×
 
 

 

This documentation supports the 19.08 version of Remedy Action Request System.

To view an earlier version, select the version from the Product version menu.

BMC Remedy Action Request System 19.08 ... Administering Security administration

Enabling cross launch to mid tier

When you have Remedy Mid Tier version 18.05 or later, and you want to cross-launch ito mid tier from different applications, the HttpHeaderSecurityFilter filter might block the x-FRAME-OPTIONS header.

To overcome this issue, you can use either of the following options:

  • In the Centralized configuration, set the arsystem.security_iframe_allowfromurls parameter to either Self or URI.
  • From the HttpHeaderSecurityFilter filter in the web.xml file located in the <Install directory>\BMC Software\ARsystem\midtier\WEB-INF folder, modify the ClickJackMode parameter.

The settings in the Centralized configuration takes precedence over the settings in the web.xml file.

To enable cross-launch to mid tier by using Centralized Configuration

Use the arsystem.security_iframe_allowfromurls parameter in the Centralized Configuration. 

Perform the following steps:

  1.  Open AR System Administration > AR System Administration console.
  2. Click System >  General >  Centralized configuration.
  3. From the Components Name field, arsystem.bmc.arsys.midtier component.
    This component is displayed only if you configure the AR System server by using the Centralized Configuration.
  4. From Setting name, select the arsystem.security_iframe_allowfromurls parameter.

  5. Use either the Self or URI option to set the parameter value. 
    The following table describes the options available:

    OptionDescription
    Self (Default) Enables the current site to render the content.
    URI 

    Allows the specified URI to render the page. You can pass multiple URIs.
    The URIs must be space-separated.

    For example: http://www.example.com/http://www.example2.com/

    None Prevents any domain from rendering the content.

To enable mid tier cross-launch by using the web.xml file

To enable mid tier cross-launch, use the ClickJackMode parameter in the web.xml file.

Refer to the following screenshot:


To disable mid tier cross-launch by using the web.xml file

To disable mid tier cross-launch, use the ClickJackEnable parameter using the web.xml file.

Refer to the following screenshot:


Related topic

Security administration



Was this page helpful? Yes No Submitting... Thank you
Last modified by Himanshu Raul on Aug 18, 2020
clickjacking security_header launch_mid_tier cross_launching remedy_mid_tier

Comments

Modifying the permissions of components by using Centralized Configuration
Setting user preferences
© Copyright 1991-2021 BMC Software, Inc. © Copyright 1991-2021 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2021 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.