| Citrix Releases ADFS Support For Presentation Server |
| Wednesday, 12 July 2006 by Michel Roth | |||
|
Citrix recently released some updated code for Presentation Server 4.0 that lets Web Interface authenticate users via Active Directory Federation Services (ADFS). In a nutshell, ADFS lets an administrator share users’ identity information outside of their organization. Multiple organizations become part of a “federated system” with each organization having its own back-end security and identity technologies. The federated language standards describe an XML-based standard the two systems can use to communicate with each other. This would mean that you would be able to use your own account to access brianmadden domain resources. In a way this is similar to setting up a Windows domain trust relationship, except that it operates at the individual account level and doesn’t have the same security problems / requirements of setting up a domain trust. Federation is more like an open single sign on solution that works across the Internet and between systems from different vendors. Using pure Windows, ADFS can only be used to provide federated access to web applications. However, Citrix Presentation Server lets you extend this to any Windows application via ICA. To do this, you need two components from Citrix: • Hotfix PSE400R01W2K3051 for your Presentation Server(s). This hotfix requires the Hotfix Rollup Package 1 (HRP1) for PS4.) • A special version of Web Interface that has ADFS support. This is available for free from MyCitrix. It’s a unique version of WI that does not support other, non-ADFS authentication methods. The next release of WI will have ADFS authentication integrated into the full WI package. ADFS support was originally on the roadmap for the “Ohio” release of Presentation Server (estimated 4Q 2006), but Citrix made this code available today for people who need it ASAP. They’ve also created a dedicated WI+ADFS support forum on citrix.com. Read more here.
Show/Hide comment form
 |
|||
