Appendix 3: Add enhanced request support to Netscaler
  • 02 Aug 2019
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Appendix 3: Add enhanced request support to Netscaler

  • Dark
    Light
  • PDF

Enhanced request

If the user is not yet authenticated, while Netscaler is configured to handle the authentication, then the first enhanced launch will fail. This is as Netscaler will not redirect the user back to the StoreFront deep link after authentication, and the user will be shown the store portal.

To fix this, an additional policy must be configured on the Netscaler to allow the custom scripts.js to read the contents of the NSC_TASS cookie which contain the original request url. Follow the following steps to add the rewrite policy:

On the Netscaler, navigate to the virtual server that is hosting the Citrix StoreFront. There on the bottom of the overview page, add a policy with the policy type “Rewrite” / “Response”.

add enhanced-1

Click on the “Add” button behind the select policy combo box, use the following information:
• Name: ENHANCED_REQUEST_POLICY
• Expression: HTTP.REQ.COOKIE.VALUE("NSC_TASS").LENGTH > 1

Click on the “Add” button behind the Action and fill in the following information:

add enhanced-2

• Name: ENHANCED_REQUEST_ACTION
• Type: INSERT_HTTP_HEADER
• Header Name: Set-Cookie
• Expression: "ENHANCED_REQUEST=" + HTTP.REQ.COOKIE.VALUE("NSC_TASS") + "; Path=/"
Click after that on the create button to add the new action to the policy. If rewrite is not enabled, a message box will appear that will ask if it should be enabled.

add enhanced-3

Set the "Goto Expression" to "NEXT". Click on the bind button to add the new policy to the virtual server.

add enhanced-4

The NCS_TASS cookie will be set by Netscaler if authentication is required based on the referral. But this only happens when the cookie is not pressent. This will cause issues with sessions that are expired, as the authentication will be redone, but the cookie content will not be updated. To work around this, a new rewrite policy can be added that will remove this cookie after the policy above has copied the contents to the ENHANCED_REQUEST cookie.

On the Netscaler, navigate to the virtual server that is hosting the Citrix StoreFront. There on the bottom of the overview page, add a policy with the policy type “Rewrite” / “Response”.

Click on the “Add” button behind the select policy combo box, use the following information:
• Name: CLEAR_NCS_TASS_POLICY
• Expression: HTTP.REQ.COOKIE.VALUE("NSC_TASS").LENGTH > 1

Click on the “Add” button behind the Action and fill in the following information:

• Name: CLEAR_NCS_TASS_ACTION
• Type: INSERT_HTTP_HEADER
• Header Name: Set-Cookie
• Expression: "NSC_TASS=;HttpOnly;Path=/;Secure;expires=Wednesday, 09-Nov-1999 23:12:40 GMT"
Click after that on the create button to add the new action to the policy.

Make sure the priority is higer then the binding for ENHANCED_REQUEST_POLICY. Set the "Goto Expression" to "NEXT". Click on the bind button to add the new policy to the virtual server.


Was this article helpful?