Update Security Settings V4
All the listed privileges are required -
Privileges | Description |
---|---|
GLOBAL_CONFIG_MANAGEMENT | Caller should have permission to this privilege, to update settings. |
{
"cert_auth_mapping": [
"x509:<I>%issuer_dn%<S>%subject_dn%<SKI>%subject_key_id%",
"x509:<I>%issuer_dn%<SR>%serial%"
],
"cert_auth_mapping_control": [
"CUSTOM",
"SID"
],
"crl_distribution_points": [
"http://www.cdpexample.com/file.crl",
"http://crls.pki.goog/gts1c3/file1.pem"
],
"crl_file_max_size_kb": 1024,
"crl_refresh_period_minutes": 100,
"data_recovery_password_hash": [
"5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"
],
"data_recovery_password_hint": "password hint",
"message_security_mode": "ENABLED",
"re_auth_secure_tunnel_after_interruption": true
}
Indicates the certificate authentication mapping, which will be used to validate against (objectClass=user,altSecurityIdentities=) in Active directory.
Indicates the type of search for validating the Smart card.
List of CRL distribution point urls, from where CRLs will be fetched by crl prefetch service.It supports only http url and .crl and .pem file type.
Maximum allowed size in kb for CRL file that can be downloaded by crl prefetch service. This property has a default value of 1024.
Refresh time period in minutes for CRL prefetch. This property has a default value of 60.
The SHA-256 hash of the (UTF-8) data recovery password.
The data recovery password hint. This property has a maximum length of 128 characters.
Determines if signing and verification of the JMS messages passed between Horizon components takes place.
- DISABLED: Message security mode is disabled.
- ENABLED: Message security mode is enabled. Unsigned messages are rejected by Horizon components.
- ENHANCED: Message Security mode is Enhanced. Message signing and validation is performed based on the current Security Level and desktop Message Security mode.
- MIXED: Message security mode is enabled but not enforced.
Determines if user credentials must be re-authenticated after a network interruption when Horizon clients use secure tunnel connections to Horizon resources. When you select this setting, if a secure tunnel connection ends during a session, Horizon Client requires the user to re-authenticate before reconnecting.
No Content
Bad Request
User is not authenticated
Access to the resource is forbidden