This topic provides information about the security enhancements and new features in this release:
You can add an inclusion list of URLs to be redirected to when you log out of the mid tier. To add an inclusion list, add the following property in the <midTierInstallDirectory>/WEB-INF/classes/config.properties file:
BMC Remedy Developer Studio provides the
DECRYPT functions to encrypt and decrypt data in filters and escalations, securing the operations. By default, only the 56-bit DES algorithm is used for encryption, but you can specify the 256-bit AES algorithm for better security. To enable the 256-bit AES algorithm, add the
Workflow-Encryption-Algorithm:x parameter to the ar.cfg or ar.conf file, replacing x with the value that identifies the algorithm:
Workflow-Encryption-Algorithm:1 — Enter 1 to use the 56-bit DES algorithm.
Workflow-Encryption-Algorithm:7 — Enter 7 to use the 256-bit AES algorithm.
This algorithm is applied only when you use
ENCRYPT function in BMC Remedy Developer Studio.
BMC recommends that you use the 256-bit AES algorithm for better security.
You can now restrict BMC Remedy Action Request System (AR System) users from uploading and viewing files with certain extensions in BMC Remedy Mid Tier and BMC Remedy User Tool. This feature helps prevent users from uploading malicious attachments and viewing them. For more information, see Security restrictions on file uploads.