07-17-2019 05:23 AM
Hi,
I have an active/passive ASAv10 pair running 9.10(1) on which Im trying to configure a bookmark with automatic log on to our Citrix Storefront 2.6 site.
Im fairly confident I have the good POST parameters captured with Wireshark but I cannot figure out how to configure the pass-through authentication on the ASA.
I've tried various combination in an "Auto sign-on Form Submit" but here's what I got at the moment;
URL: http://domain.com/Citrix/StoreWeb
Login page URL: http://domain.com/Citrix/StoreWeb/ExplicitAuth/LoginAttempt
Landing page URL or Control ID: http://domain.com/Citrix/StoreWeb
Form parameters;
password: CSCO_WEBVPN_PRIMARY_PASSWORD
domain: domain.local
username: CSCO_WEBVPN_PRIMARY_USERNAME
LoginBtn: Log+On (also tried Log On)
StateContext: field is blank
saveCredentials: false
Has anyone been able to get this working? On my end, I do reach the log on page but nothing happens.
Solved! Go to Solution.
06-06-2022 05:59 AM
Hi,
It has been a while but yes, I was able to get this to work with the TAC. I left changed position since then so I don't know if it still works with more recent Storefront versions but here's what worked back then;
------------------------------
URL; yourStoreFrontURL/Citrix/StoreNameWeb/
Login page URL or Control ID/Class; control-id:loginBtn (did not test but this might be case sensitive)
Landing Page URL or Control ID; control-id:menuLogOffBtn (this is case sensitive)
Post Script; inject:if(!window.frames[0].document.getElementById("loginBtn")){var link=window.frames[0].document.getElementById("protocolhandler-detect-alreadyInstalledLink");if(link){link.click()}};
Form Parameters;
- username --> Value; CSCO_WEBVPN_USERNAME --> adapt to your environment
- password --> Value; CSCO_WEBVPN_PASSWORD --> adapt to your environment
- loginBtn --> Value; Log On (note that if your Storefront page is not in English, you need to change that accordingly)
Pre-login Page URL; https://yourStoreFrontURL/Citrix/StoreNameWeb/
Pre-login page Control ID/Class; control-class:skiplink
------------------------------
- This was for StoreFront 3.12 with XenApp 7.15 but I also tested it successfully with StoreFront 3.0 with XenApp 7.15 (Storefront 3.0 not supported with XenApp 7.15)
- The post script could be different for other XenApp versions
- The Pre-login Page URL can be in http if needed
06-03-2022 07:46 AM
Did you ever find a way to do this?
06-06-2022 05:59 AM
Hi,
It has been a while but yes, I was able to get this to work with the TAC. I left changed position since then so I don't know if it still works with more recent Storefront versions but here's what worked back then;
------------------------------
URL; yourStoreFrontURL/Citrix/StoreNameWeb/
Login page URL or Control ID/Class; control-id:loginBtn (did not test but this might be case sensitive)
Landing Page URL or Control ID; control-id:menuLogOffBtn (this is case sensitive)
Post Script; inject:if(!window.frames[0].document.getElementById("loginBtn")){var link=window.frames[0].document.getElementById("protocolhandler-detect-alreadyInstalledLink");if(link){link.click()}};
Form Parameters;
- username --> Value; CSCO_WEBVPN_USERNAME --> adapt to your environment
- password --> Value; CSCO_WEBVPN_PASSWORD --> adapt to your environment
- loginBtn --> Value; Log On (note that if your Storefront page is not in English, you need to change that accordingly)
Pre-login Page URL; https://yourStoreFrontURL/Citrix/StoreNameWeb/
Pre-login page Control ID/Class; control-class:skiplink
------------------------------
- This was for StoreFront 3.12 with XenApp 7.15 but I also tested it successfully with StoreFront 3.0 with XenApp 7.15 (Storefront 3.0 not supported with XenApp 7.15)
- The post script could be different for other XenApp versions
- The Pre-login Page URL can be in http if needed
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: