Session Code: TLS344 Visual Studio Whidbey: Deploying Applications Using ClickOnce Sean Draine Program Manager Microsoft Corporation.
Download ReportTranscript Session Code: TLS344 Visual Studio Whidbey: Deploying Applications Using ClickOnce Sean Draine Program Manager Microsoft Corporation.
Session Code: TLS344 Visual Studio Whidbey: Deploying Applications Using ClickOnce Sean Draine Program Manager Microsoft Corporation Agenda ClickOnce Design Goals Demo: ClickOnce end to end Signing and Security Demo: Targeting the sandbox Bootstrapping prerequisite components Demo: Component Bootstrapper Summary ClickOnce Vision Bring the ease & reliability of web application deployment to client applications. ClickOnce Design Goals Safety of Web applications Application isolation Easy to install No large infrastructure investment Apps can be installed by User Easy to update App automatically detects and applies updates Web or Rich Client? Web client Portals, search engines, documents, simple forms Reach desktops without .NET Framework ClickOnce rich client Rich user experience Leverage Windows controls and standards Drag/drop, right-click, keyboard shortcuts, etc. Reduce network round trips Offline support Windows shell integration The Best of the Client & Web Web Reach No Touch Deployment Low System Impact Install/Run Per-User Rich / Interactive Offline Windows Shell Integration Per-Machine/Shared Components Unrestricted Install Y Y Y Y Click Once Y Y Y Y Y Y MSI Client Y Y Y Y Y ClickOnce End to End Sean Draine Program Manager Microsoft Corporation Code Access Security ClickOnce apps default to partial trust Permissions based on origin Internet, Intranet, or full trust (local) Apps may need more permission Call unmanaged code (e.g., export to Excel) Access file system Connect to database or Web server Elevating Trust via Policy Improved Policy Model Establish deployment authority Requires one time ever client deployment Trust licenses Issued by authority, deployed with app Included in deployment manifest Trust can be scoped Application Author (public key token) Elevating Trust via Prompting Useful for targeting “PC in the wild” Internet or unmanaged Intranet User is the admin App requests required permissions User prompted if: App needs permissions above the sandbox Internet applications must be Authenticode signed Admin can disable prompting through policy Targeting the Sandbox Debug In Sandbox Debug applications in partial trust Exception Assistant Intellisense In Sandbox Filtered based on security context Permission Calculator Calculates least required permissions Strong name signing ClickOnce manifests must be signed Security: ensures updates came from original author Ensures unique app identity Authenticode signing required for elevated trust on Internet VS Signing Support Large ISVs and Enterprise Private keys worth $$$ Signing in development environment Delay signing Sign with temporary key Signing production bits Private key in lockbox Accessible to build lab only VS Signing Support Departmental, small business, hobbyist Need easy, inexpensive, secure process Lockbox is overkill Keys must be portable and shareable Hard-drive crashes, computer upgrade, small teams Solution: Password-encrypted key files Uses PKCS-12 standard format Key file lives in project Shareable through SCC Enter password once per machine Security and Signing in VS Sean Draine Program Manager Microsoft Corporation .NET Framework Deployment Managed Networks Desktops locked down Push technologies SMS, Intellimirror, Imaging Unmanaged PCs User is the admin Component Bootstrapper FX installed as part of app setup Component Bootstrapper Lightweight setup.exe Detects prerequisites Downloads/installs as needed Web or disk installations Manages reboots Supports any msi or exe installer Out of the box .NET FX, MDAC 9, MSDE, J#, & MSI 2.0 Fully extensible for other components Bootstrapper in action Web Server Setup.exe Dotnetfx.exe Mdac_typ.exe Foo.msi App.deploy Client PC Web a MDAC detected! Reboot a Bootstrapping Custom Components Sean Draine Program Manager Microsoft Corporation Summary ClickOnce makes rich client deployment easy and safe Component Bootstrapper allows easy redistribution of prerequisites VS makes ClickOnce deployment easy Additional Resources Related sessions Session CLI371: Longhorn MSI enhancements (Room and time) Session CLI400: Advanced topics in web based deployment (Room and time) Other resources Hands on Lab 604 © 2003-2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.