Step 2. Configure seamless Single Sign-on with Citrix
Table of Contents
Introduction
Current flow
Currently when you configure Single Sign-on with Workspace 365 and Citrix via SAML, the first time you open an application, you are redirected to the Citrix Storefront page, if you open the application again, the application will open as expected.
New flow
To prevent the above from happening, Citrix Netscaler offers a new way of redirection which makes it possible to redirect the user back to the desired application after authentication.
Be aware, this is only possible from Netscaler version 11.0 +
Configuration
Step 1. Configure Citrix Federated Authentication Service
More information on how to configure Citrix Federated Authentication Service:
http://www.carlstalhood.com/citrix-federated-authentication-service-saml/
Step 2. Install the Citrix app Launcher and HTLM 5 SDK
For the download files and instructions, visit our downloads page.
Step 3. Configure Responder Policy
- Configure a new Responder Policy on the Netscaler Gateway
- Expression:
HTTP.REQ.URL.PATH_AND_QUERY.EQ("/Citrix/WEBURL/") && HTTP.REQ.HEADER("Referer").CONTAINS("/cgi/setclient?wica")
- WEBURL = e.g "ndawWeb"
Step 4. Configure Responder Action
- Configure the Responder Action
- Expression:
HTTP.REQ.COOKIE.VALUE("NSC_TASS")
Step 5. Bind Responder policy
- Bind the Responder policy to the Netscaler Gateway Virtual Server
Proceed to step 3