Charlie Ting Posted January 21, 2019 Share Posted January 21, 2019 We have a vendor cloud application that leverages the ADFS SSO. I have NetScaler setup as ADFS proxy. Cloud app is Service Provider and ADFS is Identify Provider. I'm encountering an issue where NetScaler AAA-TM vserver doesn't carry the Saml Request in the body. https://www.tech.xenit.se/netscaler-adfs-protected-aaa-handle-saml-post-requests/ This URL seems to fit our scenario. Citrix support came back to me and said NetScaler 11.1 build 56.19 fixed the issue but he can't confirm it on their lab. "If the initial request to the traffic management virtual server is an unauthenticated POST request, the NetScaler appliance configured for NetScaler AAA, disregards the post body" Does anyone experience the same issue, applied the fix and it's addressed? Link to comment Share on other sites More sharing options...
Rasmus Kindberg Posted December 15, 2021 Share Posted December 15, 2021 Hi, I'm the one who wrote the blog article above. From my testing on later Netscaler versions (12.1 and 13.0) it seems Citrix added additional code to handle this scenario but the new code doesn't actually work. The workaround i describe in my blog is still required, from what I can tell. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now