I recently had the pleasure of working on a Citrix 5.0 implementation and I wanted to share a few things that I learned during that setup.  As many of you know, there are two deployment guides that have been made available by F5 Networks in regards to setting up Citrix Presentation Server 4.5 in TMOS versions 9.x and 10.x.  They are excellent guides and the best thing about them is that you can utilize those guides to assist you in deploying Citrix XenApp 5.0, with a few exceptions of course.  Those exceptions are what I will be covering in this tech tip.

Both of the previously mentioned deployment guides discuss editing files on the Citrix farms Web Interface servers so that it looks for the client IP address in the X-Forwarded-For HTTP header.  Otherwise, every connection will appear to be originating from the BIG-IP LTM and not from its true IP.  After reading both guides and looking at my current environment I was dismayed to find that the files and locations mentioned were no longer valid.  I then turned to my top three resources on the web in the search for an answer: AskF5, DevCentral and Google. 

I struck out on the first two (which seldom happens) but my Google search did turn up some interesting results on the Citrix Forums.  I finally found some code posted by Sam Jacobs back in August 2009 that modifies the way the Citrix farm looks up the client IP address.  His method allows for the use of the X-Forwarded-For header.

The first file that you will want to find and edit is the Include.java file.  You will want to locate and change this file on every Web Interface XenApp server in the farm.  Speaking from experience, save a copy of the original file to a safe location such as your desktop or flash drive.  DO NOT copy the file and rename the original to Include.old and leave it on the server.  It may sound crazy, but doing that will not work.  I’m not a programmer, so I cannot tell you why that will not work, but I can tell you I know for a fact it will not.  That being said, here is the file path for the Include.java file:

“\Inetpub\wwwroot\Citrix\XenApp\app_code\PagesJava\com\citrix\wi\pageutils\Include.java”

Now that you have found the file, open it up with a text editor (I use Textpad) and find the Java routine named “getClientAddress”.  Replace the code for that routine with the code listed below.

public static String getClientAddress(WIContext wiContext) {
String ageClientAddress = AGEUtilities.getAGEClientIPAddress(wiContext);
String userIPAddress = wiContext.getWebAbstraction().getRequestHeader("X-FORWARDED-FOR");
if (userIPAddress == null) {
userIPAddress = wiContext.getWebAbstraction().getUserHostAddress();
}
return (ageClientAddress != null ? ageClientAddress : userIPAddress);
}

Save the file and wash/rinse/repeat this step on every Web Interface server in the farm.  The next thing that you will want to do is to modify the login page so that it displays the client IP address being obtained from the X-Forwarded-For header.  The file you will want to edit is called “loginView.ascx” and can be found in the following file path on your Web Interface Servers:

”\inetpub\wwwroot\Citrix\XenApp\app_data\include\loginView.ascx”

The code you will want to add is:

Client IP: <%= com.citrix.wi.pageutils.Include.getClientAddress(wiContext) %>

I added the code directly below the LoginPageControl viewControl line and it works well for me.  Save the file and repeat this step on every Web Interface server in the farm and reboot each Web Interface Server after you are done. 

That’s it!  Well, you do have to complete the other setup steps listed in the deployment guide that you are using, but after that your farm will be ready for business!  I am aiming to develop some custom monitors for the Web Interface Server and for the XML Broker Servers over the next few weeks.  Once I have those done I will put them out in the forums for the community enjoy.

-naladar

Comments on this Article
Comment made 01-Mar-2010 by jlooney3 0
Hello naladar. Thanks very much for the post! I have not tried your suggestions yet but will as time permits. Looks great. -Jim
0
Comment made 10-Mar-2010 by O-Dub-F5-King 0
Thanks for your post mate! I've been hunting for this. I even asked an F5 consultant who came into the office, and it looks like they don't have the healthiest relationships with Citrix so to find code that fixes stuff, is easier said than done. So...nice one! Testing it now.
0
Comment made 10-Mar-2010 by datka1 0
We are in process of deploying WI through F5 , we are trying to assign custom monitors for the Web Interface, i would appreciate if you could post your finding on creating custom F5 monitor for WI.

Thanks
David
0
Comment made 11-Mar-2010 by hoolio 2365
Nice info, naladar!

If you're using the client IP parsed from the X-Forwarded-For header for anything other than reporting, it would make sense to have LTM remove any previous X-Forwarded-For instances by setting the HTTP profile option to: 'Request Header Erase: X-Forwarded-For'.

Aaron
0
Comment made 17-May-2012 by JH 0
Anyone tried this with a 5.4 web interface, or xenapp 6.5?
The moment I edit the include.java file and save we get a down WI.

Internal Error
The Web site is experiencing technical difficulties. We apologize for any inconvenience.
The internal error may only be temporary. Try reconnecting and, if the problem persists, contact your system administrator

A restart doesn't help. There is Citrix article http://support.citrix.com/article/CTX126933
that is no good either.

Already have a ticket open... but the first thing they pointed me to was this artice. At first I thought I might have a backed version of that file.... I didn't.

The best part? You have to "repair site" to get the WI working again... not what that Citirx article says... just WI Manager, maintenance, repair site.
0
Comment made 17-May-2012 by JH 0
Update, So, if you use the include.java code in the Deployment Guide Here:
http://www.f5.com/pdf/deployment-guides/f5-citrix-xenapp-dg.pdf
No luck

If you use the code in this Tip. Yatzee!
C
0