Visual studio whidbey deploying applications using clickonce
1 / 23

Visual Studio Whidbey: Deploying Applications Using ClickOnce - PowerPoint PPT Presentation

  • Updated On :

Session Code: TLS344. Visual Studio Whidbey: Deploying Applications Using ClickOnce. Sean Draine Program Manager Microsoft Corporation. Agenda. ClickOnce Design Goals Demo: ClickOnce end to end Signing and Security Demo: Targeting the sandbox Bootstrapping prerequisite components

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Visual Studio Whidbey: Deploying Applications Using ClickOnce' - leon

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Visual studio whidbey deploying applications using clickonce

Session Code:TLS344

Visual Studio Whidbey: Deploying Applications Using ClickOnce

Sean Draine

Program Manager

Microsoft Corporation


  • ClickOnce Design Goals

  • Demo: ClickOnce end to end

  • Signing and Security

  • Demo: Targeting the sandbox

  • Bootstrapping prerequisite components

  • Demo: Component Bootstrapper

  • Summary

Clickonce vision
ClickOnce Vision

Bring the ease & reliability of web application deployment to client applications.

Clickonce design goals
ClickOnce Design Goals

  • Safety of Web applications

    • Application isolation

  • Easy to install

    • No large infrastructure investment

    • Apps can be installed by User

  • Easy to update

    • App automatically detects and applies updates

Web or rich client
Web or Rich Client?

  • Web client

    • Portals, search engines, documents, simple forms

    • Reach desktops without .NET Framework

  • ClickOnce rich client

    • Rich user experience

      • Leverage Windows controls and standards

      • Drag/drop, right-click, keyboard shortcuts, etc.

      • Reduce network round trips

    • Offline support

    • Windows shell integration

Clickonce end to end

ClickOnce End to End

Sean DraineProgram Manager

Microsoft Corporation

Code access security
Code Access Security

  • ClickOnce apps default to partial trust

    • Permissions based on origin

    • Internet, Intranet, or full trust (local)

  • Apps may need more permission

    • Call unmanaged code (e.g., export to Excel)

    • Access file system

    • Connect to database or Web server

Elevating trust via policy improved policy model
Elevating Trust via PolicyImproved Policy Model

  • Establish deployment authority

    • Requires one time ever client deployment

  • Trust licenses

    • Issued by authority, deployed with app

    • Included in deployment manifest

    • Trust can be scoped

      • Application

      • Author (public key token)

Elevating trust via prompting
Elevating Trust via Prompting

  • Useful for targeting “PC in the wild”

    • Internet or unmanaged Intranet

    • User is the admin

  • App requests required permissions

    • User prompted if:

      • App needs permissions above the sandbox

      • Internet applications must be Authenticode signed

  • Admin can disable prompting through policy

Targeting the sandbox
Targeting the Sandbox

  • Debug In Sandbox

    • Debug applications in partial trust

    • Exception Assistant

  • Intellisense In Sandbox

    • Filtered based on securitycontext

  • Permission Calculator

    • Calculates least required permissions

Strong name signing
Strong name signing

  • ClickOnce manifests must be signed

    • Security: ensures updates came from original author

    • Ensures unique app identity

  • Authenticode signing required for elevated trust on Internet

Vs signing support large isvs and enterprise
VS Signing SupportLarge ISVs and Enterprise

  • Private keys worth $$$

  • Signing in development environment

    • Delay signing

    • Sign with temporary key

  • Signing production bits

    • Private key in lockbox

    • Accessible to build lab only

Vs signing support departmental small business hobbyist
VS Signing SupportDepartmental, small business, hobbyist

  • Need easy, inexpensive, secure process

    • Lockbox is overkill

  • Keys must be portable and shareable

    • Hard-drive crashes, computer upgrade, small teams

  • Solution: Password-encrypted key files

    • Uses PKCS-12 standard format

    • Key file lives in project

    • Shareable through SCC

    • Enter password once per machine

Security and signing in vs

Security and Signing in VS

Sean DraineProgram Manager

Microsoft Corporation

Net framework deployment
.NET Framework Deployment

  • Managed Networks

    • Desktops locked down

    • Push technologies

      • SMS, Intellimirror, Imaging

  • Unmanaged PCs

    • User is the admin

    • Component Bootstrapper

      • FX installed as part of app setup

Component bootstrapper
Component Bootstrapper

  • Lightweight setup.exe

    • Detects prerequisites

    • Downloads/installs as needed

  • Web or disk installations

  • Manages reboots

  • Supports any msi or exe installer

    • Out of the box

      • .NET FX, MDAC 9, MSDE, J#, & MSI 2.0

    • Fully extensible for other components

Bootstrapper in action

Client PC


Bootstrapper in action

Web Server












MDAC detected!


Bootstrapping custom components

Bootstrapping Custom Components

Sean DraineProgram Manager

Microsoft Corporation


  • ClickOnce makes rich client deployment easy and safe

  • Component Bootstrapper allows easy redistribution of prerequisites

  • VS makes ClickOnce deployment easy

Additional resources
Additional Resources

  • Related sessions

    • Session CLI371: Longhorn MSI enhancements (Room and time)

    • Session CLI400: Advanced topics in web based deployment (Room and time)

  • Other resources

    • Hands on Lab 604

© 2003-2004 Microsoft Corporation. All rights reserved.

This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.