DEV Community

amalkabraham001
amalkabraham001

Posted on

Step-by-Step Guide to Publish Internal SaaS Applications via Citrix Secure Private Access

In this blog we are going to discuss about how to leverage Citrix Secure private access service to enable ZTNA features for SaaS/Web Applications without the need for VPN or Citrix XenApp Servers.

Publishing Internal SaaS application via Secure Private Access.

Navigate to Citrix Cloud, under my services select “secure private access”.

Image description

In the Secure private access console, click on the Applications tab.

Image description

Click on “Add an App” to initiate the application addition process.

Image description

You can either choose the pre-configured templates like deploying OWA, Service now etc. Else you can click on “Skip” to skip the templates.

Image description

Image description
In the “App details" section select the “where is the application located?” as “Inside my corporate network”.
Provide the App name, description, category, the webapp URL and also the domain name which will be used for DNS resolution. For example, if I am publishing http://mymail.amalcloud.xyz, then make sure amalcloud.xyz is configured in the related domains for DNS resolution.

Image description

Image description

You can also change the app icon, option to set the app as a favorite in the workspace app.
You can configure the authentication type in the “single sign on” section. You can use SAML, Kerberos and other authentication modes for the application to authenticate. For this blog, I am skipping the authentication and select “Don’t use SSO”.

Image description

In the “app connectivity” section, you can specify how the connectivity to the app will happen. As we are publishing internal websites, you need to select the connection type as “Internal via Connector” and provide the resource location. It is mandatory to deploy Citrix Connector appliance for making the internal websites work as the web traffic will traverse via the connector appliance to the app server.

Image description

Click Finish to complete the app publishing.

Image description

Creating the Access policies

Just by creating the app publishing, the application will not be accessed or assigned to any users. For publishing an application to the end users/groups, we need to create access policies in the Secure private access portal.

Image description
To create the access policies, click on “access policies” in the left pane and click on “Create policy”.

Image description

In the Create policy wizard, provide the policy name, description, and select the applications to be part of the rules and Click Save.

Image description

Image description

Under the policy rules, click on “create rule” to create the access policy rule. This is the place where we are publishing the application to specific end users/groups.

Image description

In the Create new rule wizard, provide the rule name and description and click Next.

Image description

In the conditions tab, select the user* as “matches any of” and select the domain. You need to search for the user/group and click Next.

Image description

Note: - For enabling additional access rules like disabling clipboard, watermark etc. need additional “SPA Advanced” license.
In the “Action” conditions tab, select “allow access” and click next. Review the settings and click finish to create the rule.

Image description
Once the rule is selected, click on save and enable the tick box “enable policy on save” to enable the policy.

Image description
You cannot access web applications via HTML5 as secure private access leverages enterprise browser to securely publish the web application. You will get the below error once you access the web application via HTML5.

Image description

Configure the workspace app using the configuration file which can be downloaded from “Workspace configuration”.

Image description

Image description
You will be able to see the web application in the workspaces client. The web application will open in the enterprise browser part of the workspaces application.

Image description
The application has opened in the enterprise browser.

Image description

Hope this blog is informative to you. Please feel free to share your feedback.

Top comments (0)