At the Synergy Conference in Barcelona last week, Citrix showed an obligatory ‘one more thing’ demo at the end of the opening Keynote. This time it was Citrix Receiver running inside Facebook, using an HTML5-based engine to connect back to the corporate data centre and run windows applications inside Facebook.

For those who didn’t see it, here is a link to the snippet on Citrix TV.

http://www.citrix.com/tv/#videos/4745

How did we do it, why did we do it, and more importantly what should you take away from this.

As to the ‘how’ this was relatively straightforward. Our web based Receiver was designed to be easy to extend and embed – for this demo we enabled support for running Receiver in an iframe and used the facebook APIs to wire these together. We originally rebranded Receiver to give it a facebook look and feel (Receiver for Web supports simple rebranding through css) but during the keynote walk through we decided to pull back from this to avoid any potential confusion about where Facebook ended and Receiver began.

Next, how did we connect back to our XenApp farm? For this we used our HTML5 ‘HDX engine’. Receiver for Web typically uses a ‘native’ HDX engine – for example one written specifically for Windows or Mac. These give the best user experience, and can provide access to local devices such as webcam or client drives. However the trade-off is the need to download an install the engine. This isn’t always possible, and where this is the case our plan is to leverage the increasing power of browsers to run HTML5/JavaScript code.

Currently we are shipping the HTML5 engine for use with ChromeOS (search for ‘Citrix Receiver’ in the ChromeOS store) and internally are testing this on a number of other browsers. For the Facebook demo we decided to use this to illustrate the ‘zero install’ case appropriate for such a use case – though a native receiver would have worked just as well.

(It’s worth pointing out that we deliberately used a private LAN connection to the back end farm to avoid our server being swamped by conference delegates trying out the demo themselves – so if you tried and failed, this is why.)

The final piece of the jigsaw was single sign on. We demonstrated at synergy last year that our authentication framework is open to bring your own identity schemes.

http://www.citrix.com/tv/#videos/2886 ~ 2min 20 seconds – 6 min 50 seconds.

Today ‘inbound’ identity federation like this is really the preserve of a few Citrix experts – but we will be productizing this in future. For outbound identity federation (i.e. using you domain credentials to access applications that need different credentials, take a look at Cloud Gateway Enterprise).

Finally the biggest question. “Why”. Really there are three things to take away

  1. Think out side the box. People work in different ways, and whilst Facebook may not be a normal workspace for many of us – for some people it is where they spend their lives. Appealing to new, especially younger, workers means looking at different approaches. Facebook may or may not be appropriate for your users  – but it is a great illustration of what is possible.
  2. If we can integrate with Facebook, you can integrate with your portal. Keynote demos really are put together quickly based on the core technology we have built as part of our current or upcoming products. Adding Receiver to a portal is not a big project.
  3. Identity federation is going to be huge. You need control over groups of users and policies relating to which users are in which groups, and which groups can access which applications – but that doesn’t mean you necessarily need to handle login or manually provision accounts.

In the 1800’s Employers frequently bore the cost of providing employees with houses. Over more recent years we have seen the same trend with cars, phones and laptops – but today many employees prefer to provide their own. This gives the employees choice and frees their employers from the cost and complexity of simultaneously running an estate agency, car dealer, phone exchange and electronics superstore (presumably as well as their ‘core business’). Perhaps ‘identity’ will go the same way. Providers like Facebook and Google allow me to pick an identity and access experience that suits me – but that is also perfectly adequate to meet the relatively modest needs of my company.

This demo was very much a talking point rather than a prediction of the future – but there are compelling arguments for such a future – and it is worth consideration as to whether your company or industry would benefit from such an approach.

Richard

Receiver for Web is available as part of the Cloud Gateway Express Tech Preview). (Link)