Richard Parmiter

Virtualisation blog and Knowledge Base

  • You are here: 
  • Home
  • Using Web Interface 5.x to send the full UPN username to a RADIUS server

Using Web Interface 5.x to send the full UPN username to a RADIUS server

Posted on September 2nd, 2009

Situation

Web Interface 5.1 (or 5.x)

Two factor authentication server is RADIUS

All user accounts use the full UPN name to login (i.e. user.name@domain.com)

Problem

By default, Web Interface does not send the full UPN username to the RADIUS server, so the two factor authentication fails.

Resolution

The following file needs to be edited to force Web Interface to send the full UPN username to the two factor authentication RADIUS server.

C:\Inetpub\wwwroot\Citrix\RADIUS\app_code\PagesJava\com\citrix\wi\pageutils\TwoFactorAuth.java

The method that requires changing is public static String getUserName(UPNCredentials token, boolean fullyQualified) at line 131

it should be changed to be:

public static String getUserName(UPNCredentials token, boolean fullyQualified) {

/*if (fullyQualified) {

return token.getShortDomain() + “\\” + token.getShortUserName();

} else {

return token.getShortUserName();

}*/

return token.getUserIdentity(); // This returns the full UPN as entered by the user

}

Web inteface 5.1 will now send the full UPN name to the RADIUS server.

References

Previous versions of Web Interface have different files that need to be edited.

Web Interface 3.x

Web Interface 4.x

  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks
  • Add to favorites
  • FriendFeed
  • Google Buzz
  • LinkedIn
  • Live
  • MySpace
  • Reddit
  • RSS

Tags: , , , , , , , ,
Filed under Citrix Web Interface, Scripts/Reg |

Leave a Reply

*