Web Access Management (WAM): SSL and HTTPS

The proxy rewrite method works with HTTPS sites. Your organization must set up SSL on your system in order for this to work. For more information, see SSL Overview.

Currently, Web Access Management works with HTTP and HTTPS. Telnet, gopher, Z39.50 and other protocols are not supported.

Browser certificate mismatch error messages

The proxy rewrite method enables the Millennium server to act as a proxy server for patron browsers. This method uses rewritten URLs. These rewritten URLs cause browsers to issue a security warning to the user because of a mismatch between the domain name on the security certificate and what the browser interprets as the domain name in the rewritten URL. The proxy rewrite method is central to the functionality of Web Access Management, and the functionality of the product is not affected by this browser behavior.

Browser responses

  • Firefox 3.0 and above: Gives a message that has the title "Secure Connection Failed", and a link "Or you can add an exception..." at the bottom. The problem is fixed when you click on this link, and then follow the steps: Add Exception... | Get Certificate | Confirm Security Exception.
  • Internet Explorer 6.0 and below: Gives an explanatory certificate mismatch warning message which the user can click through.
  • Internet Explorer 7.0 and above: Gives a message that has the title "There is a problem with this website's security certificate". You can go through by clicking on the link "Continue to this website (not recommended)".

While this is the expected behavior of the product, we do understand that some patrons may feel uneasy at receiving a security warning. There is a way to disable the warning in Internet Explorer on an individual browser, by unchecking the "warn about certificate address mismatch" option in the Advanced Tab of the Security settings in Internet Options.

Additionally, some Innovative customers have found a solution for this security warning by implementing a SAN (Subject Alternative Name) certificate (also known as a 'UC' certificate, e.g., Unified Communications certificate). A SAN certificate allows multiple domain names to use the same certificate. Unlike a wildcard certificate, the domains do not need to contain the same number of nodes. For more information on SAN certificates, please contact your certificate vendor. The Innovative Users Group (IUG) listserv is also a source for information about vendors that other customers have used.

Vendor databases requiring logins and passwords

Web Access Management works with vendors who provide IP-based access to their databases. It is possible for Web Access Management to work with databases that require logins and passwords; however, the library must set up or manage scripts to do the login. Many libraries use CGI scripts to do this, but Innovative does not provide information on or support for these scripts.

Return to Set up and use Web Access Management

Last updated: Thursday, October 13, 2011

Full-Text Search

Topic Pages