login about faq

Hi,

I have Citrix XenApp 6.0 and I want to use two factor authentication with MobileID when using Citrix Web Interface. How do I configure it?

asked Nov 08 '11 at 11:08

anttisa's gravatar image

anttisa ♦
106252627


1) Launch Citrix Web Interface Management and expand: Citrix Web Interface –> XenApp Web Sites

2) Choose your site and click Authentication methods. Enable Explicit and click properties.
Expand Explicit -> Two-Factor Authentication

 Two-factor setting: radius

Click add and type your MobileID server information:

 Server address: <MobileID address>
 Server Port: 1812

3) Now configure shared secret and NAS-ID manually. Edit file web.config. Default location is:
C:/inetpub/wwwroot/Citrix/XenApp/web.config. Edit lines:

    <add key="RADIUS_SECRET_PATH" value="/radius_secret.txt" />
    <add key="RADIUS_NAS_IDENTIFIER" value="<YOUR-NAS-ID>" />

4) Create radius_secret.txt file to folder
C:/inetpub/wwwroot/Citrix/XenApp/conf. File contains just your shared secret:

 <my-shared-secret>

5) Add following script to end of file:
C:/inetpub/wwwroot/Citrix/XenApp/app_data/include/loginMainForm.inc

<script>
function pwd2otp() {
                var otp = document.getElementById('<%=Constants.ID_PASSCODE%>');
                var pwd = document.getElementById('<%=Constants.ID_PASSWORD%>');
                otp.value=pwd.value;
}              
var e = document.getElementById('lblPasscode') 
if(e) {
                if(e.parentNode) {
                                if(e.parentNode.parentNode) {
                                                e.parentNode.parentNode.style.display='none';
                                }
                }
}

var a = document.getElementById('<%=Constants.ID_PASSWORD%>');
if(a) {     
                if(a.addEventListener) {
                                a.addEventListener("keyup",pwd2otp,false);
                }                                                              
                else if(a.attachEvent) {
                                a.attachEvent("onkeyup",pwd2otp);
                }
                else e.onkeyup = pwd2otp;
}
</script>

6) Refresh your Web Interface and test authentication

link

answered Nov 08 '11 at 11:29

anttisa's gravatar image

anttisa ♦
106252627

edited Nov 08 '11 at 11:36

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×55

Asked: Nov 08 '11 at 11:08

Seen: 10,321 times

Last updated: Nov 08 '11 at 11:36

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.