Smart Card Authentication to Citrix StoreFront Using F5 Access Policy Manager

Before I get started into discussing the solution in the title, I wanted to preface it with a little background. Prior to June 2020, I had never had any interaction or integration experience with Cit...
Published Jul 13, 2020
Version 1.0
application delivery
BIG-IP Access Policy Manager (APM)
storefront
Steve_Lyons's avatar
Ret. Employee
My name is Steve Lyons and I reside in Tampa, FL with my 3 children, wife and Frenchie. We live the typical Florida life of swimming, fishing, boating, and BBQ. I started my F5 journey as a customer in 2009 where I was first introduced to it as a "load balancer." I have since deployed and maintained all modules realizing the BIG-IP is so much more. I joined F5 in 2015 where I have made it a personal mission to educate as many people as I can so they too can take advantage of the tremendous potential of the BIG-IP.
View Profile
Steve_Lyons's avatar
Ret. Employee
My name is Steve Lyons and I reside in Tampa, FL with my 3 children, wife and Frenchie. We live the typical Florida life of swimming, fishing, boating, and BBQ. I started my F5 journey as a customer in 2009 where I was first introduced to it as a "load balancer." I have since deployed and maintained all modules realizing the BIG-IP is so much more. I joined F5 in 2015 where I have made it a personal mission to educate as many people as I can so they too can take advantage of the tremendous potential of the BIG-IP.
View Profile
Mattias_Jansso1's avatar
Mattias_Jansso1
Icon for Nimbostratus rankNimbostratus
Sep 11, 2020

Yes, that was in the beginning of our labs. It seems like the browser knows the client detection state already.

In my world the authentication method proposed from the storefront server should be negotiate (kerberos) so that the kerberos delegation should kick in. But this is all very confusing.

I think we will take this with Citrix support and then contact F5 support for assistance