Citrix XML Service Trust is a security setting that determines whether StoreFront trusts communication from Delivery Controllers. Citrix documentation states that this trust must be enabled when authentication relies on credentials that must be securely forwarded or delegated through StoreFront and Delivery Controllers.
The authentication features that require XML Service Trust to be enabled are:
✔ A. Pass-through Authentication
This method allows the user’s Windows credentials to be automatically passed from the endpoint to StoreFront and then to Delivery Controllers.
This process requires StoreFront to trust the Delivery Controllers for credential delegation.
✔ D. Pass-through from NetScaler Gateway
When Gateway authenticates the user and passes credentials or tokens to StoreFront, StoreFront must trust the XML service on the Delivery Controllers to validate user identity securely.
✔ E. Smart Card Authentication
Smart card credentials contain certificate-based identities that StoreFront must securely trust and forward to the Delivery Controllers. This requires XML trust between components.
Why the other options are incorrect:
B. Smart AccessSmartAccess is a Citrix Gateway feature based on SmartControl policies and does not rely on XML service trust.
C. HTTP BasicThis uses direct credential submission; it does not require XML trust.
Documentation References
StoreFront Authentication and XML Trust Requirements
Citrix Delivery Controller XML Communication Security
Citrix Virtual Apps and Desktops Authentication Methods Overview
