To configure HTTP protection measures you must create or edit the locked.properties file in the gateway configuration folder on the Connection Server instance.
For example: install_directory\VMware\VMware View\Server\sslgateway\conf\locked.properties
- Use the following syntax to configure a property in locked.properties:
myProperty = newValue
- The property name is always case-sensitive and the value might be case-sensitive. Whitespace around the = sign is optional.
- For CORS and CSP properties, it is possible to set service-specific values and a primary value. For example, the admin service is responsible for handling Horizon console requests, and a property can be set for this service without affecting other services by appending -admin after the property name.
myProperty-admin = newValueForAdmin
- If both a primary value and a service-specific value are specified, then the service-specific value applies to the named service, and the primary value applies to all other services. The sole exception is the special value "OFF". If the primary value for a property is set to "OFF", then all service-specific values for this property are ignored.
For example:
myProperty = OFF myProperty-admin = newValueForAdmin ; ignored
- Some properties can accept a list of values.
To set a single value, enter the following property:
myProperty = newValue myProperty-admin = newValueForAdmin
To set multiple values for a property that accepts list values, you can specify each value on a separate line:
myProperty.1 = newValue1 myProperty.2 = newValue2 myProperty-admin.1 = newValueForAdmin1 myProperty-admin.2 = newValueForAdmin2
- To determine the correct service name to use when making a service-specific configuration, look in the debug logs for lines containing the following sequence:
(ajp:admin:Request21) Request from abc.def.com/10.20.30.40: GET /admin/
In this example, the service name is admin. You can use the following typical service names:- newadmin for Horizon console
- broker for Connection Server
- docroot for Local file serving
- portal for HTML Access
- saml for SAML communication (vIDM)
- tunnel for Secure Tunnel
- view-vlsi for View API
- misc for Other
- rest for REST API