1 / 23

Visual Studio Whidbey: Deploying Applications Using ClickOnce

Session Code: TLS344. Visual Studio Whidbey: Deploying Applications Using ClickOnce. Sean Draine Program Manager Microsoft Corporation. Agenda. ClickOnce Design Goals Demo: ClickOnce end to end Signing and Security Demo: Targeting the sandbox Bootstrapping prerequisite components

leon
Download Presentation

Visual Studio Whidbey: Deploying Applications Using ClickOnce

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Session Code:TLS344 Visual Studio Whidbey: Deploying Applications Using ClickOnce Sean Draine Program Manager Microsoft Corporation

  2. Agenda • ClickOnce Design Goals • Demo: ClickOnce end to end • Signing and Security • Demo: Targeting the sandbox • Bootstrapping prerequisite components • Demo: Component Bootstrapper • Summary

  3. ClickOnce Vision Bring the ease & reliability of web application deployment to client applications.

  4. ClickOnce Design Goals • Safety of Web applications • Application isolation • Easy to install • No large infrastructure investment • Apps can be installed by User • Easy to update • App automatically detects and applies updates

  5. Web or Rich Client? • Web client • Portals, search engines, documents, simple forms • Reach desktops without .NET Framework • ClickOnce rich client • Rich user experience • Leverage Windows controls and standards • Drag/drop, right-click, keyboard shortcuts, etc. • Reduce network round trips • Offline support • Windows shell integration

  6. The Best of the Client & Web

  7. ClickOnce End to End Sean DraineProgram Manager Microsoft Corporation

  8. Code Access Security • ClickOnce apps default to partial trust • Permissions based on origin • Internet, Intranet, or full trust (local) • Apps may need more permission • Call unmanaged code (e.g., export to Excel) • Access file system • Connect to database or Web server

  9. Elevating Trust via PolicyImproved Policy Model • Establish deployment authority • Requires one time ever client deployment • Trust licenses • Issued by authority, deployed with app • Included in deployment manifest • Trust can be scoped • Application • Author (public key token)

  10. Elevating Trust via Prompting • Useful for targeting “PC in the wild” • Internet or unmanaged Intranet • User is the admin • App requests required permissions • User prompted if: • App needs permissions above the sandbox • Internet applications must be Authenticode signed • Admin can disable prompting through policy

  11. Targeting the Sandbox • Debug In Sandbox • Debug applications in partial trust • Exception Assistant • Intellisense In Sandbox • Filtered based on securitycontext • Permission Calculator • Calculates least required permissions

  12. Strong name signing • ClickOnce manifests must be signed • Security: ensures updates came from original author • Ensures unique app identity • Authenticode signing required for elevated trust on Internet

  13. VS Signing SupportLarge ISVs and Enterprise • Private keys worth $$$ • Signing in development environment • Delay signing • Sign with temporary key • Signing production bits • Private key in lockbox • Accessible to build lab only

  14. VS Signing SupportDepartmental, small business, hobbyist • Need easy, inexpensive, secure process • Lockbox is overkill • Keys must be portable and shareable • Hard-drive crashes, computer upgrade, small teams • Solution: Password-encrypted key files • Uses PKCS-12 standard format • Key file lives in project • Shareable through SCC • Enter password once per machine

  15. Security and Signing in VS Sean DraineProgram Manager Microsoft Corporation

  16. .NET Framework Deployment • Managed Networks • Desktops locked down • Push technologies • SMS, Intellimirror, Imaging • Unmanaged PCs • User is the admin • Component Bootstrapper • FX installed as part of app setup

  17. Component Bootstrapper • Lightweight setup.exe • Detects prerequisites • Downloads/installs as needed • Web or disk installations • Manages reboots • Supports any msi or exe installer • Out of the box • .NET FX, MDAC 9, MSDE, J#, & MSI 2.0 • Fully extensible for other components

  18. Client PC Web Bootstrapper in action Web Server Setup.exe Setup.exe Dotnetfx.exe Dotnetfx.exe Mdac_typ.exe Foo.msi Foo.msi a Reboot App.deploy App.deploy MDAC detected! a

  19. Bootstrapping Custom Components Sean DraineProgram Manager Microsoft Corporation

  20. Summary • ClickOnce makes rich client deployment easy and safe • Component Bootstrapper allows easy redistribution of prerequisites • VS makes ClickOnce deployment easy

  21. Additional Resources • Related sessions • Session CLI371: Longhorn MSI enhancements (Room and time) • Session CLI400: Advanced topics in web based deployment (Room and time) • Other resources • Hands on Lab 604

  22. © 2003-2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

More Related