In an old blog article I explained the two interfaces of the plug-in NetScaler Access Gateway users different. As noted in this article already, my client was not satisfied with the look and feel of the software interface and asked for something more flexible and extensible (eg, running some programs depending on the tunnel being or not).
to answer this question and similar applications, Citrix Access Gateway provides a client API library shared for the integration of third party applications. The shared library is in the installation folder of the client (eg. C: Program Files Citrix Secure Access Client ). The name of the library file is C nscltapi.dll. It exports the following functions to be used in all three e party Code:
- Log
- Log out
- connected
- setproxy
This blog is not intended to cover all details on the API, but to give you an overview of how you can use it to create your own solution and / or what to ask Citrix Consulting for when the need arises. Using the code snippets below, adding a few extra lines of code to make it any prettier it took about 20 minutes to get something basic like this:
below, examples are written in C # code. Described are the basic steps to introduce the exported functions of the Citrix API DLL to your project. After telling your unmanaged code environment will be used in the project through this instruction,
using System.Runtime.InteropServices;
, you can start importing the functions you need and use them later. In the following, the four functions and a quick example of how you can use will be documented. Do not follow best practices on how to import a DLL to your project I reference library full path instead to import the project. For your project, I suggest you do it early 
Function: login
This API function is exported for you connect to the NetScaler access gateway. He expects the following parameters:
- FQDN
- Username
- Password
The shared library defines the function as follows:
int connect (char * url, char * user name, char * password)
the function returns an integer value indicating a positive tunnel initialization successful (the return value is also the identifier for your VPN session) or it returns a value <= 0. the relevant error codes are listed below
| return value | meaning |
| -1 | invalid input parameters |
| -2 | Agent is installed |
| -3 | Agent could not be started |
| - 4 | Port of undetected agent |
| -5, -6, -7 | Sending connection to the agent failed |
| -8 | agent modernizes |
| -9 | The agent did not send reply connection valid |
| -10 | memory allocation failure |
| -11 | failed Direct connection because proxy requires credentials and credential prompting the client is disabled. |
Example C #
[DllImport (“C:/Program Files/Citrix/Secure Access Client/nscltapi.dll”)]
private static extern int connection (String url, String username, String password );
int SessionID = login ( "https://myagee.example.com", "David", "Citrix123");
function: disconnect
This API function is exported to disconnect the SSL VPN. It expects the parameters
- SessionID
- Flag
where "SessionID" is the value returned by the connection API function and "Flag" sets the how the client will disconnect. The options are:
0: disconnection in silence, without early warning
2: .. exit without prompt
4 :. logout prompt with
6 :. output with prompt
shared library defines the function as follows:
int logout (int sessionid, int flag)
for successful disconnecting the disconnect function return 1 , in failure when disconnecting it reported 0 return to the calling context
Example C #
[DllImport (“C:/Program Files/Citrix/Secure Access Client/nscltapi.dll”)]
private static extern int logout (int SessionID, int flag) ;.
logout_flag int = 0;
= int logged_out logout (SessionID, logout_flag);
function: connected
This API function is exported to check the status of SSL VPN session. It has no parameters, but returns whether or not the plug-in Access Gateway is connected
The return values are expeted :.
0 :. Not connected to the SSL VPN
1: Connected. SSL VPN
shared library defines the function as follows:
int connected ()
Example C #
[DllImport (“C:/Program Files/Citrix/Secure Access Client/nscltapi.dll”)]
private static extern int connected ();
int status = connected ();
function: setproxy
The setproxy function is used to set the proxy statements for the VPN connection.
Forward proxy information live during the time of the shared library is loaded. If the shared library unloaded while the program is running, the proxy must be reset again.
He expects the
- proxy address
- dialogue Proxy
- authentication method
library shared defines the function as follows:
setproxy int (char * proxy, proxydlg int, int prefermethod))
possible formats for the proxy address are:
- area
- ipaddress
- domain: port
- ipaddress: port
- area: Port: username: password
- ipaddress: port: username: [password
options for the proxy dialog box, which means to enable / disable SSL VPN Client dialog for the definition of proxy credentials before:
0: enable SSL VPN client prompt for credentials before proxy. (Default)
1 :. Disable SSL VPN client prompts for proxy credentials before
Possible methods for proxy authentication are:
0: Pick the first choice available from proxy Direct returned list. Default
1 :. preferred authentication method BASIC
2: preferred authentication method DIGEST
3: preferred method of authentication NTLM
The function returns "0" when the definition of forward proxy information failed. This usually occurs when the proxy string is longer than the maximum of 256 bytes. A value of 1 is returned when the forward proxy information is set successfully.
Example C #
[DllImport (“C:/Program Files/Citrix/Secure Access Client/nscltapi.dll”)]
private extern static int setproxy (String proxy_address, proxy_dialog int, int proxy_method);
int = proxy_defined setproxy ( "192.168.0.1:8080", 0, 0);
With these four functions of NetScaler Access Gateway client API is relatively easy to implement custom connection services for very specific use cases. If the description and the above examples are not a great help for you (despite my best intentions), but you need to implement a solution where this API can be useful, please contact Citrix Consulting for advice on how to use the library provided or course find other possible ways to accomplish your task.
This code is provided "as is" without representation, warranty or condition of any kind. You can use and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES, EITHER EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. Without limiting the generality of the foregoing, you acknowledge and agree that (a) the software application may have errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (B) it may not be possible to fully functional software application; and (c) Citrix may, without notice or liability to you, cease to provide the current and / or future versions of the software application. In any case, the code must be used to support ultra-hazardous activities, including but not limited to life support or blasting operations. CITRIX, ITS AFFILIATES OR AGENTS BE LIABLE FOR BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY FOR ANY DAMAGES ARISING FROM THE USE OF THE APPLICATION SOFTWARE, INCLUDING WITHOUT LIMITATION DIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL OTHER SPECIAL, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. You agree to indemnify and defend Citrix against any claim arising from your use, modification or distribution of the code.
0 Komentar