Web Interface Working procedure

In a Microsoft Windows environment, Web Interface works with Internet Information Services
(IIS) to provide users with access to published resources. Users will use a standards based
Internet browser or the Citrix Receiver to access their resources.
A Web Interface (WI) server will have one or more XenApp Web sites or XenApp Services sites
configured. Each site will be configured for one or more XenApp farms. Each XenApp farm will
have one or more XML Brokers listed to handle user authentication and resource enumeration.
Once a user has been authenticated and selects a published resource, the Zone Data Collector
(DC) is contacted. The DC determine s if the user has an existing session on the server hosting
the published resource and if a session exists, that session is reused (called Session Sharing). If
the user does not have an existing session, a session is created and the published resource is
started.
The XML Broker will also request a session ticket from the Secure Ticket Authority (STA). The
STA is responsible for issuing session tickets in response to the request to connect to the
published resources. These session tickets form the basis of authentication and authorization for
access to the published resources.
A Web Interface server is normally placed in a DMZ; however, it may be placed inside the
corporate network. Web Interface requires no XenApp components to be installed. A Web
Interface server is not typically a member of a XenApp farm, nor is it typically a member of an
Active Directory domain. However, in the smallest of networks, it is possible and common for
Web Interface to be deployed on a XenApp farm member and/or on a member of an Active
Directory domain.
First, lets stop, take a step back and review some basics.
What is a XenApp farm? A XenApp farm is a group of XenApp servers that can be
managed as a unit, enabling the administrator to configure features and settings for the
entire XenApp farm rather than being required to configure each server individually. All
the servers in a farm share a single data store.What is a data store? The data store provides
a repository of persistent information about the farm that each server can reference,
including the following:

Farm configuration information,

Published resource configurations,

Server configurations,

XenApp administrator accounts,

Printers,

Printer drivers,

Policies,

Load Evaluators, and

Folders.

What is a Zone? A Zone is a logical grouping of XenApp servers that share a common zone
data collector. Zones allow the efficient collection of dynamic farm information. Each zone
in a farm has exactly one data collector. All of the member servers in a particular zone
communicate their dynamic information to the data collector for their zone.
What is a zone data collector? A zone data collector is a server that stores and manages
dynamic information about the XenApp servers in a zone, including:

Published resource usage,

Server load,

User sessions,

Online servers,

Connected sessions,

Disconnected sessions, and

Load balancing information.

The data collector shares this information with all other data collectors in the XenApp
farm.
All XenApp servers in the farm use the Independent Management Architecture (IMA)
service and protocol in server-to-server communication. IMA also is used by the Access
Management Console or the Delivery Services Console or AppCenter (depending on the
version of XenApp used) to allow XenApp farm administrators to manage and configure
various XenApp farm and server settings.
What is an XML Broker? The Citrix XML Broker functions as an intermediary between the
XenApp servers in the XenApp farm and the Web Interface. When a user authenticates to

the Web Interface, the XML Broker:

Receives the users credentials from the Web Interface and queries the XenApp
farm for a list of published resources that the user has permission to access. The
XML Broker retrieves this application set from the IMA system and returns it to the
Web Interface.

Upon receiving the users request to launch a resource, the DC locates the servers in
the farm that host this application and identifies which of these is the optimal server
to service this connection based on several factors. The DC returns the address of
this server to the Web Interface.

The XML Broker is a function of the Citrix XML Service. By default, the XML Service is
installed on every server during the XenApp installation process. Multiple XenApp servers
can have their XML Service specified in Web Interface to allow those servers to function as
a XML Broker. The XML Service on the other farm servers still runs but is not used for
servicing end-user connections.
The Secure Ticket Authority is also installed on every XenApp server.
For most small to medium sized XenApp farms, one XenApp server is dedicated to be the
Zone Data Collector, XML Broker and STA server. In some large XenApp farms, it may be
necessary to dedicate a XenApp server for each of the three roles.
Dedicating a XenApp server for each role is easy to do. You would have three XenApp
servers with no end-user applications installed. In the Zone settings for the farm, you would
configure one of the servers as the Most Preferred data collector and the other two as
Preferred data collectors. The server to be dedicated as the XML Broker would only be
used when an XML Broker needs to be entered. The server to be dedicated as the STA
server would only be used when an STA server needs to be entered.

Figure 1 illustrates the interaction between Web Interface and other servers in a XenApp farm.

Figure 1
Figure 2 shows some of the steps involved in the Web Interface process.
Figure 2
Step
1

Action
A user connects to a Web Interface server
from any device that has Citrix client
software installed.

The user enters their credentials on the login

page.

The web server reads the users credentials

and forwards the credentials to the Citrix
XML Service on the servers listed in the
server farms.

Graphic

If the users credentials are not valid, return

to Step 2. If the users credentials are valid,
the Citrix XML Service retrieves a list of
resources from the XenApp servers the user
has permission to access. This list of
resources is called the users resource set.
The Citrix XML Services returns the
resource list back to the Web Interface
server.
The Web Interface server builds a custom
HTML web page consisting of the resources
the user has permissions to run.
The user clicks one of the published resource
icons.

The Citrix XML Service locates a server in

the required farm that has an existing session
for the user and the settings for the resource
being launched match the settings for the
resources running in the existing session. If
those conditions match, the Citrix XML
Service requests a session ticket and returns
the servers IP address and session ticket to
the Web Interface server. If those conditions
are not met, the Citrix XML Service requests
a session ticket from the least-busy server
and returns the servers IP address and
session ticket to the Web Interface server.
Web Interface creates a custom launch.ica
file and sends the file to the users Citrix
client.

The Citrix client software receives the file

and initiates a session with the server
specified in the file.

10

The published resource runs on the XenApp

server and is displayed on the end-user
device.