This topic describes how to modify the properties of applications published in a Forefront Unified Access Gateway (UAG) portal trunk, using the Add Application Wizard.

To configure application properties

  1. In the Forefront UAG Management console, click the required trunk. In the Applications list, select the required application, and then click Edit.

  2. On the General tab, configure the application name, prerequisites applications (legacy applications only), and the timeout inactivity period, as required. For help with specific user interface settings, see General tab.

  3. On the Web Servers tab, configure the settings for the published Web application server. For help with specific user interface settings, see Web Servers tab (portal applications only).

  4. On the Server Settings tab, configure the settings for the published non-Web application servers. For help with specific user interface settings, see Server Settings tab (portal applications only).

  5. On the Web Settings tab, specify how content is inspected for the application. In addition, specify how remote user credentials are forwarded to application servers that require user authentication. For help with specific user interface settings, see Web Settings tab (portal applications only).

  6. On the Client Settings tab, for client/server, legacy, and browser-embedded applications published in a portal trunk, you can specify how the Forefront UAG Socket Forwarding component is activated on client endpoints. For help with specific user interface settings, see Client Settings tab (portal applications only).

  7. On the Web Server Security tab, configure settings to protect Web applications against HTTP request smuggling (HRS). Note that you cannot configure HRS for client/server and legacy applications. For help with specific user interface settings, see Web Server Security tab.

  8. On the Cookie Encryption tab, specify that all Set-Cookie headers will be encrypted except for those defined in the global and per-application cookie lists. For help with specific user interface settings, see Cookie Encryption tab.

  9. On the On the Endpoint Policy tab, specify the conditions with which remote client endpoints must comply in order to access the published application. For help with specific user interface settings, see Endpoint Policy tab.

  10. On the Downloads/Uploads tab, apply a download or upload policy for published applications. You can specify the method by which Forefront UAG identifies URLs to enforce a download or upload policy. Note that if none of the options in the tab are selected, no downloads or uploads will be blocked, regardless of the download or upload policies for the applications. For help with specific user interface settings, see Download/Upload tab.

  11. On the Authorization tab, specify which users and groups can access the portal application. By default, all users who authenticate successfully to the portal can access all applications published in a portal trunk. For help with specific user interface settings, see Authorization tab (portal applications only).

    Warning:
    If you set authorization to View or Deny for specific users and groups, the applications may still appear, or might not be grayed out when endpoints access the portal. Instead, either of the following may occur when users or group members attempt to connect to an application:
    1. The user might be asked to fill in credentials, but access will not be granted. No message is displayed.

    2. The user might receive a message that the computer does not meet the security requirements for the application.

  12. On the Portal Link tab, specify how the application appears in the portal home page of the trunk. You can control the link format on the portal homepage for applications published in the portal. Note that portal link settings are only applied if you use the Forefront UAG default portal home page. For help with specific user interface settings, see Portal Link tab (portal applications only).