Page History

Create a Logon Procedure for ADC Citrix Gateway

...

10.Repeat step 7-9 to add more logon steps if desired, e.g. One-Time Password.

...

7. Select Single Sign-on Server

Image Modified

8. Click Save

...

If configured correctly all the tests should pass, as below.

Image Added

2. Click Create

Image Added

3. In the SSO Server field, select your DualShield SSO server from the list

4. In the Name field, enter the name for the Service Provider to be created

5. In the Type field, select SAML 2.0

Image Added

Click on Create Metadata
In the "Metadata" box, enter the metadata* of the service provider to be created.

Image Added

Use the template below to create the metadata. Change the value of the "entityID" and "Location" attributes (highlighted in red) to the FQDN of your Citrix Gateway Virtual Server.
<?xml version="1.0" encoding="UTF-8" ?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://citrix.gateway.com^{Image Added}">
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://citrix.gateway.com/cgi/samlauth" index="0" isDefault="true">
</AssertionConsumerService>
</SPSSODescriptor>
</EntityDescriptor>
Click Save.

Image Added

Image Added

On the Attributes builder specify Location as HTTP Body and enter a name for this attribute. In this case I have used the name loginName .

Image Added

Image Added

Select the identity source that will be used and select Login Name from the Maps to drop down list:

Image Added

Click Save
Click Save again
Repeat steps 10 & 11 but this time name the attribute passwd
Copy this syntax clearPassword.encodeAsBase64() and paste it into the Maps To field Image Added

Image Added