Question on XML Broker and Web Interface


Our environment is PS 4.5 on Windows 2003. We have a Web Interface and several PS 4.5 servers.

From what I understand from reading, the process of someone connecting to the farm is:

1. Access Web Interface URL and authenticate
2. WI will contact the XML Broker service to determine which apps the user has permissions to see
3. The XML broker queries the Datastore for this information
4. When the user selects an app, an ICA file is sent to the user
5. Client downloads ICA file and creates an ICA connection

I had some questions on this process I was hoping someone could help me with:

a) When the WI contacts the XML Broker service, I understand that this service can run on any server in the farm, although it can be prioritised. Is this correct?

b) If the WI was held in a DMZ and the PS servers in a LAN, is there any way to restrict which servers the WI can query the XML Broker service on

c) When the ICA file is sent to the user once they decide on an application they want, which server is this ICA file actually sent from?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

A. Since Citrix 4.0, you can use any XenApp server as an XML broker as long as the WI can contact it.  I say "can contact it" because WI's can be in a DMZ and the XenApp servers can be on the intranet so you need ports open from WI to XMLs.  As for prioritized, I don't believe so from a WI.  It can be load balanced, so you specify 2+ XML brokers in the WI and it will load balance between them and if 1+ become available it won't try that XML server again for a specificied amount of time.
B.  Yes, in the WI you can specify which servers will act as XML brokers.
C. The ICA file (launch.ica) is sent from the WI they contacted.
So, (and you stated most of this):
1. User contacts WI (directly or hits load balancer) via port 80 or 443 (depending on what you have configured) and authenticates).
2. Credentials are sent from WI to XML broker (XML brokers you specified and are load balanced).
3. XML broker verifies cerdentials with Active Directory and on success queries the ZDC for the applications the user has access to.
4. The XML broker sends the available applications to the WI and the WI displays the applications to the user.
5. Once the user clicks on the application, the WI sends that request to the XML broker and the XML broker queries the ZDC to see what server they should be directed to.
6. Once it has that information, it sends the ICA file to the WI and the WI forwards that onto the user.
7. User receives the ICA file and the local client launches using the settings in the ICA file.
Let me know if you have questions...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Carl WebsterCommented:
How the Web Interface works with pictures:

a) Any XenApp server with the XenApp component installed can be used as the XML Broker.  Preferred is to use the server acting as your zone data collector.

i.e. A server with just Web Interface or just Citrix Secure gateway or just CSG/WI installed, cannot be an XML Broker.

b) Yes, the same as in "a".  Just enter the server or servers with XenApp installed that you want to use.

c) The ica file is delivered from the WI server the user connected to.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.