Have you ever wanted to get the username and password from an authenticated user in Citrix Web Interface? I was once tasked to grab the username and password of the authenticated Citrix Web Interface user and pass those credentials along to a custom Lotus Notes web application. Using the Web Interface SDK (available at http://apps.citrix.com/cdn/sdk/webinterface_sdk.asp), I was able to get just what I needed. Here is how it’s done:

The down and dirty explanation
The first thing you’ll need to understand is the object model Citrix uses in Web Interface. Citrix provides you with a lot of base classes you can use to programmatically get the information you need. All these classes are documented in the SDK. The class we’re interested in for this example is the AccessToken class. The AccessToken class allows you to get the user’s username (but not the user’s password). To get the user’s password, you’ll need to use the PasswordBasedToken Interface. The AccessToken class implements the PasswordBasedToken interface which exposes a method called getPassword(). This method returns a string that is the user’s password. Check out the code below:

The code
<%
PasswordBasedToken pbt = null;
AccessToken ac = authGetPrimaryAccessToken();
pbt = (PasswordBasedToken)ac;

string strUsername = ac.getShortUserName();
string strPassword = pbt.getPassword();
%>

That was easy (almost too easy).
Notice the use of the authGetPrimaryAccessToken(). This is a function that Citrix gives you to get the primary access token holding the credentials the user used to authenticate to Web Interface. This function can be found at path_to_your_wi_server\site\serverscripts\authentication.cs and path_to_your_wi_server\auth\serverscripts\authentication.cs

The code placement
Ok, now you know the down and dirty explanation and the code used to get the username and password. So, where do you put this code? One place you could use is the layout.ascx file located at path_to_your_wi_server\site\include. Layout.ascx is a user control that constructs the look and feel of the Web interface page after authentication (see this article for more information). Just place the code before the tag. Now you can use the variables strUsername and strPassword wherever you like in the code.

Putting it all together
Here is the final product

Layout.ascx

<%

PasswordBasedToken pbt = null;
AccessToken ac = authGetPrimaryAccessToken();
pbt = (PasswordBasedToken)ac;
string strUsername = ac.getShortUserName();
string strPassword = pbt.getPassword();
%>

<html>
<head>
  <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8">
  <meta NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW, NOARCHIVE">
  <title><%=PageTitle%></title>
. . .

I hope this helps some of you out there trying to bring together disparate systems.