Forum Discussion

Dusty_Camp's avatar
Icon for Altocumulus rankAltocumulus
Jan 25, 2024

Citrix Storefront with Chromebook Receiver App

Hey, everyone. I'm slamming my head against a wall on this one. I have Citrix Storefront deployed through the iApp f5.citrix_vdi.v2.4.6. It's been a nightmare getting it to work with my environment, but I have it mostly working. Everything works flawlessly through the Citrix Receiver app and through a browser for Windows and Mac machines. For Chromebooks it only works through a browser. I've isolated this down to the iRule that is created in the iApp, which I will post below. 

The entire iRule is dependent upon discovering the client type that starts with "citrix," but for some unknown, ridiculous reason the Chromebook Citrix Workspace application comes in with a client type of "none." I've tried modifying the rule to recognize "none" and even just a blank string of "" but it doesn't seem to work. The iRule is responsible for the storename URI redirect or placement and it also keeps track of the session to avoid random logouts. The only reason I know that last part is if I remove this rule and add a rule that just redirects all requests to the URI of /Citrix/MYSTORENAME I am able to login on the Chromebook app but it times out after 20 minutes and kicks me off even if I'm actively doing something in the session. Any thoughts on how I can get this thing to recognize the ChromeOS Citrix app? 


    set citrix_logout 0
    set type [ACCESS::session data get session.client.type]
    if { !($type starts_with "citrix") } {
        set storeWebName "/Citrix/MYSTORENAME/"
        set http_uri [HTTP::uri]
        if { $http_uri == "/cgi/logout" } {
            if { "ACCESS::session remove" != "" } {
               ACCESS::respond 302 Location /vdesk/hangup.php3
            } else {
               ACCESS::respond 200 content "Logoff is successful.\r\n" Connection close
        if { $http_uri == "/" || ($citrix_logout eq 0 && $http_uri ends_with "login.aspx") } {
            log local0. "For [HTTP::uri] Redirecting to $storeWebName"
            ACCESS::respond 302 Location "https://[HTTP::host]$storeWebName"
        } elseif { $http_uri contains "Logoff" } {
            set citrix_logout 1
        } elseif { $citrix_logout eq 1 && $http_uri ends_with "login.aspx" } {
            set citrix_logout 0
            ACCESS::respond 200 content "Logged out\r\n" Connection close
            ACCESS::session remove

5 Replies

  • I believe ChromeOS apps are interpreted javascript via Webkit, so they rely on the browser to do all of the network calls. Since this use case on APM relies (as you've found) on user-agent to figure out if the client is citrix or a browser, it won't work as intended because the citrix app and the browser's requests look the same to the server. 

    Google has basically deprecated native ChromeOS apps though. I wonder if you could use the Android version, as mentioned in this Citrix blog post from a few years ago:



    • Dusty_Camp's avatar
      Icon for Altocumulus rankAltocumulus

      I didn't get a notification on this response so I apologize about the late reply from me. Interesting to hear that about Google and native ChromeOS apps. I honestly don't understand why we're using the app anyway. It literally looks the exact same as the browser. Same exact experience so what's the point? 

      What I find really odd is that this all works through a Netscaler just fine. I've reviewed the configs and it's not doing anything differently than me. Identifying the session's client type and then applying rules based on that. The Netscaler basically treats the Chromebook app like a browser. I do that same thing and it doesn't work. The only issue I have left is the 20 minute timeout, which I just realized is happening in a browser as well. Makes sense because I'm treating the ChromeOS app and a browser the same way. 

    • Dusty_Camp's avatar
      Icon for Altocumulus rankAltocumulus

      Also, I think Google must have changed their mind on native ChromeOS apps because this one we're running was released in December of 2023. I wish that weren't the case though!

      • Lucas_Thompson's avatar
        Icon for Employee rankEmployee

        Sounds like it's probably time to make a support ticket. The support engineering teams should be able to characterize the issue.

  • I ended up fixing this with some alternative solutions. The Chromebook JSON file has a predefined URL in it that is pushed out to our machines automatically. To fix the initial login issue I just had the JSON file updated to include the full URI /citrix/mycompanyworkspace. Then to fix the timeout issue I had to change the idle timeout on Storefront. I could have just used the option in the iApp to NOT remove all sessions when logged off, but I thought that was a bit silly. If Citrix times out and says you're no longer authenticated I don't want a session to remain open in another window. Now, both windows stay open.