Setting Up IPlugin Automation in Workflow Manager
Workflow Manager 2020
You can use the IPlugin interface to import packages into the Application Catalog and perform validation and conflict analysis as part of a Workflow Manager workflow step via command line using AdminStudio Application Manager.
This feature enables Workflow Manager to provide a programmatic way to automate the performance of conflict detection and resolution on a Windows Installer package in a specific Application Catalog database.
| • | Prerequisites |
| • | Steps to Achieve Automation |
| • | Advanced Configuration Options |
For the IPlugin functionality to work, the AMS System User—which is impersonated for IPlugin functionality—needs to be part of the Administrators and IIS_IUSRS groups on the Workflow Manager Server machine.
To set up Workflow Manager automation, perform the following steps:
To set up automation:
| 1. | Obtain the EndUserIPlugin.Test.csproj file from Flexera Technical Support. |
| 2. | References to the following three binaries need to be added in the project. All of these binaries can be found in the C:\AdminStudioWebComponents_2020\wwwroot\bin folder. |
| • | Adminstudio.Public.dll |
| • | IPlugin.dll |
| • | IPlugin2.dll |
| 3. | Once the references are added to the above DLLs, the solution should now build. |
| 4. | Once built, you can start overriding the callbacks in the Test solution to suit your customizations. |
| 5. | Once the IPlugin.Test2.dll is built, copy that DLL to the C:\AdminStudioWebComponents_2020\wwwroot\plugins folder. |
| 6. | Restart IIS. Your custom code should now be executing on various WFM events. |
Advanced Configuration Options
You might need to impersonate to an Administrator user for validation and conflict analysis operations. For this, users generally need to store the Admin user name and password in the web.config file in clear text. Since this could be a security risk, it is advised to encrypt just this part of the web.config file. Sample changes shown below will help you achieve this.
| • | Step 1: Make Changes to the web.config File |
| • | Step 2: Write Code to Read These Values |
| • | Step 3: Encrypt the Web.config File |
Step 1: Make Changes to the web.config File
To store your user name/password in the web.config file, it is advised to do so in a new custom section in the main web.config file of Workflow Manager. This is achieved by modifying the existing web.config in two places.
To store your user name/password in the web.config file:
| 1. | Locate <configuration> at the top of the web.config file. Immediately after this tag, add the following: |
<configSections>
<section name="IPluginSettings" type="System.Configuration.NameValueSectionHandler" />
</configSections>
| 2. | Scroll to the bottom of web.config, and place the following, immediately before the closing <configuration> tag: |
<IPluginSettings>
<add key="IPluginUserName" value="SomeAdminUser" />
<add key="IPluginPassword" value="AdminPassword" />
<add key="IPluginDomain" value="YourDomainORYourLocalMachine" />
</IPluginSettings>
| 3. | Save the web.config file, and try to open Workflow Manager. |
If you receive an error about web.config, make sure the above changes were done in the right places.
Step 2: Write Code to Read These Values
Now that you have your custom section in the web.config file, your next step is to write code to read these values in your IPlugin code. To read these values, use the following snippet:
object oSection = System.Configuration.ConfigurationManager.GetSection("IPluginSettings");
System.Collections.Specialized.NameValueCollection IPluginSettings =
oSection as System.Collections.Specialized.NameValueCollection;
string UserName = IPluginSettings["IPluginUserName"];
string Password = IPluginSettings["IPluginPassword"];
.
.
.
Step 3: Encrypt the Web.config File
Once you have this working, you then need to encrypt the entries in the web.config file so that they are not in clear text. This is done using the .NET 2.0 Framework executable.
To encrypt the entries in the web.config file:
| 1. | On the web server, open a command line and change the directory to: |
<WindowsVolume>\Windows\Microsoft.NET\Framework\v2.0.50727
| 2. | Run the following: |
aspnet_regiis.exe -pef IPluginSettings "<WFM Location>\wwwroot"
The above assumes your custom section in IPlugin is named IPluginSettings and your web.config file is in the C:\AdminStudioWebComponents_2019\wwwroot location.
You should see a Succeeded! message if encryption worked.
| 3. | Open your web.config file and confirm that your custom section is now encrypted. |
Now, to access the encrypted values, certain rights needs to be given to the user under which the web application is running. This is done to allow the application to access the RSA Key Stores.
| 4. | On the same command line above, run the following command: |
aspnet_regiis.exe -pa "NetFrameworkConfigurationKey" "IUSR_MACHINENAME"
IUSR_MACHINENAME is the user under which the web application is running. This user can be found under Directory Security settings in IIS for the Workflow Manager web site.
Once the above steps are successful, you can now read the values from the encrypted section in web.config. ASP.NET will automatically, at runtime, decrypt these values for you.