Skip to content

InCert for Windows

Jump to bottom Edit New page
Brent Moberly edited this page Jan 12, 2015 · 1 revision

Overview

InCert for Windows is designed to provision certificates to users' systems while ensuring that these systems meet baseline network and security standards.

To this end, InCert is highly customizable. At its heart, InCert is an xml-driven workflow engine. Everything it does and most aspects of its appearance are determined via xml content files. While you can certainly modify and recompile InCert's source code, this is not necessary. You can deploy your own version of InCert by bundling our precompiled binaries with your content files.

There are two goals here:

  1. That you can produce your own InCert experience by just editing xml. We have already programmed the InCert engine for you. You just need to supply the content files that tell the engine what to do.

  2. That you can modify the engine's behavior remotely without having to redeploy its binary components to users' computers. If you discover an issue with your content files or need to add or remove functionality from your version of InCert, it should be as easy as editing the content files on your server.

InCert is designed to work with an InCert server. Ideally, the server hosts the majority of the engine's content files. The server also provides endpoints that the client will use to authenticate users, upload logs files, obtain user certificates, and, if necessary, register users' computers. The engine uses a RESTful api to communicate with the server. You can either use a version of our server (coming soon) to drive the engine, or you can maintain your own version of server.

Basic Concepts, briefly

Tasks

Tasks represent the most atomic InCert unit of work. Tasks are meant to perform one function and return a result. Here is an example xml block defining a task:

<ScreenSaver.ConfigureScreenSaver>
  <Properties>
    <Active>true</Active>
    <Timeout>300</Timeout>
    <RequirePassword>true</RequirePassword>
  </Properties>
</ScreenSaver.ConfigureScreenSaver>

This task, ScreenSaver.ConfigureScreenSaver, tells the engine to enable the computer's screensaver, set its activation timeout to 5 minutes, and to require a password to deactivate the screensaver.

Conditions

Conditions determine whether or not tasks are executed. Adding a SystemInfo.IsNot64Bit condition to our example task above will prevent that task from executing on 64-bit systems:

<ScreenSaver.ConfigureScreenSaver>
  <Conditions.Any>
    <SystemInfo.IsNot64Bit/>
  </Conditions.Any>  
  <Properties>
    <Active>true</Active>
    <Timeout>300</Timeout>
    <RequirePassword>true</RequirePassword>
  </Properties>
</ScreenSaver.ConfigureScreenSaver>

Branches

Branches organize tasks into executing groups. Like tasks, branches return a result, allowing you to treat groups of tasks as single executing units. This branch, for example, configures the Windows screensaver while updating the engine's user interface:

<TaskBranch name="screensaver.configure">
  <UserInterface.ActivateCheckedParagraph minimumTaskTime="1">
    <Properties>
      <Dialog>Main dialog</Dialog>
      <ControlKey>Configuring screen saver</ControlKey>
      </Properties>
  </UserInterface.ActivateCheckedParagraph>

  <ScreenSaver.ConfigureScreenSaver>
    <Properties>
      <Active>true</Active>
      <Timeout>300</Timeout>
      <RequirePassword>true</RequirePassword>
    </Properties>
  </ScreenSaver.ConfigureScreenSaver>

  <UserInterface.CompleteCheckedParagraph minimumTaskTime="1">
     <Properties>
       <Dialog>Main dialog</Dialog>
       <ControlKey>Configuring screen saver</ControlKey>
     </Properties>
   </UserInterface.CompleteCheckedParagraph>
</TaskBranch>

Paragraphs

On the user interface side, paragraphs represent the most basic unit of content. This is a simple paragraph that displays the text "Configuring Computer" and formats it appropriately:

<SimpleParagraph margin="20,36,20,36" fontSize="24" alignment="Center">
  <Content>
    <DirectTextContent>Configuring Computer</DirectTextContent>
  </Content>
</SimpleParagraph>

Banners

Just as branches organize tasks into executing units, banners organize paragraphs into functional displays. Here is an example banner:

<SimpleBanner name="ConfigureProgressBanner" height="550" width="500">
  <Content>
    <SimpleParagraph margin="20,36,20,36" fontSize="24" alignment="Center">
      <Content>
        <DirectTextContent>Configuring Computer</DirectTextContent>
      </Content>
    </SimpleParagraph>
    <DefaultCheckedParagraph controlKey="Configuring screen saver" fontSize="18" margin="20,4,20,0" enabled="false">
      <Content>
        <DirectTextContent>Configuring screen saver</DirectTextContent>
      </Content>
    </DefaultCheckedParagraph>
  </Content>
  <Buttons>
    <DisabledButton>
      <Target>BackButton</Target>
      <Text>Back</Text>
    </DisabledButton>
    <DisabledButton>
      <Target>NextButton</Target>
      <Text>Next</Text>
    </DisabledButton>
    <UrlButton>
      <Target>HelpButton</Target>
      <Text>Help</Text>
      <Value>http://certdev0.incommontest.org/</Value>
    </UrlButton>
  </Buttons>
</SimpleBanner>

This banner will contain the title, centered, with the text "Configuring Computer," and, below it, a checked paragraph with the text "Configuring screen saver." This paragraph will be unchecked and greyed-out by default, but the tasks UserInterface.ActivateCheckedParagraph and UserInterface.CompleteCheckedParagraph (see branch example above) can be used to activate and then check this paragraph.

Content Files

Content files contain branches and banners. Here is an example content file:

<Content xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://incert.incommon.org/schemas ../Schemas/tasklist.xsd">
  <Branches>
    <TaskBranch name="screensaver.configure">
      <UserInterface.ActivateCheckedParagraph minimumTaskTime="1">
        <Properties>
          <Dialog>Main dialog</Dialog>
          <ControlKey>Configuring screen saver</ControlKey>
          </Properties>
      </UserInterface.ActivateCheckedParagraph>

      <ScreenSaver.ConfigureScreenSaver>
        <Properties>
          <Active>true</Active>
          <Timeout>300</Timeout>
          <RequirePassword>true</RequirePassword>
        </Properties>
      </ScreenSaver.ConfigureScreenSaver>

      <UserInterface.CompleteCheckedParagraph minimumTaskTime="1">
         <Properties>
           <Dialog>Main dialog</Dialog>
           <ControlKey>Configuring screen saver</ControlKey>
         </Properties>
       </UserInterface.CompleteCheckedParagraph>
    </TaskBranch>
  </Branches>

  <Banners>
    <SimpleBanner name="ConfigureProgressBanner" height="550" width="500">
      <Content>
        <SimpleParagraph margin="20,36,20,36" fontSize="24" alignment="Center">
          <Content>
            <DirectTextContent>Configuring Computer</DirectTextContent>
          </Content>
        </SimpleParagraph>
        <DefaultCheckedParagraph controlKey="Configuring screen saver" fontSize="18" margin="20,4,20,0" enabled="false">
          <Content>
            <DirectTextContent>Configuring screen saver</DirectTextContent>
          </Content>
        </DefaultCheckedParagraph>
      </Content>
      <Buttons>
        <DisabledButton>
          <Target>BackButton</Target>
          <Text>Back</Text>
        </DisabledButton>
        <DisabledButton>
          <Target>NextButton</Target>
          <Text>Next</Text>
        </DisabledButton>
        <UrlButton>
          <Target>HelpButton</Target>
          <Text>Help</Text>
          <Value>http://certdev0.incommontest.org/</Value>
        </UrlButton>
      </Buttons>
    </SimpleBanner>
  </Banners>
</Content>

This content files includes the branch and the banner that we have been working with above. Content files can contain any number of branches and banners, or just branches and banners. You can view the current InCert content files here.

Add a custom footer
Add a custom sidebar
Clone this wiki locally