UAG 2010 includes web browser support for both Safari and Firefox browsers running on Macintosh clients with OS X versions 1.3 and higher. The supported Client Components for the above browser/platform combinations are:
Endpoint Session Cleanup
SSL Application Tunneling
The Client Components for these browsers are Java based. When one of these clients makes an initial connection to UAG, a Java Applet is installed that provides the above functionality.
Please see the following Microsoft TechNet article for more information regarding requirements for UAG clients:
However, you may find that some of these clients display the following message when connecting to UAG.
After receiving this message, you might check your browser settings and find that the browser is indeed configured to allow Java Applets. Next, you may want to check the Mac client to verify that a Java Runtime Environment is indeed installed.
One easy method to verify that JRE is installed…and to verify the version…is to run the following command in the Terminal window.
If JRE is installed, you should see output similar to the following:
The above output sample indicates that JRE version 1.6.0.x is installed.
After receiving the above notification, you may choose the “continue” link to go to the UAG login page with “limited site functionality”. Once you reach the portal page, if you select the “System Information” button, you may see information similar to the following:
As you can see, the System Information output clearly indicates that “Endpoint Detection” is not installed and that a “Sun JRE Version” was not detected. This may lead you to believe that there is some problem with your JRE installation and/or your installed version may not be compatible with UAG 2010. However, before coming to this conclusion, please see the following support statement from Apple.
Starting with the Java 2012-004 update in Mac OS X, significant changes have been made regarding the handling of Java. One of those changes is to disable the Java plug-in for those that do not use it…or use it infrequently. To check the status of the plug-in and/or re-enable Java Applet support in Mac OS X, launch “Java Preferences” which is located under Applications-Utilities. In “Java Preferences” make sure that “Enable applet plug-in and Web Start applications” is selected.
After selecting this option, make sure to restart the browser. Now that the Java Applet is enabled, the next time you hit the UAG portal, you will hopefully receive a dialog indicating that an applet is requesting access to your computer. Once you select “Allow” in this dialog, the UAG Java applet will install and should proceed to the UAG login form.
Once you login to the portal, select the “System Information” button again. This time, it should look similar to the following:
Note that “Endpoint Detection” and “Device Session Cleanup” are now enabled and the JRE version is successfully detected.
Richard Barker – Sr Security Support Escalation Engineer, Microsoft CSS Forefront Security Edge Team