Jump to content
Welcome to our new Citrix community!

PostCredentialsAuth always returns fatalerror

heesun kim

Recommended Posts

I tried to log in using StoreFront Web API but it failed.

Here is the java code that I ran.


    public void testAuthorize()
        String SFURL = "";
        String _domain = "testdomain.mm";
        String _username = "kim";
        String _password = "1234";
        final Client client = ClientBuilder.newClient();
        final WebTarget target = client.target(SFURL).path("/PostCredentialsAuth/Login");
        Form form = new Form();
        form.param("username", _domain + "\\" + _username);
        form.param("password", _password);

        Response post = target.request().header("X-Citrix-IsUsingHTTPS", "No").post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE));

        Cookie ctxsAuthIdCookie = post.getCookies().get("CtxsAuthId");
        Cookie csrfTokenCookie = post.getCookies().get("CsrfToken");
        Cookie aspnetSessionIdCookie = post.getCookies().get("ASP.NET_SessionId");

        String entity = post.readEntity(String.class);
        logger.info("testAuthorize() - entity=" + entity);



It always returns fatal error as following.


<?xml version="1.0" encoding="UTF-8"?>
<AuthenticationStatus xmlns="http://citrix.com/delivery-services/webAPI/2-6/authStatus">




When I query, it returns only two methods as following.


<authMethods xmlns="http://citrix.com/delivery-services/webAPI/2-6/authMethods">

    <method name="ExplicitForms" url="ExplicitAuth/Login"/>

    <method name="CitrixAuth" url="CitrixAuth/Login"/>



I'm not sure why it has no "PostCredentialsAuth" item in result and not sure if this is why my calling "PostCredentialsAuth" failed.

Am I doing wrong ? Or do I need to configure something in StoreFront to make it accept this Web API ?

I think this is very simple problem but I spent several days and I couldn't get any clue.


Please help me out...

Link to comment
Share on other sites

Thanks, Fengh. You are right.

I could log in after enabled HTTP-Basic.

But I got another problem When I call /Resources/List, it shows an error as following.


    {"unauthorized": true}


I passed CsrfToken, CtxsAuthId, ASP.NET_SessionId in cookie which I got from /PostCredentialAuth/Login and also set Csrf-Token in header too.

When I got this error, the HttpResponse has following header.


    CitrixWebReceiver-Authenticate, value = reason="notoken", location="Authentication/GetAuthMethods"


And also the header has new value for csrf, asp session.

I hope someone has a clue for this problem.









Link to comment
Share on other sites

  • 1 month later...
  • 1 year later...


This topic is now archived and is closed to further replies.

  • Create New...