Siddhartha Reddy Posted October 11 Posted October 11 Hi, We have a client who is using CVAD 2203 CU 3 to deliver applications to internal users. Now he is looking to integrate citrix with Accops Hy ID for multi factor authentication. Is it possible to integrate Accops Hy ID or as a SAML solution of Accops with citrix storefront for multi-factor authentication. If it is achievable, pls guide me accordingly. Looking forward for your response and thanks in advance. Regards, Siddhartha.
Michael Adam Posted October 12 Posted October 12 Hello @Siddhartha Reddy, yes, you can use SAML for Authentication on Storefront. A good starting point is here: https://docs.citrix.com/en-us/storefront/current-release/configure-authentication-and-delegation/saml.html The setup is very nice easy. Please keep in mind that a direct StoreFront/VDA Connection is only secure for internal or VPN Connections. For external Connections, you need something like NetScaler. Regards, Michael 1
Siddhartha Reddy Posted October 12 Author Posted October 12 Hello @Michael Adam - ITCMA Thanks for your response. Actually I have already gone through the document. Please correct me if I'm wrong or pls assist me to complete. 1. Need to enable Authentication in StoreFront Store. 2. Need to complete IdP settings. (i) Get the IdP address, Signing Certificate & MetaData from Accops team. (ii) Enter the address, import the signing certificate. 3. Need to take Service Provider settings. (i) Signing certificate, encryption certificate & service provider identifier. (ii) Provide these details to accops team 4....... 5...... Could you please help me to complete further. I really appreciate your patience. Looking forward to your response and thanks in advance. Regards, Siddhartha.
Michael Adam Posted October 12 Posted October 12 Hello @Siddhartha Reddy, on StoreFront that’s all cause it is the SP. The main configuration is made on the IDP - Accops. For configuration it’s best to ask your Accops contact. Best regards, Michael 1
Siddhartha Reddy Posted October 12 Author Posted October 12 Hello @Michael Adam - ITCMA, Thankyou for your response. I"m glad to here that nothing further needed apart from the above points we discussed. I will take care of these and inform the IDP-Accops team to proceed accordingly. I appreciate your assistance. Best Regards, Siddhartha.
Siddhartha Reddy Posted October 14 Author Posted October 14 Hello @Michael Adam - ITCMA, Actually, I have configured the same as per your guidance. After entering SF url in browser, it is redirecting to IdP URL. After entering username & password then getting the following error. Could you please assist to proceed further. Regards, Siddhartha.
Siddhartha Reddy Posted October 14 Author Posted October 14 Hello @Michael Adam - ITCMA, Please note that I have configured SF with http not with https. And I'm not sure that I will mater or not. Could you please help me to complete further. I really appreciate your patience. Looking forward to your response and thanks in advance. Regards, Siddhartha.
Michael Adam Posted October 14 Posted October 14 Hello @Siddhartha Reddy, i think this is a configuration issue on the IDP side. The answer from the IDP to the SP is not working cause of a incorrect verb/method. Methods are PUT, GET, POST, HEAD,... If you use the Storefront-Guide from last week the here you using POST. Cause of that it´s best to configure corresponding values on the IDP side. And it`s important to configure Storefront with HTTPS! Otherwise it will not work - see the Pre-Requirements. Here is an example from Citrix with Storefront/Azure. https://support.citrix.com/s/article/CTX237490-implementing-storefront-saml-with-azure-ad-in-citrix-cloud?language=en_US Best regards, Michael 1
Siddhartha Reddy Posted October 14 Author Posted October 14 Hello @Michael Adam - ITCMA, Thank you for your response. Regards, Siddhartha.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now