SlideShare a Scribd company logo

Citrix Android Receiver Team Discusses Secure Authentication

CodeOps Technologies LLP
CodeOps Technologies LLP

This presentation was made by by Rajneesh Khugsal (Staff Engineer, Citrix) as part of Mobile App Developer meetup on 24th March in BLR. Introduction covers learnings from Citrix Android Receiver team: 1) What is it and Need for it 2) High Level Overview 3) Design Evolution/Learnings & its usefulness for writing advanced apps. "Developing Secure Authentication using Chrome Custom Tabs" part covers: 1) What is the use case of having Third Party SSON and its advantages. 2) Chrome Custom Tabs and how they are beneficial. 3) Hands on to show how we can incorporate Custom Tabs in our existing apps. 4) Chrome Custom Tabs vs WebView. 5) Some precautions while using this approach.

Software
1 of 22
Download to read offline
Citrix Mobile Meet, Bangalore 2018 Rajneesh Khugsal, Android Receiver Team Please Note: Views expressed are author’s alone, and not from Citrix.
Today’s topics : Citrix Android Receiver
Citrix Application/Desktop Virtualization Image from docs.citrix.com
Why Citrix Android Receiver? The need. • One can use other Citrix Receiver on Android to launch sessions, but the advantage Citrix Android Receiver gives is capability to work with client side attached devices in sessions • The user experience is much more native and various form factors have been considered for ease of use • The capability to work with Samsung Dex and Second Displays gives tremendous boost to productivity with enhanced experience
Best Practices • Use Design Pattern/Architectural Patterns like MVP and Clean Architecture to write an application. • Write minimal code in Activity, that too related to UI only, no business case. Best for unit testing. • Use Proguard and AllowBackup=false in Android Manifest • Use annotations liberally, and put guarded fields behind asserts as safety net in Debug Builds • Create instrumented builds as well, they help in code coverage with automation, and don’t hinder release • In Debug Mode config, have StrictMode enabled, so that Main thread can not hog CPU, and remove in release • Material Design UI gives really good designs and guidelines, though a little old, it gives UI professional look • When the need is there to return empty collections, don’t new, rather call (use this pattern for your collections) • Collections.emptyList() , Collections.emptySet(). Try to mimic this behavior for your classes as well. • For OAuth workflows, use AppAuth for Android, rather than implementing from scratch • When having branches in github, remember to use protected branches as well, this lets you control the branch much better without worrying about accidental deletes and changes
Things to avoid • Trying to get around Android Activity Lifecycle by using hacks • Using Open Source libraries that are old and not updated or maintained, if something breaks in the production, you’ll spend a lot of time trying to fix a problem which was not yours in the first place • Writing your own encryption/decryption in an Enterprise app, until you are doing research in this field. Secondly, many government organizations, want apps to be certified to pre defined standards, and custom encryption/decryption, doesn’t fall in this category • Trying to write important code in an Activity’s onDestroy() function. Android doesn’t guarantee it will be called or when it would be called. Once, we were clearing the state of one our Model Repository in onDestroy, and it was being called at the most inappropriate time, and that too in production and never internally
References / Docs / Recommendations • Clean Architecture • https://8thlight.com/blog/uncle-bob/2012/08/13/the-clean-architecture.html • Book - Clean Architecture: A Craftsman's Guide to Software Structure and Design (Robert C. Martin Series) • Citrix Videos on Citrix channel • https://www.youtube.com/citrix • To learn about virtualization and what’s happening • http://www.brianmadden.com/ • https://www.citrix.com/blogs/category/virtualization/ • https://docs.citrix.com/
Today’s topics : Developing Secure Authentication using Chrome Custom Tabs
Third Party SSON and its advantages Architecture OAuth2 Need Difference between OAuth and OAuth2 Chrome Custom Tabs and benefits Custom Tabs Hands on Chrome Custom Tabs vs WebView Precautions References/Docs Questions Aspects Covered
Why all this? The need. • Enterprise/Corporates have many applications that require authentication before the apps can be used. Now logging in again to every app is a tedious thing, Single Sign On (SSO) tries to address that. (Security Assertion Markup Language) SAML is an open standard helps to address SSO • SAML takes care of • Authentication - Determining that the users are who they claim to be • Authorization - Determining if users have the right to access certain systems or content • SAML Provider : Server or other Computer providing/consuming SAML Services • SAML Assertion : Document shared after Authentication and Authorization have been done • Identity Provider : Primary objective is Authentication. E.g. Salesforce, LDAP or Active Directory OAuth OAuth is newer than SAML, developed by Google and Twitter. It was developed in part to compensate for SAML's deficiencies on mobile platforms and is based on JSON rather than XML. OAuth only deals with authorization. OpenID Connect is an even newer standard, developed in 2014, that provides authentication services, and is layered on top of OAuth. OAuth2 is what is supported by Amazon, MS, Facebook, Instagram, Paypal, Google, etc. OAuth is an open-standard authorization protocol that describes how unrelated servers and services can safely allow authenticated access to their assets without actually sharing the initial, single logon credential. In authentication parlance, this is known as secure, third-party, user-agent, delegated authorization.
SAML Workflow Reference: Link
How OAuth Works Let’s assume a user has already signed into one website or service. The user then initiates a feature/transaction that needs to access another unrelated site or service. The following happens (greatly simplified): 1. The first website connects to the second website on behalf of the user, using OAuth, providing the user’s verified identity. 2. The second site generates a one-time token and a one-time secret unique to the transaction and parties involved. 3. The first site gives this token and secret to the initiating user’s client software. 4. Client’s software presents the request token and secret to authorization provider 5. If not already authenticated to the auth provider, the client is asked to do so. 6. After authentication, the client is asked to approve the authorization transaction. 7. The user approves a particular transaction type at the first website. 8. The user is given an approved access token (not a request token). 9. The user gives the approved access token to the first website. 10. The first website passes the access token to second as authentication proof. 11. The second website lets the first access their site on behalf of the user. 12. The user sees a successfully completed transaction occurring. 13. Kerberos, work similarly. OAuth has ability to work across web and wide adoption. Please Note: Diagrams are courtesy https://docs.spring.io/
Key Differences OAuth/OAuth2 OAuth OAuth2 Primary flows for browser based apps More flows to allow better support for non browser apps Requires client apps to have cryptography and security protocols. It is transport independent & a protocol No such need, but depends on HTTPS for security. It is a framework and not protocol. Signatures require special parsing, sorting and encoding Signatures are much less complex Typically, access tokens could be stored for a year The access tokens are ‘short lived’ while refresh tokens could be long life Clean Separation of roles between server responsible for handling auth requests and server handling user authorization Requires client to send two security tokens for each API call, and use both to generate the signature Signatures are not required for the actual API calls once the token has been generated. It has only one security token Please Note: Diagrams are courtesy https://docs.spring.io/
Chrome Custom Tabs and their benefits • Have been designed keeping in mind security, speed and SAML integrations. • In android, support library is present to support on older versions of android going down to 1.6. • Support is present for integration from flow control of Browser to Native App giving a smoother look and feel while transitioning • Native App developers if they use Native Browser its heavy in context in comparison to CCT • Security: the browser uses Google's Safe Browsing to protect the user and the device from dangerous sites • Shared cookie jar and permissions model so users don't have to log in to sites they are already connected to, or re- grant permissions they have already granted • If the user has turned on Data Saver, they will still benefit Please Note: Image courtesy google Link
How to use Chrome Custom Tab in Android App Add Custom Tabs Support Library to Android Project: In build.gradle : dependencies { ... compile 'com.android.support:customtabs:23.3.0' } Opening Chrome Custom Tab Inside any activity : Chrome Custom Tab customizations // Use a CustomTabsIntent.Builder to configure CustomTabsIntent. // Once ready, call CustomTabsIntent.Builder.build() to create a CustomTabsIntent // and launch the desired Url with CustomTabsIntent.launchUrl() String url = ¨https://go.citrix.com/¨; CustomTabsIntent.Builder builder = new CustomTabsIntent.Builder(); CustomTabsIntent customTabsIntent = builder.build(); customTabsIntent.launchUrl(this, Uri.parse(url)); // Set Toolbar Color. builder.setToolbarColor(colorInt); // Set Action Button Image, Description, colorTint and Action. builder.setActionButton(icon, description, pendingIntent, tint); // Set Action Button Image, Description, colorTint and Action. builder.setStartAnimations(this, R.anim.slide_in_right, R.anim.slide_out_left); builder.setExitAnimations(this, R.anim.slide_in_left, R.anim.slide_out_right);
Differences between Chrome Custom Tabs and WebView Chrome Custom Tabs WebView When warming up is used, the speed of launch is much faster for the page because of background load. Speed lower than CCT, as can been seen in demo videos as well Don’t allow direct manipulation of elements using exposed JavaScript Interfaces, so more secure but less flexible. Allows direct manipulation of elements using exposed Java Interfaces, so less secure but more flexible. CCT allows OAuth2 to be easily used for authorization and granting access tokens through redirection field in url. There have been reports where WebView is not allowing OAuth2 to work properly for many customers. Google is not allowing webview to their OAuth2 backed apis. Customizations to the look and feel, leading to better integration with native applications. Color modification, Options Menu and Back Arrow allowed to be modified. Animations for entry and exit are allowed. Such customizations need to be written from scratch as WebView is hosting the content without decorations as such. The customer sees the URL they are reaching, which is not modifiable and hence going somewhere and showing something else doesn’t happen. Such feature is not present. Fake apps could show a different page and show a different URL to the user. All Chrome Custom Tabs internal cookies are maintained by System and not exposed, though shared under system control using shared cookie jar Each WebView has its sets of cookies that are not shared with Browser Tabs and they don’t share state.
Hands on with OAuth2 with AppAuth and google API • Open the link : https://codelabs.developers.google.com/codelabs/appauth-android-codelab/index.html .Step by Step instructions are given how to do the authorization and use google APIs for the user. Its easy but takes a bit of time to get things done. • Some of the things to remember: • Client ID is specific to the app being written and is linked with the app developer’s google account. This is so that Google can be sure, the right application is talking to it and later it can revoke the auth token if needed in future. • For starting one can avoid the Managed Configuration (in above steps) as its not necessary to understand the concept • Two endpoints are used, one for auth endpoint and second for token endpoint. • The redirect uri is of the form • Uri redirectUri = Uri.parse("com.google.codelabs.appauth:/oauth2callback"); • This redirectUri corresponds to the custom scheme registered in the AndroidManifest.xml <activity android:name="net.openid.appauth.RedirectUriReceiverActivity"> <intent-filter> <action android:name="android.intent.action.VIEW"/> <category android:name="android.intent.category.DEFAULT"/> <category android:name="android.intent.category.BROWSABLE"/> <data android:scheme="com.google.codelabs.appauth"/> </intent-filter> </activity>
Hands on with OAuth2 with AppAuth (contd.) Please Note: Image courtesy RFC Link
Precautions • OAuth2 RFC document has been in constant revision for a good time, please keep a track of it to see if new things need to be looked into. Especially in mobile space. • OAuth2 initial writer has recently backed out of the project saying its too complex and its not the way it should have been. This is a good warning. https://hueniverse.com/oauth-2-0-and-the-road-to-hell-8eec45921529 • Facebook, Google have their own OAuth2 implementations which are slightly different so apps need to be written to take care of these deviations when they need integrations • Its still a good practice to use WebView if we are directing user to our own URL in our domain • OAuth vulnerability: Oauth 2 relies on TLS for protection from outside. If Security and SSL are not properly done, it will lead to security exploits so be careful and forewarned. It’s possible for a rogue website to phish a user’s legitimate credentials during the part of the process where the user is being required to authenticate themselves to the authorization provider. For example, a user is using the first service and chooses a feature that forces an OAuth transaction to a second service. It’s possible for the first website to fake the second website, where user authentication is often taking place. The rogue website can then collect the user’s authentication credentials and react as if the OAuth transaction had successfully taken place. This is what happened with Google in 2017 and millions of accounts were phished.
References / Docs / Recommendations • Enterprise SSON with Chrome Custom Tabs • https://www.youtube.com/watch?v=DdQTXrk6YTk • Chrome Custom Tab Videos – How To(s) and details • https://www.youtube.com/watch?v=OMSm9d9eNVU • https://www.youtube.com/watch?v=YeTfOTUxOv4 • https://www.youtube.com/watch?v=QOxIdbNwpx0 • To learn about OAuth2 • https://tools.ietf.org/html/rfc6749 • https://oauth.net/2/ • https://developers.google.com/identity/protocols/OAuth2 • https://www.slideshare.net/aaronpk/an-introduction-to-oauth-2/ • Good Tool shared by google to learn about how OAuth2 needs to be implemented and play around • https://developers.google.com/oauthplayground • Citrix links to SAML integration with customer environments • https://support.citrix.com/article/CTX218175 • https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-9/secure/federated-authentication-service.html
Questions !
Work Better Live Better !

Recommended

UI Unlimited
UI UnlimitedUI Unlimited
UI UnlimitedESUG
 
Cairo Graphics Kit
Cairo Graphics KitCairo Graphics Kit
Cairo Graphics KitESUG
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremioEMC
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOEMC
 
Presentation citrix receiver road
Presentation citrix receiver roadPresentation citrix receiver road
Presentation citrix receiver roadxKinAnx
 
How Citrix Admins can get a Virtual Assistant
How Citrix Admins can get a Virtual AssistantHow Citrix Admins can get a Virtual Assistant
How Citrix Admins can get a Virtual AssistanteG Innovations
 
WVD Partner Event 17 feb 2020 - Citrix Slides
WVD Partner Event 17 feb 2020 - Citrix SlidesWVD Partner Event 17 feb 2020 - Citrix Slides
WVD Partner Event 17 feb 2020 - Citrix Slideskiefter
 
Moving from Monolith to Microservices
Moving from Monolith to MicroservicesMoving from Monolith to Microservices
Moving from Monolith to MicroservicesMist.io
 

Recommended

UI Unlimited
UI UnlimitedUI Unlimited
UI UnlimitedESUG
 
Cairo Graphics Kit
Cairo Graphics KitCairo Graphics Kit
Cairo Graphics KitESUG
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremioEMC
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOEMC
 
Presentation citrix receiver road
Presentation citrix receiver roadPresentation citrix receiver road
Presentation citrix receiver roadxKinAnx
 
How Citrix Admins can get a Virtual Assistant
How Citrix Admins can get a Virtual AssistantHow Citrix Admins can get a Virtual Assistant
How Citrix Admins can get a Virtual AssistanteG Innovations
 
WVD Partner Event 17 feb 2020 - Citrix Slides
WVD Partner Event 17 feb 2020 - Citrix SlidesWVD Partner Event 17 feb 2020 - Citrix Slides
WVD Partner Event 17 feb 2020 - Citrix Slideskiefter
 
Moving from Monolith to Microservices
Moving from Monolith to MicroservicesMoving from Monolith to Microservices
Moving from Monolith to MicroservicesMist.io
 
Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?eG Innovations
 
Case study on single sign on intranet portal on dotnetnuke
Case study on single sign on intranet portal on dotnetnukeCase study on single sign on intranet portal on dotnetnuke
Case study on single sign on intranet portal on dotnetnukeGrey Matter India Technologies PVT LTD
 
eG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Innovations
 
Strategies For Efficient Offline Programming 2013
Strategies For Efficient Offline Programming 2013Strategies For Efficient Offline Programming 2013
Strategies For Efficient Offline Programming 2013Canadian Measurement Metrology
 
Azure Functions
Azure Functions Azure Functions
Azure Functions Gaurav Madaan
 
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...Amazon Web Services
 
Managing the End User Experience with GPU-Powered Insights
Managing the End User Experience with GPU-Powered InsightsManaging the End User Experience with GPU-Powered Insights
Managing the End User Experience with GPU-Powered InsightseG Innovations
 
Bim&revit
Bim&revitBim&revit
Bim&revitOmar Selim
 
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...DevOps.com
 
Citrix Virtual Desktop Handbook
Citrix Virtual Desktop HandbookCitrix Virtual Desktop Handbook
Citrix Virtual Desktop HandbookNuno Alves
 
Why we should consider Open Hybrid Cloud.pdf
Why we should consider Open Hybrid Cloud.pdfWhy we should consider Open Hybrid Cloud.pdf
Why we should consider Open Hybrid Cloud.pdfMasahiko Umeno
 
How to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmentHow to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmenteG Innovations
 
Citrix Lifecycle Management - One Year On
Citrix Lifecycle Management - One Year OnCitrix Lifecycle Management - One Year On
Citrix Lifecycle Management - One Year OnAndrew Wood
 
Citrix OOW Presentation 2012
Citrix OOW Presentation 2012Citrix OOW Presentation 2012
Citrix OOW Presentation 2012Girish Yadav
 
Xendesktop 7-on-windows-azure-design-guide
Xendesktop 7-on-windows-azure-design-guideXendesktop 7-on-windows-azure-design-guide
Xendesktop 7-on-windows-azure-design-guideNuno Alves
 
Try Free 2022 Update Citrix 1Y0-403 Real Questions
Try Free 2022 Update Citrix 1Y0-403 Real QuestionsTry Free 2022 Update Citrix 1Y0-403 Real Questions
Try Free 2022 Update Citrix 1Y0-403 Real QuestionswilliamLeo13
 
IBM Bluemix Presentation.pptx
IBM Bluemix Presentation.pptxIBM Bluemix Presentation.pptx
IBM Bluemix Presentation.pptxvishal choudhary
 
XenDesktop 7 on Windows Azure
XenDesktop 7 on Windows Azure XenDesktop 7 on Windows Azure
XenDesktop 7 on Windows Azure Vision Concepts Infrastructure Services Solution
 
Csp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guideCsp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guideNuno Alves
 
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktop
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktopeG Enterprise Logon Simulator for Citrix XenApp & XenDesktop
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktopeG Innovations
 
AWS Serverless Event-driven Architecture - in lastminute.com meetup
AWS Serverless Event-driven Architecture - in lastminute.com meetupAWS Serverless Event-driven Architecture - in lastminute.com meetup
AWS Serverless Event-driven Architecture - in lastminute.com meetupCodeOps Technologies LLP
 
Understanding azure batch service
Understanding azure batch serviceUnderstanding azure batch service
Understanding azure batch serviceCodeOps Technologies LLP
 

More Related Content

Similar to Citrix Android Receiver Team Discusses Secure Authentication

Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?eG Innovations
 
eG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Innovations
 
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...Amazon Web Services
 
Managing the End User Experience with GPU-Powered Insights
Managing the End User Experience with GPU-Powered InsightsManaging the End User Experience with GPU-Powered Insights
Managing the End User Experience with GPU-Powered InsightseG Innovations
 
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...DevOps.com
 
Citrix Virtual Desktop Handbook
Citrix Virtual Desktop HandbookCitrix Virtual Desktop Handbook
Citrix Virtual Desktop HandbookNuno Alves
 
Why we should consider Open Hybrid Cloud.pdf
Why we should consider Open Hybrid Cloud.pdfWhy we should consider Open Hybrid Cloud.pdf
Why we should consider Open Hybrid Cloud.pdfMasahiko Umeno
 
How to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmentHow to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmenteG Innovations
 
Citrix Lifecycle Management - One Year On
Citrix Lifecycle Management - One Year OnCitrix Lifecycle Management - One Year On
Citrix Lifecycle Management - One Year OnAndrew Wood
 
Citrix OOW Presentation 2012
Citrix OOW Presentation 2012Citrix OOW Presentation 2012
Citrix OOW Presentation 2012Girish Yadav
 
Xendesktop 7-on-windows-azure-design-guide
Xendesktop 7-on-windows-azure-design-guideXendesktop 7-on-windows-azure-design-guide
Xendesktop 7-on-windows-azure-design-guideNuno Alves
 
Try Free 2022 Update Citrix 1Y0-403 Real Questions
Try Free 2022 Update Citrix 1Y0-403 Real QuestionsTry Free 2022 Update Citrix 1Y0-403 Real Questions
Try Free 2022 Update Citrix 1Y0-403 Real QuestionswilliamLeo13
 
IBM Bluemix Presentation.pptx
IBM Bluemix Presentation.pptxIBM Bluemix Presentation.pptx
IBM Bluemix Presentation.pptxvishal choudhary
 
Csp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guideCsp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guideNuno Alves
 
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktop
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktopeG Enterprise Logon Simulator for Citrix XenApp & XenDesktop
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktopeG Innovations
 

Similar to Citrix Android Receiver Team Discusses Secure Authentication (20)

Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?Does Using Citrix Cloud Make Performance Monitoring Easier?
Does Using Citrix Cloud Make Performance Monitoring Easier?
 
Case study on single sign on intranet portal on dotnetnuke
Case study on single sign on intranet portal on dotnetnukeCase study on single sign on intranet portal on dotnetnuke
Case study on single sign on intranet portal on dotnetnuke
 
eG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix Workspaces
 
Strategies For Efficient Offline Programming 2013
Strategies For Efficient Offline Programming 2013Strategies For Efficient Offline Programming 2013
Strategies For Efficient Offline Programming 2013
 
Azure Functions
Azure Functions Azure Functions
Azure Functions
 
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
 
Managing the End User Experience with GPU-Powered Insights
Managing the End User Experience with GPU-Powered InsightsManaging the End User Experience with GPU-Powered Insights
Managing the End User Experience with GPU-Powered Insights
 
Bim&revit
Bim&revitBim&revit
Bim&revit
 
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
 
Citrix Virtual Desktop Handbook
Citrix Virtual Desktop HandbookCitrix Virtual Desktop Handbook
Citrix Virtual Desktop Handbook
 
Why we should consider Open Hybrid Cloud.pdf
Why we should consider Open Hybrid Cloud.pdfWhy we should consider Open Hybrid Cloud.pdf
Why we should consider Open Hybrid Cloud.pdf
 
How to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix EnvironmentHow to Deliver an Exceptional End User Experience in your Citrix Environment
How to Deliver an Exceptional End User Experience in your Citrix Environment
 
Citrix Lifecycle Management - One Year On
Citrix Lifecycle Management - One Year OnCitrix Lifecycle Management - One Year On
Citrix Lifecycle Management - One Year On
 
Citrix OOW Presentation 2012
Citrix OOW Presentation 2012Citrix OOW Presentation 2012
Citrix OOW Presentation 2012
 
Xendesktop 7-on-windows-azure-design-guide
Xendesktop 7-on-windows-azure-design-guideXendesktop 7-on-windows-azure-design-guide
Xendesktop 7-on-windows-azure-design-guide
 
Try Free 2022 Update Citrix 1Y0-403 Real Questions
Try Free 2022 Update Citrix 1Y0-403 Real QuestionsTry Free 2022 Update Citrix 1Y0-403 Real Questions
Try Free 2022 Update Citrix 1Y0-403 Real Questions
 
IBM Bluemix Presentation.pptx
IBM Bluemix Presentation.pptxIBM Bluemix Presentation.pptx
IBM Bluemix Presentation.pptx
 
XenDesktop 7 on Windows Azure
XenDesktop 7 on Windows Azure XenDesktop 7 on Windows Azure
XenDesktop 7 on Windows Azure
 
Csp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guideCsp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guide
 
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktop
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktopeG Enterprise Logon Simulator for Citrix XenApp & XenDesktop
eG Enterprise Logon Simulator for Citrix XenApp & XenDesktop
 

More from CodeOps Technologies LLP

AWS Serverless Event-driven Architecture - in lastminute.com meetup
AWS Serverless Event-driven Architecture - in lastminute.com meetupAWS Serverless Event-driven Architecture - in lastminute.com meetup
AWS Serverless Event-driven Architecture - in lastminute.com meetupCodeOps Technologies LLP
 
BUILDING SERVERLESS SOLUTIONS WITH AZURE FUNCTIONS
BUILDING SERVERLESS SOLUTIONS WITH AZURE FUNCTIONSBUILDING SERVERLESS SOLUTIONS WITH AZURE FUNCTIONS
BUILDING SERVERLESS SOLUTIONS WITH AZURE FUNCTIONSCodeOps Technologies LLP
 
APPLYING DEVOPS STRATEGIES ON SCALE USING AZURE DEVOPS SERVICES
APPLYING DEVOPS STRATEGIES ON SCALE USING AZURE DEVOPS SERVICESAPPLYING DEVOPS STRATEGIES ON SCALE USING AZURE DEVOPS SERVICES
APPLYING DEVOPS STRATEGIES ON SCALE USING AZURE DEVOPS SERVICESCodeOps Technologies LLP
 
BUILD, TEST & DEPLOY .NET CORE APPS IN AZURE DEVOPS
BUILD, TEST & DEPLOY .NET CORE APPS IN AZURE DEVOPSBUILD, TEST & DEPLOY .NET CORE APPS IN AZURE DEVOPS
BUILD, TEST & DEPLOY .NET CORE APPS IN AZURE DEVOPSCodeOps Technologies LLP
 
CREATE RELIABLE AND LOW-CODE APPLICATION IN SERVERLESS MANNER
CREATE RELIABLE AND LOW-CODE APPLICATION IN SERVERLESS MANNERCREATE RELIABLE AND LOW-CODE APPLICATION IN SERVERLESS MANNER
CREATE RELIABLE AND LOW-CODE APPLICATION IN SERVERLESS MANNERCodeOps Technologies LLP
 
CREATING REAL TIME DASHBOARD WITH BLAZOR, AZURE FUNCTION COSMOS DB AN AZURE S...
CREATING REAL TIME DASHBOARD WITH BLAZOR, AZURE FUNCTION COSMOS DB AN AZURE S...CREATING REAL TIME DASHBOARD WITH BLAZOR, AZURE FUNCTION COSMOS DB AN AZURE S...
CREATING REAL TIME DASHBOARD WITH BLAZOR, AZURE FUNCTION COSMOS DB AN AZURE S...CodeOps Technologies LLP
 
WRITE SCALABLE COMMUNICATION APPLICATION WITH POWER OF SERVERLESS
WRITE SCALABLE COMMUNICATION APPLICATION WITH POWER OF SERVERLESSWRITE SCALABLE COMMUNICATION APPLICATION WITH POWER OF SERVERLESS
WRITE SCALABLE COMMUNICATION APPLICATION WITH POWER OF SERVERLESSCodeOps Technologies LLP
 
Training And Serving ML Model Using Kubeflow by Jayesh Sharma
Training And Serving ML Model Using Kubeflow by Jayesh SharmaTraining And Serving ML Model Using Kubeflow by Jayesh Sharma
Training And Serving ML Model Using Kubeflow by Jayesh SharmaCodeOps Technologies LLP
 
Deploy Microservices To Kubernetes Without Secrets by Reenu Saluja
Deploy Microservices To Kubernetes Without Secrets by Reenu SalujaDeploy Microservices To Kubernetes Without Secrets by Reenu Saluja
Deploy Microservices To Kubernetes Without Secrets by Reenu SalujaCodeOps Technologies LLP
 
Leverage Azure Tech stack for any Kubernetes cluster via Azure Arc by Saiyam ...
Leverage Azure Tech stack for any Kubernetes cluster via Azure Arc by Saiyam ...Leverage Azure Tech stack for any Kubernetes cluster via Azure Arc by Saiyam ...
Leverage Azure Tech stack for any Kubernetes cluster via Azure Arc by Saiyam ...CodeOps Technologies LLP
 
YAML Tips For Kubernetes by Neependra Khare
YAML Tips For Kubernetes by Neependra KhareYAML Tips For Kubernetes by Neependra Khare
YAML Tips For Kubernetes by Neependra KhareCodeOps Technologies LLP
 
Must Know Azure Kubernetes Best Practices And Features For Better Resiliency ...
Must Know Azure Kubernetes Best Practices And Features For Better Resiliency ...Must Know Azure Kubernetes Best Practices And Features For Better Resiliency ...
Must Know Azure Kubernetes Best Practices And Features For Better Resiliency ...CodeOps Technologies LLP
 
Monitor Azure Kubernetes Cluster With Prometheus by Mamta Jha
Monitor Azure Kubernetes Cluster With Prometheus by Mamta JhaMonitor Azure Kubernetes Cluster With Prometheus by Mamta Jha
Monitor Azure Kubernetes Cluster With Prometheus by Mamta JhaCodeOps Technologies LLP
 
Functional Programming in Java 8 - Lambdas and Streams
Functional Programming in Java 8 - Lambdas and StreamsFunctional Programming in Java 8 - Lambdas and Streams
Functional Programming in Java 8 - Lambdas and StreamsCodeOps Technologies LLP
 
Distributed Tracing: New DevOps Foundation
Distributed Tracing: New DevOps FoundationDistributed Tracing: New DevOps Foundation
Distributed Tracing: New DevOps FoundationCodeOps Technologies LLP
 
"Distributed Tracing: New DevOps Foundation" by Jayesh Ahire
"Distributed Tracing: New DevOps Foundation" by Jayesh Ahire "Distributed Tracing: New DevOps Foundation" by Jayesh Ahire
"Distributed Tracing: New DevOps Foundation" by Jayesh Ahire CodeOps Technologies LLP
 

More from CodeOps Technologies LLP (20)

AWS Serverless Event-driven Architecture - in lastminute.com meetup
AWS Serverless Event-driven Architecture - in lastminute.com meetupAWS Serverless Event-driven Architecture - in lastminute.com meetup
AWS Serverless Event-driven Architecture - in lastminute.com meetup
 
Understanding azure batch service
Understanding azure batch serviceUnderstanding azure batch service
Understanding azure batch service
 
DEVOPS AND MACHINE LEARNING
DEVOPS AND MACHINE LEARNINGDEVOPS AND MACHINE LEARNING
DEVOPS AND MACHINE LEARNING
 
SERVERLESS MIDDLEWARE IN AZURE FUNCTIONS
SERVERLESS MIDDLEWARE IN AZURE FUNCTIONSSERVERLESS MIDDLEWARE IN AZURE FUNCTIONS
SERVERLESS MIDDLEWARE IN AZURE FUNCTIONS
 
BUILDING SERVERLESS SOLUTIONS WITH AZURE FUNCTIONS
BUILDING SERVERLESS SOLUTIONS WITH AZURE FUNCTIONSBUILDING SERVERLESS SOLUTIONS WITH AZURE FUNCTIONS
BUILDING SERVERLESS SOLUTIONS WITH AZURE FUNCTIONS
 
APPLYING DEVOPS STRATEGIES ON SCALE USING AZURE DEVOPS SERVICES
APPLYING DEVOPS STRATEGIES ON SCALE USING AZURE DEVOPS SERVICESAPPLYING DEVOPS STRATEGIES ON SCALE USING AZURE DEVOPS SERVICES
APPLYING DEVOPS STRATEGIES ON SCALE USING AZURE DEVOPS SERVICES
 
BUILD, TEST & DEPLOY .NET CORE APPS IN AZURE DEVOPS
BUILD, TEST & DEPLOY .NET CORE APPS IN AZURE DEVOPSBUILD, TEST & DEPLOY .NET CORE APPS IN AZURE DEVOPS
BUILD, TEST & DEPLOY .NET CORE APPS IN AZURE DEVOPS
 
CREATE RELIABLE AND LOW-CODE APPLICATION IN SERVERLESS MANNER
CREATE RELIABLE AND LOW-CODE APPLICATION IN SERVERLESS MANNERCREATE RELIABLE AND LOW-CODE APPLICATION IN SERVERLESS MANNER
CREATE RELIABLE AND LOW-CODE APPLICATION IN SERVERLESS MANNER
 
CREATING REAL TIME DASHBOARD WITH BLAZOR, AZURE FUNCTION COSMOS DB AN AZURE S...
CREATING REAL TIME DASHBOARD WITH BLAZOR, AZURE FUNCTION COSMOS DB AN AZURE S...CREATING REAL TIME DASHBOARD WITH BLAZOR, AZURE FUNCTION COSMOS DB AN AZURE S...
CREATING REAL TIME DASHBOARD WITH BLAZOR, AZURE FUNCTION COSMOS DB AN AZURE S...
 
WRITE SCALABLE COMMUNICATION APPLICATION WITH POWER OF SERVERLESS
WRITE SCALABLE COMMUNICATION APPLICATION WITH POWER OF SERVERLESSWRITE SCALABLE COMMUNICATION APPLICATION WITH POWER OF SERVERLESS
WRITE SCALABLE COMMUNICATION APPLICATION WITH POWER OF SERVERLESS
 
Training And Serving ML Model Using Kubeflow by Jayesh Sharma
Training And Serving ML Model Using Kubeflow by Jayesh SharmaTraining And Serving ML Model Using Kubeflow by Jayesh Sharma
Training And Serving ML Model Using Kubeflow by Jayesh Sharma
 
Deploy Microservices To Kubernetes Without Secrets by Reenu Saluja
Deploy Microservices To Kubernetes Without Secrets by Reenu SalujaDeploy Microservices To Kubernetes Without Secrets by Reenu Saluja
Deploy Microservices To Kubernetes Without Secrets by Reenu Saluja
 
Leverage Azure Tech stack for any Kubernetes cluster via Azure Arc by Saiyam ...
Leverage Azure Tech stack for any Kubernetes cluster via Azure Arc by Saiyam ...Leverage Azure Tech stack for any Kubernetes cluster via Azure Arc by Saiyam ...
Leverage Azure Tech stack for any Kubernetes cluster via Azure Arc by Saiyam ...
 
YAML Tips For Kubernetes by Neependra Khare
YAML Tips For Kubernetes by Neependra KhareYAML Tips For Kubernetes by Neependra Khare
YAML Tips For Kubernetes by Neependra Khare
 
Must Know Azure Kubernetes Best Practices And Features For Better Resiliency ...
Must Know Azure Kubernetes Best Practices And Features For Better Resiliency ...Must Know Azure Kubernetes Best Practices And Features For Better Resiliency ...
Must Know Azure Kubernetes Best Practices And Features For Better Resiliency ...
 
Monitor Azure Kubernetes Cluster With Prometheus by Mamta Jha
Monitor Azure Kubernetes Cluster With Prometheus by Mamta JhaMonitor Azure Kubernetes Cluster With Prometheus by Mamta Jha
Monitor Azure Kubernetes Cluster With Prometheus by Mamta Jha
 
Jet brains space intro presentation
Jet brains space intro presentationJet brains space intro presentation
Jet brains space intro presentation
 
Functional Programming in Java 8 - Lambdas and Streams
Functional Programming in Java 8 - Lambdas and StreamsFunctional Programming in Java 8 - Lambdas and Streams
Functional Programming in Java 8 - Lambdas and Streams
 
Distributed Tracing: New DevOps Foundation
Distributed Tracing: New DevOps FoundationDistributed Tracing: New DevOps Foundation
Distributed Tracing: New DevOps Foundation
 
"Distributed Tracing: New DevOps Foundation" by Jayesh Ahire
"Distributed Tracing: New DevOps Foundation" by Jayesh Ahire "Distributed Tracing: New DevOps Foundation" by Jayesh Ahire
"Distributed Tracing: New DevOps Foundation" by Jayesh Ahire
 

Recently uploaded

What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
What are the features of Vehicle Tracking System?
What are the features of Vehicle Tracking System?What are the features of Vehicle Tracking System?
What are the features of Vehicle Tracking System?Watsoo Telematics
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝soniya singh
 

Recently uploaded (20)

What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
What are the features of Vehicle Tracking System?
What are the features of Vehicle Tracking System?What are the features of Vehicle Tracking System?
What are the features of Vehicle Tracking System?
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
 

Citrix Android Receiver Team Discusses Secure Authentication

  • 4. Why Citrix Android Receiver? The need. • One can use other Citrix Receiver on Android to launch sessions, but the advantage Citrix Android Receiver gives is capability to work with client side attached devices in sessions • The user experience is much more native and various form factors have been considered for ease of use • The capability to work with Samsung Dex and Second Displays gives tremendous boost to productivity with enhanced experience
  • 5. Best Practices • Use Design Pattern/Architectural Patterns like MVP and Clean Architecture to write an application. • Write minimal code in Activity, that too related to UI only, no business case. Best for unit testing. • Use Proguard and AllowBackup=false in Android Manifest • Use annotations liberally, and put guarded fields behind asserts as safety net in Debug Builds • Create instrumented builds as well, they help in code coverage with automation, and don’t hinder release • In Debug Mode config, have StrictMode enabled, so that Main thread can not hog CPU, and remove in release • Material Design UI gives really good designs and guidelines, though a little old, it gives UI professional look • When the need is there to return empty collections, don’t new, rather call (use this pattern for your collections) • Collections.emptyList() , Collections.emptySet(). Try to mimic this behavior for your classes as well. • For OAuth workflows, use AppAuth for Android, rather than implementing from scratch • When having branches in github, remember to use protected branches as well, this lets you control the branch much better without worrying about accidental deletes and changes
  • 6. Things to avoid • Trying to get around Android Activity Lifecycle by using hacks • Using Open Source libraries that are old and not updated or maintained, if something breaks in the production, you’ll spend a lot of time trying to fix a problem which was not yours in the first place • Writing your own encryption/decryption in an Enterprise app, until you are doing research in this field. Secondly, many government organizations, want apps to be certified to pre defined standards, and custom encryption/decryption, doesn’t fall in this category • Trying to write important code in an Activity’s onDestroy() function. Android doesn’t guarantee it will be called or when it would be called. Once, we were clearing the state of one our Model Repository in onDestroy, and it was being called at the most inappropriate time, and that too in production and never internally
  • 7. References / Docs / Recommendations • Clean Architecture • https://8thlight.com/blog/uncle-bob/2012/08/13/the-clean-architecture.html • Book - Clean Architecture: A Craftsman's Guide to Software Structure and Design (Robert C. Martin Series) • Citrix Videos on Citrix channel • https://www.youtube.com/citrix • To learn about virtualization and what’s happening • http://www.brianmadden.com/ • https://www.citrix.com/blogs/category/virtualization/ • https://docs.citrix.com/
  • 10. Why all this? The need. • Enterprise/Corporates have many applications that require authentication before the apps can be used. Now logging in again to every app is a tedious thing, Single Sign On (SSO) tries to address that. (Security Assertion Markup Language) SAML is an open standard helps to address SSO • SAML takes care of • Authentication - Determining that the users are who they claim to be • Authorization - Determining if users have the right to access certain systems or content • SAML Provider : Server or other Computer providing/consuming SAML Services • SAML Assertion : Document shared after Authentication and Authorization have been done • Identity Provider : Primary objective is Authentication. E.g. Salesforce, LDAP or Active Directory OAuth OAuth is newer than SAML, developed by Google and Twitter. It was developed in part to compensate for SAML's deficiencies on mobile platforms and is based on JSON rather than XML. OAuth only deals with authorization. OpenID Connect is an even newer standard, developed in 2014, that provides authentication services, and is layered on top of OAuth. OAuth2 is what is supported by Amazon, MS, Facebook, Instagram, Paypal, Google, etc. OAuth is an open-standard authorization protocol that describes how unrelated servers and services can safely allow authenticated access to their assets without actually sharing the initial, single logon credential. In authentication parlance, this is known as secure, third-party, user-agent, delegated authorization.
  • 12. How OAuth Works Let’s assume a user has already signed into one website or service. The user then initiates a feature/transaction that needs to access another unrelated site or service. The following happens (greatly simplified): 1. The first website connects to the second website on behalf of the user, using OAuth, providing the user’s verified identity. 2. The second site generates a one-time token and a one-time secret unique to the transaction and parties involved. 3. The first site gives this token and secret to the initiating user’s client software. 4. Client’s software presents the request token and secret to authorization provider 5. If not already authenticated to the auth provider, the client is asked to do so. 6. After authentication, the client is asked to approve the authorization transaction. 7. The user approves a particular transaction type at the first website. 8. The user is given an approved access token (not a request token). 9. The user gives the approved access token to the first website. 10. The first website passes the access token to second as authentication proof. 11. The second website lets the first access their site on behalf of the user. 12. The user sees a successfully completed transaction occurring. 13. Kerberos, work similarly. OAuth has ability to work across web and wide adoption. Please Note: Diagrams are courtesy https://docs.spring.io/
  • 13. Key Differences OAuth/OAuth2 OAuth OAuth2 Primary flows for browser based apps More flows to allow better support for non browser apps Requires client apps to have cryptography and security protocols. It is transport independent & a protocol No such need, but depends on HTTPS for security. It is a framework and not protocol. Signatures require special parsing, sorting and encoding Signatures are much less complex Typically, access tokens could be stored for a year The access tokens are ‘short lived’ while refresh tokens could be long life Clean Separation of roles between server responsible for handling auth requests and server handling user authorization Requires client to send two security tokens for each API call, and use both to generate the signature Signatures are not required for the actual API calls once the token has been generated. It has only one security token Please Note: Diagrams are courtesy https://docs.spring.io/
  • 14. Chrome Custom Tabs and their benefits • Have been designed keeping in mind security, speed and SAML integrations. • In android, support library is present to support on older versions of android going down to 1.6. • Support is present for integration from flow control of Browser to Native App giving a smoother look and feel while transitioning • Native App developers if they use Native Browser its heavy in context in comparison to CCT • Security: the browser uses Google's Safe Browsing to protect the user and the device from dangerous sites • Shared cookie jar and permissions model so users don't have to log in to sites they are already connected to, or re- grant permissions they have already granted • If the user has turned on Data Saver, they will still benefit Please Note: Image courtesy google Link
  • 15. How to use Chrome Custom Tab in Android App Add Custom Tabs Support Library to Android Project: In build.gradle : dependencies { ... compile 'com.android.support:customtabs:23.3.0' } Opening Chrome Custom Tab Inside any activity : Chrome Custom Tab customizations // Use a CustomTabsIntent.Builder to configure CustomTabsIntent. // Once ready, call CustomTabsIntent.Builder.build() to create a CustomTabsIntent // and launch the desired Url with CustomTabsIntent.launchUrl() String url = ¨https://go.citrix.com/¨; CustomTabsIntent.Builder builder = new CustomTabsIntent.Builder(); CustomTabsIntent customTabsIntent = builder.build(); customTabsIntent.launchUrl(this, Uri.parse(url)); // Set Toolbar Color. builder.setToolbarColor(colorInt); // Set Action Button Image, Description, colorTint and Action. builder.setActionButton(icon, description, pendingIntent, tint); // Set Action Button Image, Description, colorTint and Action. builder.setStartAnimations(this, R.anim.slide_in_right, R.anim.slide_out_left); builder.setExitAnimations(this, R.anim.slide_in_left, R.anim.slide_out_right);
  • 16. Differences between Chrome Custom Tabs and WebView Chrome Custom Tabs WebView When warming up is used, the speed of launch is much faster for the page because of background load. Speed lower than CCT, as can been seen in demo videos as well Don’t allow direct manipulation of elements using exposed JavaScript Interfaces, so more secure but less flexible. Allows direct manipulation of elements using exposed Java Interfaces, so less secure but more flexible. CCT allows OAuth2 to be easily used for authorization and granting access tokens through redirection field in url. There have been reports where WebView is not allowing OAuth2 to work properly for many customers. Google is not allowing webview to their OAuth2 backed apis. Customizations to the look and feel, leading to better integration with native applications. Color modification, Options Menu and Back Arrow allowed to be modified. Animations for entry and exit are allowed. Such customizations need to be written from scratch as WebView is hosting the content without decorations as such. The customer sees the URL they are reaching, which is not modifiable and hence going somewhere and showing something else doesn’t happen. Such feature is not present. Fake apps could show a different page and show a different URL to the user. All Chrome Custom Tabs internal cookies are maintained by System and not exposed, though shared under system control using shared cookie jar Each WebView has its sets of cookies that are not shared with Browser Tabs and they don’t share state.
  • 17. Hands on with OAuth2 with AppAuth and google API • Open the link : https://codelabs.developers.google.com/codelabs/appauth-android-codelab/index.html .Step by Step instructions are given how to do the authorization and use google APIs for the user. Its easy but takes a bit of time to get things done. • Some of the things to remember: • Client ID is specific to the app being written and is linked with the app developer’s google account. This is so that Google can be sure, the right application is talking to it and later it can revoke the auth token if needed in future. • For starting one can avoid the Managed Configuration (in above steps) as its not necessary to understand the concept • Two endpoints are used, one for auth endpoint and second for token endpoint. • The redirect uri is of the form • Uri redirectUri = Uri.parse("com.google.codelabs.appauth:/oauth2callback"); • This redirectUri corresponds to the custom scheme registered in the AndroidManifest.xml <activity android:name="net.openid.appauth.RedirectUriReceiverActivity"> <intent-filter> <action android:name="android.intent.action.VIEW"/> <category android:name="android.intent.category.DEFAULT"/> <category android:name="android.intent.category.BROWSABLE"/> <data android:scheme="com.google.codelabs.appauth"/> </intent-filter> </activity>
  • 19. Precautions • OAuth2 RFC document has been in constant revision for a good time, please keep a track of it to see if new things need to be looked into. Especially in mobile space. • OAuth2 initial writer has recently backed out of the project saying its too complex and its not the way it should have been. This is a good warning. https://hueniverse.com/oauth-2-0-and-the-road-to-hell-8eec45921529 • Facebook, Google have their own OAuth2 implementations which are slightly different so apps need to be written to take care of these deviations when they need integrations • Its still a good practice to use WebView if we are directing user to our own URL in our domain • OAuth vulnerability: Oauth 2 relies on TLS for protection from outside. If Security and SSL are not properly done, it will lead to security exploits so be careful and forewarned. It’s possible for a rogue website to phish a user’s legitimate credentials during the part of the process where the user is being required to authenticate themselves to the authorization provider. For example, a user is using the first service and chooses a feature that forces an OAuth transaction to a second service. It’s possible for the first website to fake the second website, where user authentication is often taking place. The rogue website can then collect the user’s authentication credentials and react as if the OAuth transaction had successfully taken place. This is what happened with Google in 2017 and millions of accounts were phished.
  • 20. References / Docs / Recommendations • Enterprise SSON with Chrome Custom Tabs • https://www.youtube.com/watch?v=DdQTXrk6YTk • Chrome Custom Tab Videos – How To(s) and details • https://www.youtube.com/watch?v=OMSm9d9eNVU • https://www.youtube.com/watch?v=YeTfOTUxOv4 • https://www.youtube.com/watch?v=QOxIdbNwpx0 • To learn about OAuth2 • https://tools.ietf.org/html/rfc6749 • https://oauth.net/2/ • https://developers.google.com/identity/protocols/OAuth2 • https://www.slideshare.net/aaronpk/an-introduction-to-oauth-2/ • Good Tool shared by google to learn about how OAuth2 needs to be implemented and play around • https://developers.google.com/oauthplayground • Citrix links to SAML integration with customer environments • https://support.citrix.com/article/CTX218175 • https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-9/secure/federated-authentication-service.html