This is where the earlier mentioned authentication token actually is built/generated - by default the StoreFront Authentication Service will take care of this.The authentication details will then be send to the StoreFront Authentication Service, which is similar to the Authentication Service of the NetScaler mentioned earlier. Next the user session and the user authentication credentials get redirected to StoreFront (based upon the configured Session Policy) where it will perform a call-back to the NetScaler (Gateway Virtual Server) that handled authentication to validate the user in the first place.Once authenticated, the NetScaler will assign a session cookie (note that it does not built/assign the authentication token as part of the initial authentication process), which will be used for any potential subsequent client requests.
Like StoreFront, the NetScaler has its own Authentication Service. This could also involve two-factor/RADIUS authentication, which is basically considered a must have/minimum these days. 636 (SSL) based upon the configured Authentication Policy. * Eventually the NetScaler will authenticate the user credentials (session ticket) against Active Directory, preferably using TCP port Nr.nFactor authentication could be configured (optional as of NetScaler 11.0 build 62.x and onwards). During the login/authentication process an EPA (End Point Analyses) scan might be performed as part of a SmartAccess/SmartControl policy, for example, or NetScaler multi-Factor a.k.a.Check the (red) link for some more detailed information around Beacons and the discovery process. Citrix Receiver uses so called Beacons to determine if a connection is internal or external and handles it accordingly. A locally installed Citrix Receiver can also be used to establish a direct connection to the NetScaler Gateway. Here he or she will fill in his or her username and password. A user opens up a web browser and connects to the external URL of the NetScaler Gateway (preferably using SSL over port Nr.While I have written about the login, enumeration and launch processes before, again I managed to include a couple of subtle changes/details. Not only is it interesting and fun (right?) to know what is going on underneath the hood once you fill in your user credentials, it can also be very helpful when it comes to troubleshooting certain issues.
This continues to be a topic of interest.