Table of Contents

• Introduction
  • Current flow
  • Configure new flow
• Configuration
  • Step 1. Configure Responder Policy
  • Step 2. Configure Responder Action
  • Step 3. Bind Responder policy

Introduction

Current flow

Currently when you configure Single Sign-on with Workspace 365 and Citrix via SAML, the first time you open an application, you are redirected to the Citrix Storefront page, if you open the application again, the application will open as expected.

Configure new flow

To prevent the above from happening, Citrix Netscaler offers a new way of redirection which makes it possible to redirect the user back to the desired application after authentication. 

Be aware, this is only possible from Netscaler version 11.0 + 

Back to top

Configuration

Step 1. Configure Responder Policy

• Configure a new Responder Policy on the Netscaler Gateway

• Expression:

HTTP.REQ.URL.PATH_AND_QUERY.EQ("/Citrix/WEBURL/") && HTTP.REQ.HEADER("Referer").CONTAINS("/cgi/setclient?wica")

• WEBURL = e.g "ndawWeb"

Back to top

Step 2. Configure Responder Action

• Configure the Responder Action

• Expression:

HTTP.REQ.COOKIE.VALUE("NSC_TASS")

Back to top

Step 3. Bind Responder policy

• Bind the Responder policy to the Netscaler Gateway Virtual Server

When done, log in to the Workspace 365 environment, and check if it is working as expected. 

Back to top