To configure HTTP protection measures you must create or edit the locked.properties file in the SSL gateway configuration folder on the Connection Server or security server instance.
For example: install_directory\VMware\VMware View\Server\sslgateway\conf\locked.properties
- Use the following syntax to configure a property in locked.properties:
myProperty = newValue
- The property name is always case-sensitive and the value might be case-sensitive. Whitespace around the = sign is optional.
- For CORS and CSP properties, it is possible to set service-specific values as well as a master value. For example, the admin service is responsible for handling Horizon Administrator requests, and a property can be set for this service without affecting other services by appending -admin after the property name.
myProperty-admin = newValueForAdmin
- If both a master value and a service-specific value are specified, then the service-specific value applies to the named service, and the master value applies to all other services. The sole exception to this is the special value "OFF". If the master value for a property is set to "OFF", then all service-specific values for this property are ignored.
myProperty = OFF myProperty-admin = newValueForAdmin ; ignored
- Some properties can accept a list of values.
To set a single value, enter the following property:
myProperty = newValue myProperty-admin = newValueForAdmin
To set multiple values for a property that accepts list values, you can specify each value on a separate line:
myProperty.1 = newValue1 myProperty.2 = newValue2 myProperty-admin.1 = newValueForAdmin1 myProperty-admin.2 = newValueForAdmin2
- To determine the correct service name to use when making a service-specific configuration, look in the debug logs for lines containing the following sequence:
(ajp:admin:Request21) Request from abc.def.com/10.20.30.40: GET /admin/In this example, the service name is admin. You can use the following typical service names:
- admin for Horizon Administrator
- newadmin for Horizon Console
- broker for Connection Server
- docroot for Local file serving
- portal for HTML Access
- saml for SAML communication (vIDM)
- tunnel for Secure Tunnel
- view-vlsi for View API
- misc for Other