SecuritySettingsUpdateSpecV3
Security settings object to be updated.
{
"cert_auth_mapping": [
"x509:<I>%issuer_dn%<S>%subject_dn%<SKI>%subject_key_id%",
"x509:<I>%issuer_dn%<SR>%serial%"
],
"cert_auth_mapping_control": [
"CUSTOM",
"SID"
],
"data_recovery_password_hash": [
"5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"
],
"data_recovery_password_hint": "password hint",
"message_security_mode": "ENABLED",
"re_auth_secure_tunnel_after_interruption": true
}Indicates the certificate authentication mapping, which will be used to validate against (objectClass=user,altSecurityIdentities=) in Active directory.
Indicates the type of search for validating the Smart card.
The SHA-256 hash of the (UTF-8) data recovery password.
The data recovery password hint. This property has a maximum length of 128 characters.
Determines if signing and verification of the JMS messages passed between Horizon components takes place.
- DISABLED: Message security mode is disabled.
- ENABLED: Message security mode is enabled. Unsigned messages are rejected by Horizon components.
- ENHANCED: Message Security mode is Enhanced. Message signing and validation is performed based on the current Security Level and desktop Message Security mode.
- MIXED: Message security mode is enabled but not enforced.
Determines if user credentials must be re-authenticated after a network interruption when Horizon clients use secure tunnel connections to Horizon resources. When you select this setting, if a secure tunnel connection ends during a session, Horizon Client requires the user to re-authenticate before reconnecting.