Cannot single sign on to Citrix WebInterface server using iChain 2.3

(Last modified: 14Jun2004)

This document (10093238) is provided subject to the disclaimer at the end of this document.

fact

iChain 2.3

Citrix Metaframe Server for XP Feature Release 3

Citrix installed with NDS integration

Citrix services rnning on IIS

symptom

Cannot single sign on to Citrix WebInterface server using iChain 2.3

Logging out of iChain causes Citrix SSO information to be lost

fix

When Citrix is setup with NDS integration, a citrix cookie takes care of the NDS context right after we log into WebInterface/NFuse for the first time . This implies that the user has to log in once into the NFuse login page before that the SSO is able to kick in. This is the way the Citrix interafce into NDS is designed to work. When this happens, and the cookies get deleted or the user moves to another workstation where no cookie is set, then the SSO will fail. To work around this issue, one could do the following (it requires changing code on the Web Interface server and I am not sure whether Citrix will support these changes). Since it involves deleting some spaces, it will hopefully not be an issue.

The problem lies in the HTML code for the context field, where a blanc space is added before the default value:

<!-- <tr><td colspan='2'>&nbsp;</td><td><select NAME='context'
class='loginEntries' onFocus='focus_UPD(this.form);'><option selected>
 [Find Context]</select></td></tr> -->

HTML comments have been added to show the code in a HTML enabled mail-reader. You will notice that right in front of "Find Context" there is a blanc space. iChain converts this space into a "+", resulting in a faulty URL and faulty login info.

 The following file in the Web Interface server generates the login page:

c:\Inetpub\wwwroot\Citrix\MetaFrameXP\site\include\serverscripts\CHTMLLogin.vbs

The section of the file that causes the error is shown below:

Response.Write "<select NAME='context' class='loginEntries'
onFocus='focus_UPD(this.form);'>"
If Len(page.contextOne) > 0 Then
Response.Write "<option selected> " &
page.contextOne
Response.Write "<option> " &
gPropKey.getStaticString("lookupContextString")
Else
Response.Write "<option selected> " &
gPropKey.getStaticString("lookupContextString")
End If
Response.Write "</select>"
End If

Changing this code (with the blanc spaces deleted right after the different field options - option selected and option), to the following will make things work fine:

Response.Write "<select NAME='context' class='loginEntries'
onFocus='focus_UPD(this.form);'>"
If Len(page.contextOne) > 0 Then
Response.Write "<option selected>" &
page.contextOne
Response.Write "<option>" &
gPropKey.getStaticString("lookupContextString")
Else
Response.Write "<option selected>" &
gPropKey.getStaticString("lookupContextString")
End If
Response.Write "</select>"
End If

document

Document Title:	Cannot single sign on to Citrix WebInterface server using iChain 2.3
Document ID:	10093238
Solution ID:	NOVL97324
Creation Date:	14Jun2004
Modified Date:	14Jun2004
Novell Product Class:	iChain

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.