I recently had the pleasure of working on a Citrix 5.0 implementation and I wanted to share a few things that I learned during that setup. As many of you know, there are two deployment guides that have been made available by F5 Networks in regards to setting up Citrix Presentation Server 4.5 in TMOS versions 9.x and 10.x. They are excellent guides and the best thing about them is that you can utilize those guides to assist you in deploying Citrix XenApp 5.0, with a few exceptions of course. Those exceptions are what I will be covering in this tech tip.
Both of the previously mentioned deployment guides discuss editing files on the Citrix farms Web Interface servers so that it looks for the client IP address in the X-Forwarded-For HTTP header. Otherwise, every connection will appear to be originating from the BIG-IP LTM and not from its true IP. After reading both guides and looking at my current environment I was dismayed to find that the files and locations mentioned were no longer valid. I then turned to my top three resources on the web in the search for an answer: AskF5, DevCentral and Google.
I struck out on the first two (which seldom happens) but my Google search did turn up some interesting results on the Citrix Forums. I finally found some code posted by Sam Jacobs back in August 2009 that modifies the way the Citrix farm looks up the client IP address. His method allows for the use of the X-Forwarded-For header.
The first file that you will want to find and edit is the Include.java file. You will want to locate and change this file on every Web Interface XenApp server in the farm. Speaking from experience, save a copy of the original file to a safe location such as your desktop or flash drive. DO NOT copy the file and rename the original to Include.old and leave it on the server. It may sound crazy, but doing that will not work. I’m not a programmer, so I cannot tell you why that will not work, but I can tell you I know for a fact it will not. That being said, here is the file path for the Include.java file:
“\Inetpub\wwwroot\Citrix\XenApp\app_code\PagesJava\com\citrix\wi\pageutils\Include.java”
Now that you have found the file, open it up with a text editor (I use Textpad) and find the Java routine named “getClientAddress”. Replace the code for that routine with the code listed below.
public static String getClientAddress(WIContext wiContext) {
String ageClientAddress = AGEUtilities.getAGEClientIPAddress(wiContext);
String userIPAddress = wiContext.getWebAbstraction().getRequestHeader("X-FORWARDED-FOR");
if (userIPAddress == null) {
userIPAddress = wiContext.getWebAbstraction().getUserHostAddress();
}
return (ageClientAddress != null ? ageClientAddress : userIPAddress);
}
Save the file and wash/rinse/repeat this step on every Web Interface server in the farm. The next thing that you will want to do is to modify the login page so that it displays the client IP address being obtained from the X-Forwarded-For header. The file you will want to edit is called “loginView.ascx” and can be found in the following file path on your Web Interface Servers:
”\inetpub\wwwroot\Citrix\XenApp\app_data\include\loginView.ascx”
The code you will want to add is:
Client IP: <%= com.citrix.wi.pageutils.Include.getClientAddress(wiContext) %>
I added the code directly below the LoginPageControl viewControl line and it works well for me. Save the file and repeat this step on every Web Interface server in the farm and reboot each Web Interface Server after you are done.
That’s it! Well, you do have to complete the other setup steps listed in the deployment guide that you are using, but after that your farm will be ready for business! I am aiming to develop some custom monitors for the Web Interface Server and for the XML Broker Servers over the next few weeks. Once I have those done I will put them out in the forums for the community enjoy.
-naladar