22.3 enhancements and patches
Review the BMC Helix Single Sign-On 22.3 enhancements and patches for features that will benefit your organization and to understand changes that might impact your users.
Version | SaaS | On premises | Fixed issues | Updates and enhancements |
---|---|---|---|---|
22.3.01 | Known and corrected issues | patch | ||
22.3.00 | Known and corrected issues | release |
BMC applies upgrades as described in the BMC Helix Upgrade policy . BMC applies upgrades and patches during Maintenance windows .
(On premises only) Downloading and installing the patch
See Deploying BMC Helix common services for BMC Helix IT Service Management and Deploying BMC Helix IT Operations Management .
22.3.01
Select between an Adapt-based and old-style user interface for a login page
By default, the Adapt-based login page is displayed to end users when they log in to the integrated BMC application. In the branding settings, the administrator can select the style of the earlier BMC Helix SSO versions. For more information, see Rebranding the end user login page.
Avoid session and token duplication when a tenant is changed in the realm
When you change the value of the Tenant field in the realm, all sessions and tokens of users who are logged in within this realm are invalidated, which enhances security. This feature is available in the general settings of the realm. For more information, see Configuring general settings for a realm.
22.3
Avoid BMC Helix SSO outage when the old certificate expires
Two signing and two encryption certificates are supported in SAML metadata to prevent BMC Helix SSO outage when old certificates expire. To add the additional certificate to your SAML metadata, enable multiple certificate usage and update the metadata templates. For more information, see Setting up tenants.
Hide copyright message on the login page
As a SaaS administrator, you can configure a tenant to not display copyright information on the BMC Helix SSO login page. For more information, see Login and logout experience for end users.
Extract user information for SAML IdP
Configure the SAML IdP to extract information about an authenticated user. It is available to extract such attributes as String, Number and List (presumably of Strings). Use the extracted information to provide BMC Helix SSO-protected applications with additional context about the authenticated user. For information, see Configuring advanced functions for SAML authentication
What else changed in this release
In this release, note the following significant changes in the product behavior:
Update | Product behavior in versions earlier than 22.3 | Product behavior in version 22.3 and later |
---|---|---|
(Version 22.3.01 and later) Session invalidation after a password change | An end user session persists after a password change. Previous scenario:
| An end user session is invalidated after a password change. Updated scenario:
For more information about sessions, see Invalidating and configuring end user sessions. |
Interactive self-help | Interactive self-help is enabled by default. | Interactive self-help is disabled by default. For information about how to change the default behavior, see Configuring settings for BMC Helix SSO administrators. |
(Available for on-premises container deployment only) Enhanced BMC Helix SSO AREA plug-in with an additional validation per tenant | Tenant validation is made according to the configured validation parameters. | To improve the security of a BMC Helix SSO AREA plug-in, you can specify an optional property |
Comments
Log in or register to comment.