The user logon workflow (logon process) in StoreFront is different to Web Interface. The detailed description of the logon process is shown in Table 1.
Figure 1
| Step | Web Interface | StoreFront |
|---|---|---|
| 1 | User enters username and password. This is sent to the Web Interface server. | User enters username and password. This is sent to the StoreFront server. |
| 2 | The authentication service of StoreFront fetches the user credentials and validates them with a domain controller. StoreFront servers must reside either within the Active Directory domain containing the user accounts or within a domain that has a trust relationship with the user accounts domain. All the StoreFront servers in a group must reside within the same domain. | |
| 3 | StoreFront checks the data store for existing user subscriptions and stores them in memory. | |
| 4 | Web Interface forwards the user credentials as part of a XML query to XenApp or XenDesktop sequentially. In this case, the credentials are sent to the XenDesktop Controller which is the sole resource configured. | StoreFront forwards the user credentials as part of a XML query to the backend systems, such as XenApp, XenDesktop, App Controller or VDI-in-a-Box sequentially. In this case the credentials are sent to the XenDesktop Controller which is the sole resource configured. |
| 5 | The XenDesktop Controller validates the user credentials with a domain controller. | |
| 6 | After a successful validation the XenDesktop Controller checks which resources have been published to this user within its database. | |
| 7 | The XenDesktop Controller sends an XML response to Web Interface / StoreFront which contains all resources available for the user from the XenDesktop site. | |
| 8 | Web Interface displays the available resources. | StoreFront sends the list of available resources including the existing subscriptions to the Citrix Receiver installed locally or displays them in Receiver for Web. |
| 9 | Now the user can start a resource. | |
Do you know if is possible to use Receiver 4.1 with webinterface?
Thanks,
Riccardo
I tested Receiver 4.1 with webinterface 5.4 and in documentation only this version is mentioned.
I haven’t tried to use it with lower versions.
Hope this helps.
Andrzej
Yes Riccardo, Works fine without any problem, I used Citrix Receiver with web interface 5.4 and lower.
Regards…
Hi,
Any reason why there are 2 times authentication taking place.. Step 2 “The authentication service of StoreFront fetches the user credentials and validates them with a domain controller” Again in step 5 the “xendesktop controller validates the user credentials with the domain controller”.
Any reason behind this?
Thanks,
Koushik
Thanks for reading 🙂
Will check this tomorrow.
Hi Andrzej,
I have been reading your blogs for a long time. I was impressed by your article explaining ” Multistream ICA”.
I am new to Citrix Xenapp 7.6 and trying to understand the work flow. I am a Xenapp admin and have no exposure to Xendesktops. Can you help me please ? I have been searching articles related to it but in vain.
Hi Andrzej,
I have the same question “why there are 2 times authentication taking place.. Step 2 “The authentication service of StoreFront fetches the user credentials and validates them with a domain controller” Again in step 5 the “xendesktop controller validates the user credentials with the domain controller”.
Regards
Rahul
Hi Rahul, the difference between the 2 is this: Storefront takes the user credentials (during initial login) and it’s authentication service communicates with a Domain Controller & AUTHENTICATES it. Once Authenticated, Storefront then passes the information to a Delivery Controller, via an XML query. The Delivery Controller takes this and VERIFIES details with a Domain Controller. This step is Not authentication, as here the policies and membership of the authenticated user is checked and verified. Hope this clears things for you.