To configure HTTP protection measures you must create or edit the locked.properties file in the SSL gateway configuration folder on the Connection Server or security server instance.
For example: install_directory\VMware\VMware View\Server\sslgateway\conf\locked.properties
Use the following syntax to configure a property in locked.properties:
myProperty = newValue
The property name is always case-sensitive and the value might be case-sensitive. Whitespace around the = sign is optional.
For CORS and CSP properties, it is possible to set service-specific values as well as a master value. For example, the admin service is responsible for handling Horizon Administrator requests, and a property can be set for this service without affecting other services by appending -admin after the property name.
myProperty-admin = newValueForAdmin
If both a master value and a service-specific value are specified, then the service-specific value applies to the named service, and the master value applies to all other services. The sole exception to this is the special value "OFF". If the master value for a property is set to "OFF", then all service-specific values for this property are ignored.
myProperty = OFF myProperty-admin = newValueForAdmin ; ignored
Some properties can accept a list of values.
To set a single value, enter the following property:
myProperty = newValue myProperty-admin = newValueForAdmin
To set multiple values for a property that accepts list values, you can specify each value on a separate line:
myProperty.1 = newValue1 myProperty.2 = newValue2 myProperty-admin.1 = newValueForAdmin1 myProperty-admin.2 = newValueForAdmin2
To determine the correct service name to use when making a service-specific configuration, look in the debug logs for lines containing the following sequence:
(ajp:admin:Request21) Request from abc.def.com/10.20.30.40: GET /admin/
In this example, the service name is admin. You can use the following typical service names:
admin for Horizon Administrator
newadmin for Horizon Console
broker for Connection Server
docroot for Local file serving
portal for HTML Access
saml for SAML communication (vIDM)
tunnel for Secure Tunnel
view-vlsi for View API
misc for Other