Configure seamless single sign on with Citrix

Follow

Current flow:

Currently when you configure Single Sign on with Workspace 365 and Citrix via SAML, the first time you open an application, you are redirected to the Citrix Storefront page, if you open the application again, the application will open as expected.

Configure new flow:

To prevent the above from happening, Citrix Netscaler offers a new way of redirection which makes it possible to redirect the user back to the desired application after authentication. 

Be aware, this is only possible from Netscaler version 11.0 + 

Step one:

  • Configure a new Responder Policy on the Netscaler Gateway

  • Expression:
HTTP.REQ.URL.PATH_AND_QUERY.EQ("/Citrix/WEBURL/") && HTTP.REQ.HEADER("Referer").CONTAINS("/cgi/setclient?wica")
  • WEBURL = e.g "ndawWeb"

Step two:

  • Configure the Responder Action

  • Expression:
HTTP.REQ.COOKIE.VALUE("NSC_TASS")

Step three:

  • Bind the Responder policy to the Netscaler Gateway Virtual Server

When done, log in to the Workspace 365 environment, and check if it is working as expected. 

Download our latest Workspace365AppLauncher here

 

Have more questions? Submit a request