Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX


Take the Pain Out of Deployments with ClickOnce : Page 3

Deploying Windows applications in the age of client-server computing has never been easy. But smart client architecture offers a revolution that makes deployments and maintenance stress-free. Find out how to use the ClickOnce technology to turn your clients into smart clients.

Configuring ClickOnce Security Settings using Code Access Security
By default, an application deployed by ClickOnce runs under Full Trust. You can verify the trust level for your applications by going to the Security tab of the project Properties window (see Figure 8).

Figure 8. Full Trust: The default for ClickOnce applications is full trust.
Under Full Trust, the application has unrestricted access to resources such as files, registry, as well as network. This can be potentially dangerous as it opens the possibility of your code being exploited by malicious code. To prevent this, a good solution is to limit the permissions for your application to only what is necessary.

I'll now modify the ClickOnce Security Permissions for the sample application to make it more secure. From the Security tab of the Properties window, check the option for "This is a partial trust application" and select the Local Intranet zone. Take note of the various permissions recommended. In particular, look out for the following permissions:

Table 1. Important Permission to Limit for Security

Permission Required for …
FileDialogPermission Displaying the Open and Save As dialog windows
FileIOPermission Performing file I/O (read/write)
WebPermission Connecting to the Internet. E.g. Accessing Web services

Author's Note: The Internet Zone contains much more restrictive permissions than the Local Intranet Zone.

Notice that for the FileDialogPermission, under the "Included" column, there is a green check icon (see Figure 9). This indicates that this permission is implicitly granted and the application can invoke the Open and Save As dialog windows under this security setting. However, for both the FileIOPermission and the WebPermission permissions, there is no check icon and the permission defaults to the Zone Default (which is Exclude).

Figure 9. Permission: You'll need to manually set the permissions in order to make your application more secure.
Figure 10. Take 2: Here's the publish page again, this time with a new version number.

The next thing I want to do is publish this application and test the behavior as if a user tried to run it. To do that I'll save the project and republish it (Build—>Publish MyEditor). You will be taken through the same steps again. The sample publish Web page will appear. Note that this time, the version number is (see Figure 10; you will see how to customize this later in this article). The version number has changed because I modified the permissions for this application. Thus, for any clients with the application already installed, an update to the application is now required.

You need not click on the Install button to re-install the application. By default, ClickOnce will check for updates every time an application is launched. So, launch the MyEditor application by going to Start—>Programs—><Company Name> —>MyEditor.

You will be alerted that there is a new version of the application available (see Figure 11). Click OK to upgrade the application.

Figure 11. Time to Upgrade: Upon launching the application a second time, ClickOnce prompts you to upgrade to the new version.
Figure 12. Not Allowed: This security exception displays when the user tries to Open or Save As, thanks to the stricter security permissions I created in the new version of the app.

When the application launches, type some text into the editor. Select a word, right-click on it and select Spell Check. You will notice that the Web service can be invoked without any problems. Now, click on the Open or Save As button and try to either load or save a file. The Open and Save As dialog windows will display, but thanks to the stricter security permission I created, it now prompts me with a security exception dialog (see Figure 12). This is because, by default, in the Intranet Zone, file I/O operations are not allowed. They must be explicitly included in the permission to run without a warning.

Back in Visual Studio 2005, if you set the FileIOPermission's Settings to Include (see Figure 13) and republish the application, you will now be able to perform file I/O operations. Notice that the icon now changes to an exclamation mark inside a yellow triangle, signifying that this operation requires elevated permission to execute.

Figure 13. Allowance: File I/O has now been explicitly permitted.
Figure 14. Advanced: Click the Advanced button to see the advanced security settings for your application.

If you scroll down the list of permissions, you will notice that by default the WebPermission is "(Zone Default)" (permission is denied). However, if you deploy the application and try to use the spell-check Web service, you will notice that the spell check service still works. This is because in the Advanced Security Settings (click on the Advanced button; see Figure 14) of the application, permission is granted to the application to access its site of origin (the spell-check Web service is hosted on the same server as the deployment server).

Figure 15. Finely Tuned Security: You can fine-tuning the permission settings.
However, if the application tries to access a Web service hosted on another server, a security exception will be raised. To prevent this, just set the WebPermission permission to Include.

For some permissions, you can fine-tune the permissions assigned. For example, when you select the FileDialogPermission permission and click on Properties…, you can grant permission to the specific type of dialog boxes (see Figure 15).

Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.