Security problems when trying to access Staging from outside IT Services

[GoogleCodeExporter]

What is the expected output? What do you see instead?
Last week (2015-01-12) I tried to give a demo of the ORDS while using an OWL 
visitor login at the Maths Institute. When I tried to load the Staging version 
using Firefox, I got a security warning, and it wouldn't let me continue to the 
site (as I was trying to demonstrate the system, I didn't have a chance to note 
down the details, but I remember that it told me that the problem was one where 
I couldn't add an exception for this site). IE also gave me a security warning, 
but let me ignore it - but although I could load and log in to the ORDS, the 
functionality was significantly impaired (though I'm not sure if this was 
because of the security issue, or other problems with IE).

I did eventually get the demo working in App, which gave me no security 
warnings or other problems.

Please use labels and text to provide additional information.

Original issue reported on code.google.com by meriel.p...@gmail.com on 19 Jan 2015 at 1:05

[GoogleCodeExporter]

I had a look at the logs.
The logs suggest you were able to connect to staging starting 19:30 using 
firefox.
You then used app from 20:17 to 21:09.

What am I missing?

Original comment by kristian...@gmail.com on 19 Jan 2015 at 3:06

[GoogleCodeExporter]

That's very odd... As far as I remember, I couldn't even get the login screen 
for Staging to load in Firefox. I did manage to log in to Staging using IE - 
does that show up in the logs?

Original comment by meriel.p...@gmail.com on 19 Jan 2015 at 4:06

[GoogleCodeExporter]

Not exactly, but the user-agent is a bit weird (looks like an old compatibility 
mode):
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; 
.NET CLR 2.0.50727; . NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 
6.0; InfoPath.3)

On app we got his:
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0

Original comment by kristian...@gmail.com on 19 Jan 2015 at 4:16

[GoogleCodeExporter]

Passing this back to Meriel.

Any more occurrences of this?

Original comment by jajwil...@gmail.com on 26 Jan 2015 at 4:09

[GoogleCodeExporter]

I was sure I'd added a reply to this issue some time ago, but my comment seems 
to have got lost somewhere.

This hasn't happened again so far, but then I haven't tried to access Staging 
on an unfamiliar laptop from outside IT Services.

How much time and effort is it worth investing in investigating this further? I 
can try taking my netbook over to Maths to see what happens, if that might shed 
further light on the situation. Or is this something we can leave for now and 
deal with if/when something similar occurs again?

Original comment by meriel.p...@gmail.com on 25 Feb 2015 at 11:05

[GoogleCodeExporter]

Probably worth giving it a go before we next try to do a demo! In fact, now I 
think of it, I might try giving a demo tomorrow at the JISC thing.

Original comment by jajwil...@gmail.com on 25 Feb 2015 at 2:40

[GoogleCodeExporter]

I'm out of the office this afternoon, and am not going to have a chance to
take my netbook to Maths to try it there today. However, I've just
successfully logged on to Staging (using both Firefox and Chrome) on my
netbook while connected to WiFi in a cafe. I'm not sure if that reveals
anything helpful, though!

Original comment by meriel.p...@gmail.com on 25 Feb 2015 at 5:24