Below is part of DSRecord taken while accessing Citrix Nfuse via IVE. Pertinent values are marked in bold.

Similar documents
Multifactor Authentication

Crowbar: New generation web application brute force attack tool

THE PROXY SERVER 1 1 PURPOSE 3 2 USAGE EXAMPLES 4 3 STARTING THE PROXY SERVER 5 4 READING THE LOG 6

No. Time Source Destination Protocol Info HTTP GET /ethereal-labs/http-ethereal-file1.html HTTP/1.

reference: HTTP: The Definitive Guide by David Gourley and Brian Totty (O Reilly, 2002)

T14 SECURITY TESTING: ARE YOU A DEER IN THE HEADLIGHTS? Ryan English SPI Dynamics Inc BIO PRESENTATION. Thursday, May 18, :30PM

e Merchant Plug-in (MPI) Integration & User Guide

Securing SharePoint Server with Windows Azure Multi- Factor Authentication

Using Traffic Direction Systems to simplify fraud... and complicate investigations!

Deployment Guide. Caching (Static & Dynamic) Deployment Guide. A Step-by-Step Technical Guide

Protocolo HTTP. Web and HTTP. HTTP overview. HTTP overview

Anatomy of a Pass-Back-Attack: Intercepting Authentication Credentials Stored in Multifunction Printers

Setup and Administration for ISVs

Security-Assessment.com White Paper Leveraging XSRF with Apache Web Server Compatibility with older browser feature and Java Applet

StoneGate SSL VPN Technical Note Setting Up SSO with Citrix Presentation Server

Using SAML for Single Sign-On in the SOA Software Platform

DNS Pinning and Web Proxies

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

Java Web Application Security

Arnaud Becart ip- label 11/9/11

Table of Contents. Open-Xchange Authentication & Session Handling. 1.Introduction...3

Web Security Threat Report: January April Ryan C. Barnett WASC Member Project Lead: Distributed Open Proxy Honeypots

Remote access set up for a home PC

VPN User Guide. For PC

Privacy. Computer Security. Triangulation. What is Private Information?

CloudOYE CDN USER MANUAL

Alteon Browser-Smart Load Balancing

HTTP Protocol. Bartosz Walter

Java SFA merchant integration guide

HTTP Caching & Cache-Busting for Content Publishers

Fax via HTTP (POST) Traitel Telecommunications Pty Ltd 2012 Telephone: (61) (2) Page 1

Executive Summary. What is Authentication, Authorization, and Accounting? Why should I perform Authentication, Authorization, and Accounting?

Citrix Access on SonicWALL SSL VPN

Dell SonicWALL SRA 7.5 Citrix Access

WatchGuard QMS End User Guide

SonicWALL SSL VPN 3.0 HTTP(S) Reverse Proxy Support

Egnyte Single Sign-On (SSO) Installation for OneLogin

Web Application Report

API. Application Programmers Interface document. For more information, please contact: Version 2.01 Aug 2015

Web Application Forensics:

How to Use Remote Access Using Internet Explorer

Administering Jive for Outlook

Ericom Secure Gateway

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5

OCS Client Installation - Quick Start Guide. Web Conferencing & Secure Instant Messaging via Microsoft Office Communications Server 2007

Secure Messaging Server Console... 2

Chapter 5 Configuring the Remote Access Web Portal

These instructions will allow you to configure your computer to install necessary software to access mystanwell.com.

Web Based Single Sign-On and Access Control

Configuration Guide - OneDesk to SalesForce Connector

How To Use A Pvpn On A Pc Or Mac Or Ipad (For Pc) With A Password Protected (For Mac) On A Network (For Windows) On Your Computer (For Ipad) On An Ipad Or Ipa

e Merchant Plug-in (MPI) Integration & User Guide

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Oracle E-Business Suite 12

Kaseya 2. User Guide. Version 6.1

CHECK POINT MOBILE ACCESS VPN

Java Secure Application Manager

To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.

The Hyper-Text Transfer Protocol (HTTP)

ATTENTION: End users should take note that Main Line Health has not verified within a Citrix

How To - Implement Single Sign On Authentication with Active Directory

Setup Corporate (Microsoft Exchange) . This tutorial will walk you through the steps of setting up your corporate account.

Contents Release Notes System Requirements Administering Jive for Office

Google Apps Deployment Guide

Requirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module

Training module 2 Installing VMware View

USING MYWEBSQL FIGURE 1: FIRST AUTHENTICATION LAYER (ENTER YOUR REGULAR SIMMONS USERNAME AND PASSWORD)

Remote Access: Citrix Client Setup

Deploying Citrix MetaFrame with the FirePass Controller

EM Single Sign On 1.2 (1018)

Install and End User Reference Guide for Direct Access to Citrix Applications

Central Administration QuickStart Guide

Configuring Single Sign-on for WebVPN

Montefiore Portal Quick Reference Guide

Astaro User Portal: Getting Software and Certificates Astaro IPsec Client: Configuring the Client...14

SAML-Based SSO Solution

VCCC Appliance VMware Server Installation Guide

Administering Jive Mobile Apps

Web Security: SSL/TLS

INUVIKA OPEN VIRTUAL DESKTOP ENTERPRISE

How-to: HTTP-Proxy and Radius Authentication and Windows IAS Server settings. Securepoint Security System Version 2007nx

Príprava štúdia matematiky a informatiky na FMFI UK v anglickom jazyku

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

SSL VPN Portal Options

Network Technologies

Forumbee Single Sign- On

Fortigate SSL VPN 4 With PINsafe Installation Notes

How do I use Citrix Staff Remote Desktop

What s New in Juniper s IVE Platform Version 5.2. Highlights of this Release. What s New in IVE v5.2

Installing the Citrix Online Plug-In

1. Right click using your mouse on the desktop and select New Shortcut.

Fortigate SSL VPN 3.x With PINsafe Installation Notes

Wonderware InTouch Access Anywhere Secure Gateway Administrator Manual

Publish Cisco VXC Manager GUI as Microsoft RDS Remote App

January 20, Helpful Hints for Printing in Citrix Using Xerox Print Drivers Customer Tip

Acunetix Website Audit. 5 November, Developer Report. Generated by Acunetix WVS Reporter (v8.0 Build )

Netcomm NB604N. Modem Configuration Guide. Netcomm NB604N. Configuring in Layer2 PPPoE for Windows XP and 2000 IMPORTANT MESSAGE

Security Testing: Step by Step System Audit with Rational Tools. First Presented for:

APPLICATION NOTE. CC5MPX Digital Camera and IPn3Gb Cellular Modem 10/14. App. Note Code: 3T-Z

HTML Forms and CONTROLS

Lecture Notes for Advanced Web Security 2015

Transcription:

Remote SSO Configuration This feature is used for automating the sign-in process for any application or site which is form based and uses post method for authentication. The steps to configure Remote SSO are given below: 1. Login as admin in to IVE. 2. To configure Form POST go to Resource Policies Web Remote SSO Form POST or Resource Policies Web SSO Form POST. 3. Click on New Policy. 4. The Name and Description fields are arbitrary. 5. In the Resource field enter the URL of the Citrix Nfuse site. 6. Under Roles select Policy applies to ALL roles if you wish to apply the policy to all the roles or select the appropriate option and select the roles from the Available roles list and add it to the Selected roles window. 7. Under Action select Perform the POST defined below. To know the Post details lets consider the example below Note: To get the cookie information, user should successfully login to the application. Obtain a DSRecord (Maintenance>troubleshooting>session recording) of this successful login. Example: Below is part of DSRecord taken while accessing Citrix Nfuse via IVE. Pertinent values are marked in bold. ---- dsrecord.response.after.body:none - 08368.00162 - { 4384 } ---- 20031208160704.388772 ---- <table width="286" border="0" cellspacing="0" cellpadding="3" bgcolor="#6699cc"> <form autocomplete=off method="post" action="login.asp,danainfo=kaku.qa.danastreet.net+" name="nfuseform"> <input TYPE="HIDDEN" name="logintype" value="explicit"> <td> <input type="text" name="user" class="loginentries" onfocus="focus_upd(this.form);" MAXLENGTH="256" > </td> ---- dsrecord.response.after.body:none - 08368.00164 - { 3580 } ---- 20031208160704.389190 ---- <td colspan="2"> </td> <td> <input type="password" name="password" class="loginentries" onfocus="focus_upd(this.form);" MAXLENGTH="254" > <td colspan="2"> </td> <input type="text" name="domain" class="loginentries" onfocus="focus_upd(this.form);" MAXLENGTH="256" >

<tr align="right" valign="middle"> <td colspan="3"> ---- dsrecord.request.before.header:none - 08368.00178 - { 696 } ---- 20031208160712.161352 ---- POST /citrix/nfuse17/login.asp,danainfo=kaku.qa.danastreet.net+ HTTP/1.1 Cache-Control: no-cache : DSLastAccess=1070928424; DSID=**************************************** ---- dsrecord.request.before.body:none - 08368.00179 - { 78 } ---- 20031208160712.161910 -- -- LoginType=Explicit&user=se1&password=dana123&domain=qa&Log+In.x=42&Log+In.y=1 0 ---- dsrecord.request.after.header:none - 08368.00180 - { 718 } ---- 20031208160712.162149 - --- POST /citrix/nfuse17/login.asp HTTP/1.0 Host: kaku.qa.danastreet.net Connection: Keep-Alive Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */* Accept-Language: en-us Content-Length: 78 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0;.NET CLR 1.1.4322) Referer: http://kaku.qa.danastreet.net/citrix/nfuse17/login.asp Authorization: Basic bxdvbmc6bxdvbmcxmjm= : NFuseUseSavedFolder=Off; icascreenresolution=1600x1200; icabrowsercode=1; icaobjectcode=1; icaclientcode=1; ASPSESSIONIDQQGQQXCC=LKLPHAPBKDODOMGOKPEFIOOD What to look for in DSRecord? 8. Access the Citrix Nfuse site directly and copy the URL which is present on the address bar of the browser. In this case the URL will be http://kaku.qa.danastreet.net/citrix/nfuse17/login.asp. 9. In the DSRecord look for POST which will be followed by the URL, that will be the POST URL. It looks like POST /citrix/nfuse17/login.asp,danainfo=kaku.qa.danastreet.net+ HTTP/1.1 (bolded in above DSRecord), thus the Post URL will be http://kaku.qa.danastreet.net/citrix/nfuse17/login.asp. Enter this URL in POST to URL field under POST details. 10. In the DSRecord search for POST under dsrecord.response.after.body and look for Input. If it has any value for variable name and value, enter those values under name and value filed under POST details. The variable value will only be present if it has default value (bolded in above DSRecord). If you have any name variable for which the value variable is empty or blank, you can ignore those variables. For domain you can enter the static value since we don t enter the domain information while signing-in to IVE. 11. The Form POST details are given below in the table.

Under POST details in Form POST configuration page we have User Modifiable field which has three options given below: Not Modifiable: User cannot change the credentials or other values. User CAN change value: Changes are optional. After signing-in the user can go to System Preferences Advanced. Under Configure Remote SSO (Single Sign On) Resources and can then click on Configure Remote SSO. From the list under Remote SSO Bookmark the user can select the Citrix Nfuse SSO bookmark and click on Configure and enter the data in respective fields and save the changes. User MUST change value: If the credentials for Citrix Nfuse are same as IVE credentials or different, user MUST provide the credentiatls details. After signing-in the user can go to System Preferences Advanced. Under Configure Remote SSO (Single Sign On) Resources the user can click on Configure Remote SSO. From the list under Remote SSO Bookmark the user can select the Citrix Nfuse SSO bookmark and click on Configure and enter the data in respective fields and save the changes. 12. For Custom Headers and s search for the username used by the user to login to application while taking DSRecord. This user name should be present under dsrecord.request.after.header (bolded in above DSRecord). You will see a few more cookies which we have left because those are already set. In the beginning of the DSRecord search for Set-. 13. To configure Headers/s go to Resource Policies Web Remote SSO Headers/s or Resource Policies Web SSO Headers/s. 14. Click on New Policy. 15. The Name and Description fields are arbitrary. 16. Under Resource in Resource field enter the URL of the Citrix Nfuse site. 17. Under Roles select Policy applies to ALL roles if you apply the policy to all the roles or select the appropriate option and select the roles from the Available roles list and add it to the Selected roles window. 18. Under Action select Append headers as defined below. 19. The Headers and values are given below in the table.

Form POST details and Headers and values for Citrix Nfuse. Citrix NFuse 1.5 ---------------- URL : http://10.10.24.21/citrix/metaframe/default.htm POST URL : http://10.10.24.21/citrix/metaframe/frameset.asp Display Mode displaymode seamless Not Modifiable Citrix NFuse 1.6 ---------------- UR : http://10.10.24.21/citrix/nfuse16/login.asp POSTURL : http://10.10.24.21/citrix/nfuse16/frameset.asp Login Page loginpage default Not Modifiable Headers and values: (Add one per line) icaobjectcode=1 icaclientcode=1 Citrix NFuse 1.7 ---------------- URL : http://10.10.24.21/citrix/nfuse17/login.asp POST URL : http://10.10.24.21/citrix/nfuse17/login.asp Login Type LoginType Explicit Not Modifiable

Headers and values: (Add one per line) icabrowsercode=1 icaobjectcode=1 icaclientcode=1 icascreenresolution=1024x768 Citrix NFuse 2.1/XP ----------------------- URL : http://10.10.24.21/citrix/nfuse17/login.asp POST URL : http://10.10.24.21/citrix/nfuse17/login.asp Login Type LoginType Explicit Not Modifiable State State LOGIN Not Modifiable Headers and values: (Add one per line) icabrowsercode=1 icaobjectcode=1 icaclientcode=1 icascreenresolution=1024x768 icaclientavailable=true Citrix NFuse 3.0 ------------------ URL : http://10.10.24.21/citrix/nfuse17/login.asp POST URL : http://10.10.24.21/citrix/nfuse17/login.asp Login Type LoginType Explicit Not Modifiable

State state LOGIN Not Modifiable Headers and values: (Add one per line) icaispassthrough=3 icascreenresolution=1024x768 icaclientavailable=true Note: The name and value in Forms-based SSO and header value in Custom Headers and s are case sensitive.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information