WI 5.1.1 passthrough behind CAG 4.5.6 Std, in the Advanced Access Control / Citrix Access Gateway forum on BrianMadden.com

Currently a customer has a CAG passing through to a WI 4.6 site.  I have built a new WI 5.1.1 server and am trying to get passthrough auth working from the CAG to the new WI 5.1.1 site.  Currently in the CAG it specifies a WI4.6 site by:

Citrix/AccessPlatform/auth/Login.aspx

I have tried setting it to Citrix/XenApp/auth/Login.aspx but credentials are not passed to the WI site and I am prompted for logon again once the WI site is displayed.  The new 5.1.1 WI site is configured the same as the old 4.6 site, gateway direct and using explicit authentication.

What am I missing here?

Found my answer...

http://support.citrix.com/article/ctx106202

Hi.

I am experiencing the same issue, but I found that copying over the java file downloaded from this article just destroyed the website configuration. I'm just curious about whether this solution actually worked for you.

Thanks.

 

Yes, I applied the file according to the destructions and things worked just fine for me.  Are you getting an error in WI when you first hit the page now?  If you revert back to the original file are things back to normal?

Thanks for replying to a month old thread.

Yes, that's precisely what happens with our configuration. Using the amended java file breaks the site and users get sent to a page stating that "The system configuration is invalid or unavailable..". Restoring the original file restores the site.

I even upgraded to 5.1.1 from 5.0 just in case the replacement java file for 5.0 was knackered, but see the same behaviour. It's frustrating that pass-through authentication doesn't work out of the box between CAG and WI.

Alasdair

And you are sure you are using the proper file that matches your version of WI?

If you upgrade to CAG 4.6, you no longer have to replace the java file in Web Interface.  Instead, you are required to put in the call back URL when configurating your Web Interface site (similar to configuring Single Sign-On with the Access Gateway Enterprise Edition). You'll see more about this CTX120735 starting on pg 35.

Thanks for the tip. I'll perform the upgrade to the CAG and take it from there.

Success. Upgrading the CAG to 4.6 allowed me to configure pass-through authentication to a WI 5.1.1 site as per the document in CTX120735. This is much nicer for our users.

I wont go into the pain involved in the CAG update, that's another story. Thanks very much to you both for your help on this problem.

-
Alasdair