Forum Discussion
Cumulonimbusadvanced Storefront Monitor (end-to-end test)
Hi,
we have setup a Storefront VS with the standard monitor as mentioned in the deployment guide. This is working fine, but this only checks if the Logon Page is provided correctly. Now the customer wants a more detailed monitor, which also tries to logon and verifies if this is successful. I checked already how the logon is working with Firefox and Live HTTP Header plugin, but when trying to rebuild this as a monitor I didn't get this working. So my question is, is such kind of test possible and if yes how should the request look like. Or do I need an external monitor with a 2- or 3-step approach?
Thank you!
Ciao Stefan :)
7 Replies
- Matt_Dierick
Employee
Hi Stephan,
Did you use iApp for Citrix XenApp ? In the iApp, there is an advanced monitor for the WebI (should work with the SF).
In this monitor, you specify, FQDN, user, password, apps retrieve.
The iApp does use credentials in the monitor specifically created for the xml broker/DDC server pool; however, the monitor created for the storefront or Web interface servers does not. The monitor for web servers (sf/wi servers) only verifies initial landing page is being returned. While this configuration separately checks each essential service, it does not verify communication from the storefront server to the DDC/XML broker is healthy.
Creating a monitor that verifies storefront Web services along with ddc/xml broker authentication and enumeration services are healthy from a storefront server perspective is going to be a challenge. During initial connection, the storefront server issues cookies and CSRF tokens to identify clients and validate subsequent posts. In order to send an accepted authentication post to the sf servers, the CSRF token and cookie issued by the sf server will need to be captured and included in the post.
- Stefan_Klotz
Hi Matthieu, Greg,
thank you for your quick response. No I didn't used the iApp, but the deployment guide. We also use the mentioned advanced monitor against the XML-Broker pool which is working fine, but we are looking to have such kind of test from a SF perspective.
During initial connection, the storefront server issues cookies and CSRF tokens to identify clients and validate subsequent posts. In order to send an accepted authentication post to the sf servers, the CSRF token and cookie issued by the sf server will need to be captured and included in the post.
This I also had already in mind, means creating an external monitor, which makes an initial request towards the login page and capture the required token/session cookies/headers. Then make a second request with these variables and include the credentials as well.
I was just asking if there is maybe a more easier way available, but seems not. But do you know, which cookies/headers are mandatory for the SF to simulate a successful login?
Thank you!
Ciao Stefan :)
- Stefan_Klotz
Hi again,
please find below an extract from my external monitor script (sorry if the syntax is not optimal, I'm not a bash expert):
Make a request to the Logon Page to get the ASP-SessionID and Csrf-Token Cookie set curl -kfNsg -c /config/monitors/sf-test_cookies.txt -X POST https://[${ip}]/Citrix/storeWeb/Home/Configuration -H "Host: 10.76.208.21" -H "X-Citrix-IsUsingHTTPS: Yes" -H "X-Requested-With: XMLHttpRequest" -H "Cookie: CtxsDeviceId=WR_GLofrvuW4jFhqo7B4" -H "Content-Length: 0" 2>&1 > /dev/null Extract the two IDs from the Cookie file asp_sessionid_line=$(sed -n '5{p;q;}' /config/monitors/sf-test_cookies.txt) csrf_token_line=$(sed -n '6{p;q;}' /config/monitors/sf-test_cookies.txt) asp_sessionid=$(echo "${asp_sessionid_line: -24}") csrf_token=$(echo "${csrf_token_line: -32}") Make the Logon request with the correct IDs curl -kfNsg -X POST https://[${ip}]/Citrix/storeWeb/ExplicitAuth/LoginAttempt -H "Host: 10.76.208.21" -H "X-Citrix-IsUsingHTTPS: Yes" -H "X-Requested-With: XMLHttpRequest" -H "Csrf-Token: ${csrf_token}" -H "Cookie: CtxsDeviceId=WR_GLofrvuW4jFhqo7B4; CsrfToken=${csrf_token}; CtxsPluginAssistantState=Done; ASP.NET_SessionId=${asp_sessionid}" -H "Content-Length: 88" --data "username=domain\username&password=password&loginBtn=Log+On&StateContext="But I'm getting this response:
fail sessiontimeoutAny idea what's still missing or what I'm doing wrong?
Thank you!
Ciao Stefan 🙂
Hi Stefan, I just posted an external monitor for sf here. Note it does not handle app retrieval since published apps are returned as images rather then XML for the storefront servers response. So a healthy response will verify all authentication services are functioning but does not test published application availability.
- Stefan_Klotz
Hi Greg,
well done, thumbs up!!! This monitor is now working for me, I only had to adjust one small thing.
As we are working with route domains, I was adjusting
$http://$node_ip
to
$http://[${node_ip}]
to get this monitor working.
But if I have it correctly in mind from my previous testing there is an URI available, which returns a XML-response including the assigned apps for that user. Isn't that not possible with this script? But as of now this script is much much better than the basic monitor from the deployment guide.
Thank you!
Ciao Stefan :)
- Stefan_Klotz
Hi all,
is someone using this advanced monitor with Storefront version 2.6 and if yes, are there any modifications required?
Thank you!
Ciao Stefan :)
