citrix techedge 2014 - understanding and troubleshooting authentication flow in xm enterprise...
DESCRIPTION
This session will cover how Worx home user authentication and communication flow works and what tools can be used for troubleshooting common authentication issues. What you will learn - XenMobile Enterprise authentication flow - How Single Sign-on works between NetScaler Gateway and App Controller - How "Step up" authentication works for WorxMail and WorxWebTRANSCRIPT
![Page 1: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/1.jpg)
© 2014 Citrix. Confidential.1
TechEdge 2014
![Page 2: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/2.jpg)
© 2014 Citrix. Confidential.2
How to protect against Top Web Security Issues
with NetScaler
![Page 3: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/3.jpg)
© 2014 Citrix. Confidential.3
OWASPwww.owasp.org
![Page 4: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/4.jpg)
© 2014 Citrix. Confidential.4
TopWeb Application Security Vulnerabilities
![Page 5: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/5.jpg)
© 2014 Citrix. Confidential.5
The world’s most advanced cloud networking platform
![Page 6: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/6.jpg)
© 2014 Citrix. Confidential.6
![Page 7: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/7.jpg)
© 2014 Citrix. Confidential.7
![Page 8: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/8.jpg)
© 2014 Citrix. Confidential.8
#1 Injection
![Page 9: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/9.jpg)
© 2014 Citrix. Confidential.9
Injection Preventions
Signatures
![Page 10: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/10.jpg)
© 2014 Citrix. Confidential.10
#2 Authentication/Session Management
![Page 11: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/11.jpg)
© 2014 Citrix. Confidential.11
AAA
Cookie Protections
SSL/TLS
![Page 12: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/12.jpg)
© 2014 Citrix. Confidential.12
#3 Cross-Site Scripting
![Page 13: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/13.jpg)
© 2014 Citrix. Confidential.13
XSSXSS Preventions
Signatures
![Page 14: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/14.jpg)
© 2014 Citrix. Confidential.14
#4 Insecure Direct Object References#5 Security Misconfiguration#6 Sensitive Data Exposure#7 Missing Function Level Access Control#8 Cross-site Request Forgery (CSRF)#9 Using vulnerable components#10 Unvalidated Redirects and Forwards
![Page 15: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/15.jpg)
© 2014 Citrix. Confidential.15
Feedback
Please tweet about this session
#SYN607 and #CitrixSynergy
Andrew @NStipster
Lucas @NS_Informer
NetScaler @netscaler
![Page 16: Citrix TechEdge 2014 - Understanding and Troubleshooting Authentication Flow in XM Enterprise Edition](https://reader034.vdocuments.mx/reader034/viewer/2022051323/54b772814a7959df648b457c/html5/thumbnails/16.jpg)
© 2014 Citrix. Confidential.16
WORK BETTER. LIVE BETTER.