Visual studio whidbey deploying applications using clickonce
This presentation is the property of its rightful owner.
Sponsored Links
1 / 23

Visual Studio Whidbey: Deploying Applications Using ClickOnce PowerPoint PPT Presentation


  • 215 Views
  • Updated On :
  • Presentation posted in: General

Session Code: TLS344. Visual Studio Whidbey: Deploying Applications Using ClickOnce. Sean Draine Program Manager Microsoft Corporation. Agenda. ClickOnce Design Goals Demo: ClickOnce end to end Signing and Security Demo: Targeting the sandbox Bootstrapping prerequisite components

Download Presentation

Visual Studio Whidbey: Deploying Applications Using ClickOnce

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Visual studio whidbey deploying applications using clickonce

Session Code:TLS344

Visual Studio Whidbey: Deploying Applications Using ClickOnce

Sean Draine

Program Manager

Microsoft Corporation


Agenda

Agenda

  • ClickOnce Design Goals

  • Demo: ClickOnce end to end

  • Signing and Security

  • Demo: Targeting the sandbox

  • Bootstrapping prerequisite components

  • Demo: Component Bootstrapper

  • Summary


Clickonce vision

ClickOnce Vision

Bring the ease & reliability of web application deployment to client applications.


Clickonce design goals

ClickOnce Design Goals

  • Safety of Web applications

    • Application isolation

  • Easy to install

    • No large infrastructure investment

    • Apps can be installed by User

  • Easy to update

    • App automatically detects and applies updates


Web or rich client

Web or Rich Client?

  • Web client

    • Portals, search engines, documents, simple forms

    • Reach desktops without .NET Framework

  • ClickOnce rich client

    • Rich user experience

      • Leverage Windows controls and standards

      • Drag/drop, right-click, keyboard shortcuts, etc.

      • Reduce network round trips

    • Offline support

    • Windows shell integration


The best of the client web

The Best of the Client & Web


Clickonce end to end

ClickOnce End to End

Sean DraineProgram Manager

Microsoft Corporation


Code access security

Code Access Security

  • ClickOnce apps default to partial trust

    • Permissions based on origin

    • Internet, Intranet, or full trust (local)

  • Apps may need more permission

    • Call unmanaged code (e.g., export to Excel)

    • Access file system

    • Connect to database or Web server


Elevating trust via policy improved policy model

Elevating Trust via PolicyImproved Policy Model

  • Establish deployment authority

    • Requires one time ever client deployment

  • Trust licenses

    • Issued by authority, deployed with app

    • Included in deployment manifest

    • Trust can be scoped

      • Application

      • Author (public key token)


Elevating trust via prompting

Elevating Trust via Prompting

  • Useful for targeting “PC in the wild”

    • Internet or unmanaged Intranet

    • User is the admin

  • App requests required permissions

    • User prompted if:

      • App needs permissions above the sandbox

      • Internet applications must be Authenticode signed

  • Admin can disable prompting through policy


Targeting the sandbox

Targeting the Sandbox

  • Debug In Sandbox

    • Debug applications in partial trust

    • Exception Assistant

  • Intellisense In Sandbox

    • Filtered based on securitycontext

  • Permission Calculator

    • Calculates least required permissions


Strong name signing

Strong name signing

  • ClickOnce manifests must be signed

    • Security: ensures updates came from original author

    • Ensures unique app identity

  • Authenticode signing required for elevated trust on Internet


Vs signing support large isvs and enterprise

VS Signing SupportLarge ISVs and Enterprise

  • Private keys worth $$$

  • Signing in development environment

    • Delay signing

    • Sign with temporary key

  • Signing production bits

    • Private key in lockbox

    • Accessible to build lab only


Vs signing support departmental small business hobbyist

VS Signing SupportDepartmental, small business, hobbyist

  • Need easy, inexpensive, secure process

    • Lockbox is overkill

  • Keys must be portable and shareable

    • Hard-drive crashes, computer upgrade, small teams

  • Solution: Password-encrypted key files

    • Uses PKCS-12 standard format

    • Key file lives in project

    • Shareable through SCC

    • Enter password once per machine


Security and signing in vs

Security and Signing in VS

Sean DraineProgram Manager

Microsoft Corporation


Net framework deployment

.NET Framework Deployment

  • Managed Networks

    • Desktops locked down

    • Push technologies

      • SMS, Intellimirror, Imaging

  • Unmanaged PCs

    • User is the admin

    • Component Bootstrapper

      • FX installed as part of app setup


Component bootstrapper

Component Bootstrapper

  • Lightweight setup.exe

    • Detects prerequisites

    • Downloads/installs as needed

  • Web or disk installations

  • Manages reboots

  • Supports any msi or exe installer

    • Out of the box

      • .NET FX, MDAC 9, MSDE, J#, & MSI 2.0

    • Fully extensible for other components


Bootstrapper in action

Client PC

Web

Bootstrapper in action

Web Server

Setup.exe

Setup.exe

Dotnetfx.exe

Dotnetfx.exe

Mdac_typ.exe

Foo.msi

Foo.msi

a

Reboot

App.deploy

App.deploy

MDAC detected!

a


Bootstrapping custom components

Bootstrapping Custom Components

Sean DraineProgram Manager

Microsoft Corporation


Summary

Summary

  • ClickOnce makes rich client deployment easy and safe

  • Component Bootstrapper allows easy redistribution of prerequisites

  • VS makes ClickOnce deployment easy


Additional resources

Additional Resources

  • Related sessions

    • Session CLI371: Longhorn MSI enhancements (Room and time)

    • Session CLI400: Advanced topics in web based deployment (Room and time)

  • Other resources

    • Hands on Lab 604


Visual studio whidbey deploying applications using clickonce

© 2003-2004 Microsoft Corporation. All rights reserved.

This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.


  • Login