How Does Web Interface Work
In a Microsoft Windows environment, Web Interface works with Internet Information Services (IIS) to provide users with access to published resources. Users will use a standards based Internet browser or the Citrix Receiver to access their resources.
A Web Interface (WI) server will have one or more XenApp Web sites or XenApp Services sites configured. Each site will be configured for one or more XenApp farms. Each XenApp farm will have one or more XML Brokers listed to handle user authentication and resource enumeration. Once a user has been authenticated and selects a published resource, the Zone Data Collector (DC) is contacted. The DC determine s if the user has an existing session on the server hosting the published resource and if a session exists, that session is reused (called Session Sharing). If the user does not have an existing session, a session is created and the published resource is started.
The XML Broker will also request a session ticket from the Secure Ticket Authority (STA). The STA is responsible for issuing session tickets in response to the request to connect to the published resources. These session tickets form the basis of authentication and authorization for access to the published resources.
A Web Interface server is normally placed in a DMZ; however, it may be placed inside the corporate network. Web Interface requires no XenApp components to be installed. A Web Interface server is not typically a member of a XenApp farm, nor is it typically a member of an Active Directory domain. However, in the smallest of networks, it is possible and common for Web Interface to be deployed on a XenApp farm member and/or on a member of an Active Directory domain.
First, let’s stop, take a step back and review some basics.
|What is a XenApp farm? A XenApp farm is a group of XenApp servers that can be managed as a unit, enabling the administrator to configure features and settings for the entire XenApp farm rather than being required to configure each server individually. All the servers in a farm share a single data store.What is a data store? The data store provides a repository of persistent information about the farm that each server can reference, including the following:
What is a Zone? A Zone is a logical grouping of XenApp servers that share a common zone data collector. Zones allow the efficient collection of dynamic farm information. Each zone in a farm has exactly one data collector. All of the member servers in a particular zone communicate their dynamic information to the data collector for their zone.
What is a zone data collector? A zone data collector is a server that stores and manages dynamic information about the XenApp servers in a zone, including:
The data collector shares this information with all other data collectors in the XenApp farm.
All XenApp servers in the farm use the Independent Management Architecture (IMA) service and protocol in server-to-server communication. IMA also is used by the Access Management Console or the Delivery Services Console or AppCenter (depending on the version of XenApp used) to allow XenApp farm administrators to manage and configure various XenApp farm and server settings.
What is an XML Broker? The Citrix XML Broker functions as an intermediary between the XenApp servers in the XenApp farm and the Web Interface. When a user authenticates to the Web Interface, the XML Broker:
The XML Broker is a function of the Citrix XML Service. By default, the XML Service is installed on every server during the XenApp installation process. Multiple XenApp servers can have their XML Service specified in Web Interface to allow those servers to function as a XML Broker. The XML Service on the other farm servers still runs but is not used for servicing end-user connections.
The Secure Ticket Authority is also installed on every XenApp server.
For most small to medium sized XenApp farms, one XenApp server is dedicated to be the Zone Data Collector, XML Broker and STA server. In some large XenApp farms, it may be necessary to dedicate a XenApp server for each of the three roles.
Dedicating a XenApp server for each role is easy to do. You would have three XenApp servers with no end-user applications installed. In the Zone settings for the farm, you would configure one of the servers as the Most Preferred data collector and the other two as Preferred data collectors. The server to be dedicated as the XML Broker would only be used when an XML Broker needs to be entered. The server to be dedicated as the STA server would only be used when an STA server needs to be entered.
Figure 1 illustrates the interaction between Web Interface and other servers in a XenApp farm.
Figure 2 shows some of the steps involved in the Web Interface process.