalid and therefore deny the traffic.
You need to configure such a proxy to allow messages containing the SEAL
protocol to pass.
In summary, for successful communication between the Unsealer and the
License Server there should be the ability to create a TCP connection
from the Unsealer out to the server over the port the license server has
been configured on. This communication uses HTTP packets with the
SealedMedia protocol tunneled inside; therefore, any network device
which monitors this traffic should be configured to allow such packets.
We are committed to enabling you to obtain and maintain health and
wellness naturally.
_______________________________
Jenifer Nech, Systems Analyst
Hotze Health & Wellness Center
Physicians Preference, Inc.
Premier Pharmacy, Inc.
281-579-3600 Ext 249
Other related posts:
