The PingFederate administrative console and runtime server are capable of returning custom HTTP response headers, such as HTTP Strict-Transport-Security (HSTS) to enforce HTTPS based access and P3P for Microsoft Internet Explorer interoperability.
- Edit the response-header-admin-config.xml file or the response-header-runtime-config.xml file (or both), located in the <pf_install>/pingfederate/server/default/data/config-store directory.
- Save your changes.
For a clustered PingFederate environment, perform these steps on the console node, and then click Replicate Configuration on the screen.Important:
For each engine node, restart PingFederate to load the changes made in the response-header-admin-config.xml or response-header-runtime-config.xml file (or both) after the configuration is replicated.