I thought that at first, but it is allowing some cookies - if it blocked all cookies you'd get a different message in WI. From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Greenberg Sent: 11 February 2008 02:48 To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: WI 4.6 - workspace control question I don't know anything about the Juniper but it seems to me that it is blocking the cookies. If it has a setting to allow cookies or even a session property such as persistence, see if it lets you set cookies to be on and/or identify the session by cookies... Steve Greenberg Thin Client Computing 34522 N. Scottsdale Rd D8453 Scottsdale, AZ 85266 (602) 432-8649 www.thinclient.net steveg@xxxxxxxxxxxxxx _____ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew Wood Sent: Sunday, February 10, 2008 4:20 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] WI 4.6 - workspace control question I've got a 4.6 site with workspace control enabled. If I log on to the site directly workspace control works just fine as configured - I see a reconnect and disconnect button; pressing the logoff button gracefully terminates all launched published applications. Dandy. I have to enable connection to the site using a Juniper IVE 4000. If I configure simple pass through (i.e. simply present the website via the IVE) then workspace control is available and works as expected. However, if I configure the IVE for Single-Sign-On using the Forms/POST method, the reconnect/disconnect buttons disappear and the logoff operates as if workspace control is disabled. Looking through the debugs, I think the problem is rooted in cookies not being presented properly in the form based SSO. I can see the code attached to the buttons is looking for session information. Essentially, when you log on to the auth/login.aspx site (without SSO) you get a number of cookies saved e.g. WIClientInfo: Cookies_On=true&icaIsPassThrough=3&icaScreenResolution=1400x1050&clientConnS ecure=true WINGSession: icaScreenResolution=1400x1050&icaIsPassThrough=3 WINGDevice: NFuse_ClientName=WI_kw8D8f_OThh3GSeiQ And when you sign-on (without SSO): The cookies presented are: WIAuthId: 071D1A7C2521B0DFCE17CAD399067CA3 WINGSession: icaScreenResolution=1400x1050&NFuse_LogonType=Explicit&clientConnSecure=true &icaIsPassThrough=3 WINGDevice: NFuse_ClientName=WI_kw8D8f_OThh3GSeiQ You are then authenticated and directed to: site/default.aspx. Does anyone have a breakdown of where the cookies are initialized and presented as for the life of me I can't see for looking? I think that the POST form submittal process is being intercepted too early, so the form submission is going by without the cookie values being initialized. From testing the WIAuthID doesn't seem to be being created. I'm thinking I should create a dummy page that does the initialization and then does a redirect to the login page which would then be picked up by the IVE? tia. Andrew Gilwood CS Ltd Registered Office : Mount Ashbrooke, Holmland Buildings, Tunstall Road, Sunderland, UK, SR2 7RR. No. 6099397 England