Windows Forms 2.0 – Windows Forms 2.0 – ClickOnceClickOnce
Stephen TurnerStephen TurnerSoftware Design EngineerSoftware Design [email protected]@microsoft.com
AgendaAgenda
State of deploymentsState of deploymentsClickOnce basicsClickOnce basicsClickOnce securityClickOnce securityProgramming ClickOnceProgramming ClickOnce
Deployment ProblemsDeployment Problems
Client applications can be fragileClient applications can be fragileWill the installation of one application Will the installation of one application break another application?break another application?Traditional DLL-conflict problemTraditional DLL-conflict problem
Installing client applications is hard Installing client applications is hard and expensiveand expensive
Must touch every clientMust touch every clientFor both the initial installation and For both the initial installation and updatesupdates
Web-based applicationsWeb-based applicationsSolved many deployment issues, but Solved many deployment issues, but there’s a “but"there’s a “but"At the expense of a rich client experienceAt the expense of a rich client experience
.NET Framework 1.0.NET Framework 1.0
Addressed the issue of DLL conflictAddressed the issue of DLL conflictIntroduced application isolationIntroduced application isolationControlled the versioning of shared Controlled the versioning of shared componentscomponents
Began to address the ease-of-Began to address the ease-of-deployment issuedeployment issue
Run executable files from URL or UNCRun executable files from URL or UNCHREF executable filesHREF executable files
Set the stage for ClickOnceSet the stage for ClickOnce
Best of the Client & the WebBest of the Client & the Web
WebWeb ClickOnceClickOnceMSI MSI
ClientClient
ReachReach
““No Touch” DeploymentNo Touch” Deployment
Low System ImpactLow System Impact
Install and Run per UserInstall and Run per User
Rich and InteractiveRich and Interactive
Offline AccessOffline Access
Windows Shell IntegrationWindows Shell Integration
Per-Computer and Shared Per-Computer and Shared ComponentsComponents
Unrestricted Installation Unrestricted Installation
ClickOnce BasicsClickOnce Basics
IDE support in Visual Studio 2005IDE support in Visual Studio 2005Integrated with core project typesIntegrated with core project typesSetup is not a post-development taskSetup is not a post-development task
Project DesignerProject DesignerPublish pane Publish pane Security paneSecurity pane
Publish WizardPublish WizardCopies the application to a Web serverCopies the application to a Web server
Server extensions through Microsoft Server extensions through Microsoft FrontPage®FrontPage®
FTP or network file shareFTP or network file share
Declarative InstallationDeclarative Installation
Application manifestApplication manifestAuthored by the developerAuthored by the developerDescribes the applicationDescribes the applicationExample: which assemblies constitute Example: which assemblies constitute the applicationthe application
Deployment manifestDeployment manifestAuthored by the administratorAuthored by the administratorDescribes the application deploymentDescribes the application deploymentExample: which version clients should Example: which version clients should useuse
Web PageWeb Page
Link to ManifestLink to Manifest
Deployment ManifestDeployment Manifest
1.0 1.1
1.0
Application Manifest
1.1
Application Manifest
Update from the WebUpdate from the Web
Deployment OptionsDeployment Options
Launched applicationsLaunched applicationsApplication launches but doesn’t installApplication launches but doesn’t installNo Start menu and no Add or Remove No Start menu and no Add or Remove ProgramsProgramsAlways updates on launchAlways updates on launch
Installed applicationsInstalled applicationsInstall from the Web, a UNC location, or a Install from the Web, a UNC location, or a CD-ROMCD-ROMStart menu and Add or Remove ProgramsStart menu and Add or Remove ProgramsVariety of update optionsVariety of update options
Update ArchitectureUpdate Architecture
Yes
No
Application Application StoreStore
InstalledInstalledUpdate Update Check?Check?StartupStartup
SHIMSHIM
My My ApplicationApplication
Deployment Deployment Framework Framework
ServiceServiceMIMEMIME
.application.application
LaunchedLaunched
Update OptionsUpdate Options
On application startupOn application startupIf an update is found, ask the user to If an update is found, ask the user to update the applicationupdate the application
After application startupAfter application startupIf an update is found, ask the user to If an update is found, ask the user to update on the next runupdate on the next run
Required updatesRequired updatesSpecified by using the minimum required Specified by using the minimum required versionversion
Programmatic updatingProgrammatic updatingIntegrate the update experience into the Integrate the update experience into the applicationapplication
Application BootstrapperApplication Bootstrapper
Installs the application prerequisitesInstalls the application prerequisites.NET FX, Microsoft DirectX®, MDAC, and .NET FX, Microsoft DirectX®, MDAC, and so onso onRequires administrator rightsRequires administrator rightsExtensible architectureExtensible architectureManages rebootsManages reboots
Install the ClickOnce application after Install the ClickOnce application after the prerequisitesthe prerequisites
Use ClickOnce for automatic updates Use ClickOnce for automatic updates No automatic updating of prerequisite No automatic updating of prerequisite componentscomponents
Building, Deploying & Building, Deploying & UpdatingUpdating
Secure Execution Secure Execution EnvironmentEnvironment
ClickOnce applications run in a ClickOnce applications run in a sandbox by defaultsandbox by default
Permissions are based on originPermissions are based on origin Internet, Intranet, or Full TrustInternet, Intranet, or Full Trust
Ensures that applications are safe to runEnsures that applications are safe to runSimilar to Microsoft Internet Explorer and Similar to Microsoft Internet Explorer and JavaScriptJavaScript
Applications often need higher trustApplications often need higher trustCall unmanaged codeCall unmanaged codeAccess the file system or the registryAccess the file system or the registryConnect to a databaseConnect to a databaseConsume Web servicesConsume Web services
Determining PermissionsDetermining Permissions
Security pane of Project DesignerSecurity pane of Project DesignerUse to manually configure permissionsUse to manually configure permissions
Permissions CalculatorPermissions CalculatorCalculates the least-required permissionsCalculates the least-required permissions
Debug in the sandboxDebug in the sandboxDebug applications with partial trustDebug applications with partial trustException AssistantException Assistant
Microsoft Intellisense® in the sandboxMicrosoft Intellisense® in the sandboxFiltered based on the security contextFiltered based on the security context
Trusted Application Trusted Application DeploymentDeployment
Establishes deployment authorityEstablishes deployment authorityOne-time distributionOne-time distributionConfigures the trusted license issuerConfigures the trusted license issuer
Trust licensesTrust licensesIssued by an authorityIssued by an authorityDeployed with applicationsDeployed with applications
Application-developer tasksApplication-developer tasksObtain a trust license (.tlic file)Obtain a trust license (.tlic file)Set the deployment ticket propertySet the deployment ticket property
User Consent ModelUser Consent Model
Users make trust decisions all the timeUsers make trust decisions all the timeInstalling software from CD-ROMsInstalling software from CD-ROMs
Useful for targeting random computersUseful for targeting random computersInternet or unmanaged Intranet Internet or unmanaged Intranet User is the administrator User is the administrator
Request the required permissionsRequest the required permissionsWhen the application needs permissions When the application needs permissions that are higher than the sandboxthat are higher than the sandbox
Administrators can disable prompting Administrators can disable prompting through policythrough policy
Secure UpdatesSecure Updates
ClickOnce manifests are signedClickOnce manifests are signedXMLDSIGXMLDSIGPublisher key is needed to deploy Publisher key is needed to deploy updatesupdatesEnsures that updates come from the Ensures that updates come from the original authororiginal authorGuarantees a unique application identityGuarantees a unique application identity
Only the original publisher can updateOnly the original publisher can updatePrevents the automatic deployment of Prevents the automatic deployment of virusesviruses
Programming ClickOnceProgramming ClickOnce
Application updatingApplication updatingImplement the Update Now menu itemImplement the Update Now menu itemMatch the client with back-end programsMatch the client with back-end programsCustomize when-to-update logicCustomize when-to-update logic
Limit updates to only early adoptersLimit updates to only early adoptersLimit updates based on the server loadLimit updates based on the server load
On-demand downloadOn-demand downloadProgressive installationProgressive installationShell with application plug-insShell with application plug-ins
System.Deployment namespaceSystem.Deployment namespaceApplicationDeploymentApplicationDeployment
Application UpdatingApplication Updating
Control when and how the application Control when and how the application updatesupdates
CheckForUpdateCheckForUpdateGetUpdateCheckInfoGetUpdateCheckInfoUpdateUpdate
Synchronous and asynchronous Synchronous and asynchronous versions of methodsversions of methodsAvailable only for applications that are Available only for applications that are deployed through ClickOncedeployed through ClickOnce
Use IsNetworkDeployedUse IsNetworkDeployed
On-Demand DownloadOn-Demand Download
Group files in the manifestGroup files in the manifestPut related files in the same groupPut related files in the same groupDownload files as a groupDownload files as a groupMarks files as optional in the manifestMarks files as optional in the manifest
Optional files are not downloaded Optional files are not downloaded during the installationduring the installation
AreFilesLocalAreFilesLocalDownloadFilesDownloadFiles
Takes a group or file nameTakes a group or file nameSimultaneously delivery (synchronous or Simultaneously delivery (synchronous or asynchronous) of multiple downloaded filesasynchronous) of multiple downloaded files
SummarySummary
ClickOnce makes client-application ClickOnce makes client-application deployment easy and safedeployment easy and safeVisual Studio bootstrapper facilitates Visual Studio bootstrapper facilitates the easy redistribution of prerequisitesthe easy redistribution of prerequisitesVisual Studio 2005 provides integrated Visual Studio 2005 provides integrated developer support for ClickOncedeveloper support for ClickOnceClickOnce APIs support a variety of ClickOnce APIs support a variety of application-update scenariosapplication-update scenarios
More Information?More Information?
Visual Studio 2005 Developer CenterVisual Studio 2005 Developer Centerhttp://msdn.microsoft.com/vs2005http://msdn.microsoft.com/vs2005
Download Visual Studio Express Editions Download Visual Studio Express Editions for free!for free!
© 2004 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.