Technical Notes

You can configure Reflection for the Web to display the LDAP username in the metering reports when using LDAP authentication and authorization. By default, the metering reports use the system logon username. To enable this option, edit the ReflectionData/properties/server.properties file and add the following line:

The following national character sets were added:

Euro support for other national character sets has been added.

Note: If you have earlier versions of the product using a standard national character set with a manually modified character for the Euro symbol, you must select the new national character set that includes the Euro symbol.

The FTP Options dialog box previously had three options for file transfer if the file already exists: Ask user, Skip, or Overwrite. An additional option, Append, is now available. When you select the Append option, the contents of the file being sent will be appended to the file that already exists.

For Internet Explorer users who have installed the cumulative security update described in Microsoft security bulletin MS06-13 (http://support.microsoft.com/kb/912812/), Service Pack 1 includes changes that allow users to interact with Reflection for the Web applets without requiring the user to click the applet to first activate it.

The ability to enable or disable client CRL (Certificate Revocation List) checking has been added. Use the applet parameter enableCRL to modify the setting. CRL checking is turned off (value = false) by default. You must set the applet parameter to true for a terminal session to enable the CRL checking on the TLS server certificate chain in an SSL/TLS connection.

The ability to enable or disable CRL checking on the proxy server has been added. To enable the CRL checking on the proxy server, the proxy property enableCRL must be set to true. You must modify the server.properties file (/securityproxy/conf/server.properties) manually on the security proxy server to change the setting from false (the default) to true.

This release includes Public Key Infrastructure (PKI) support for certificate revocation lists (CRLs), certificate policy extensions and policy constraints, and the ability to import certificate chains and to construct automatic certificate chains. It also includes strict United States Department of Defense PKI, including enforcement of a single certificate authority (CA) for CRLs and certificates.

IND$FILE file transfer to CMS and TSO now displays the files on the host. Drag and drop selection of files is now available for IBM mainframes using IND$FILE on CMS and TSO, and CICS system. A Java 2 VM is required for drag and drop support.

You can use SFTP when you need encrypted communications between a trusted host and your PC. This Secure Shell (SSH) FTP protocol is available in the FTP client sessions and within emulation sessions when FTP is enabled.

You can now map light pen functionality, macros, and keyboard actions to mouse triggers.

In IBM 3270 and 5250 sessions, you can enable the display of operation and status messages in the Operator Information Area (OIA) at the bottom of the terminal window.

In IBM 3270 and 5250 sessions, you can configure the cursor ruler as a vertical line, horizontal line, or crosshair lines that intersect where the cursor is located.

In an IBM 5250 session, you can configure Kerberos automatic sign-on for an IBM iSeries host.