eG Help

The Security Assertion Markup Language (SAML) is an XML-based standard for exchanging authentication and authorization between Identity Providers (IdP) and Service Providers. Users authenticate to a SAML Identity Provider and are automatically logged on when they access their stores. SAML authentication enables the users to directly log into the corporate network, without the need to go through Citrix Gateway everytime. With the integration of SAML authentication through StoreFront, administrators can allow users to, for example, log on once to the corporate network and then get single sign-on to the published apps. The authentication requests from users are sent as security tokens to the Citrix Gateway. The Citrix Gateway acts as a service provider when the SAML authentication is chosen as one of the methods to authorize the StoreFront users. The security tokens are serialized before sending them to the target StoreFront for authorization so as to prevent user details from being stolen. Then, the serialized tokens are deserialized at the target StoreFront server to authorize the users to access the published applications. If a significant delay occurs during serialization and/or deserialization of security tokens, users will experience delay when logging into the StoreFront server. This will degrade the user experience with the StoreFront server. To prevent such unpleasant events, administrators should continuously track how quickly the serialization and deserialization calls are serviced by the target StoreFront server. For this purpose, administrators can use the CtxSFSamlTokenTest test.

Using this test, administrators can determine how quickly the serialization and deserialization calls were serviced. In addition, the time taken for serializing and deserializing the security tokens can also be measured. These metrics will help the administrators to find out where exactly the user authentication process is delayed-is it during serialization? or during deserialization?

Outputs of the test : One set of results for the Citrix Storefront server being monitored.

Measurement	Description	Measurement Unit	Interpretation
Token_Serialize_Calls	Indicates the number of serialization calls processed by the target StoreFront server per second.	Calls/sec
Token_Serialize_Avg_Time	Indicates the average time taken by the target StoreFront server to process the serialization calls.	Secs	A low value is preferred for this measure.
Token_Deserialize_Calls	Indicates the number of deserialization calls processed by the target StoreFront server per second.	Calls/sec
Token_Deserial_AvgTime	Indicates the average time taken by the target StoreFront server to process the deserialization calls.	Secs	A low value is preferred for this measure.