VMware Horizon Community
K_Miller
Enthusiast
Enthusiast
‎11-04-2015 10:56 AM

HTML Access Security

We are looking into implementing HTML access however we are concerned about users saving their logon credentials in browsers on machines we do not have control over. I would like to know if anyone has dealt with this and how they were able to tackle the issue. Please let me know if you have any insight into this.

Thank You,

K Miller

0 Kudos
8 Replies
vTimD
Enthusiast
Enthusiast
‎11-04-2015 02:51 PM

Would you be allowing the HTML access from personal computers, or from domain-managed computers? If they are personal computers, you may have trouble trying to control that. If they are domain, you could try and implement a GPO to control that.

-vTimD http://www.vtimd.com If you found this or any other answer useful please consider the use of the Helpful or Correct buttons to award points.
0 Kudos
rrr5703
Contributor
Contributor
‎11-04-2015 02:54 PM

Along these lines, is there a capability, or a plan to add a capability, for supporting CAC enabled logons for HTML access?

This would be very beneficial for the government user...

0 Kudos
vTimD
Enthusiast
Enthusiast
‎11-05-2015 05:47 AM

According to the documentation, Smart Card Authentication is not supported with HTML access:

https://www.vmware.com/pdf/horizon-view/horizon-html-access-3x-document.pdf

-vTimD http://www.vtimd.com If you found this or any other answer useful please consider the use of the Helpful or Correct buttons to award points.
0 Kudos
rrr5703
Contributor
Contributor
‎11-05-2015 05:48 AM

Thanks...  I understood that, but is there any plan to implement it?  Seems like it would make a lot of sense to do so...

0 Kudos
vTimD
Enthusiast
Enthusiast
‎11-05-2015 05:58 AM

I'm sorry, I misunderstood your post when I read it. As I am not an employee of VMware, I am not really privy to the future road maps. There is a section on the website to make feature requests:

Contact VMware | United States

You should submit it, as it could definitely be beneficial.

-vTimD http://www.vtimd.com If you found this or any other answer useful please consider the use of the Helpful or Correct buttons to award points.
0 Kudos
K_Miller
Enthusiast
Enthusiast
‎11-05-2015 07:18 AM

Yes we would like to allow access from personal computers and by the same token that would open it up to public computers. My concern is that someone would save their credentials in a browser on a public or shared computer. This could result in a lasting security hole.

KM

0 Kudos
vTimD
Enthusiast
Enthusiast
‎11-05-2015 07:44 AM

I totally understand your concern. This is one of the reasons why we have not rolled out Blast desktops to external users at this point. Saving form data is a native browser functionality, and I don't see any way to control this natively from within View. Unless someone has more info here, I'd open an SR and see if anyone in support or engineering has a solution that could work for this. If you find one, please post it back here, as I am sure you aren't the only and last person to ask about that.

-vTimD http://www.vtimd.com If you found this or any other answer useful please consider the use of the Helpful or Correct buttons to award points.
0 Kudos
ifiona
VMware Employee
VMware Employee
‎11-13-2015 01:34 AM

HTML Access has disabled storing passwords in the browsers by disabling autocompletion.

0 Kudos