Embed Size (px)
Citation preview
1
Introducing ClickOnce: The New Application Deployment Model forWindows Forms and “Avalon” Jamie Cool ([email protected])Program ManagerMicrosoft Corporation
Session Code: CLI370
2
AgendaAgenda
Client Deployment Re-visitedClickOnce Walkthrough & Demos
Reliable & easy web based installsDeployment & update optionsSecurity model
Questions
Client Deployment Re-visitedClickOnce Walkthrough & Demos
Reliable & easy web based installsDeployment & update optionsSecurity model
Questions
3
Tools
Client Application Model
Avalon Windows Forms
Web & Service Application Model
ASP.NET / Indigo Win FSCompact
FrameworkYukon Mobile PC Optimized
System.HelpSystem.Help
System.DrawingSystem.Drawing
System.NaturalLanguageServicesSystem.NaturalLanguageServices
Data Systems Application Model
Presentation Data
Mobile PC & Devices Application Model
Communication
Command Line
NT Service
DataSetDataSet
MappingMapping
ObjectSpacesObjectSpaces
ObjectSpaceObjectSpace
QueryQuery
SchemaSchema
ItemItem
RelationshipRelationship
MediaMedia
AudioAudio
VideoVideo
ImagesImages
System.MessagingSystem.Messaging System.DiscoverySystem.Discovery
System.DirectoryServicesSystem.DirectoryServices
System.RemotingSystem.Remoting
System.Runtime.RemotingSystem.Runtime.Remoting
ActiveDirectoryActiveDirectory
UddiUddi
System.Web.ServicesSystem.Web.Services
Web.ServiceWeb.Service
DescriptionDescription
DiscoveryDiscovery
ProtocolsProtocols
System.MessageBusSystem.MessageBus
TransportTransport
PortPort
ChannelChannel
ServiceService
QueueQueue
PubSubPubSub
RouterRouter
System.TimersSystem.Timers
System.GlobalizationSystem.Globalization
System.SerializationSystem.Serialization
System.ThreadingSystem.Threading
System.TextSystem.Text
System.DesignSystem.Design
Base & Application Services
Fundamentals
System.ComponentModelSystem.ComponentModel
System.CodeDomSystem.CodeDom
System.ReflectionSystem.Reflection
System.EnterpriseServicesSystem.EnterpriseServices
System.TransactionsSystem.Transactions
Security
System.Windows.TrustManagementSystem.Windows.TrustManagement
System.Web.SecuritySystem.Web.Security
System.MessageBus.SecuritySystem.MessageBus.Security
AuthorizationAuthorization
AccessControlAccessControl
CredentialsCredentials
CryptographyCryptography
System.Web.ConfigurationSystem.Web.Configuration
System.MessageBus.ConfigurationSystem.MessageBus.Configuration
System.ConfigurationSystem.Configuration
System.ResourcesSystem.ResourcesSystem.ManagementSystem.Management
System.DeploymentSystem.Deployment
System.DiagnosticsSystem.Diagnostics
Configuration Deployment/Management
System.WindowsSystem.Windows System.WindowsSystem.WindowsSystem.Windows.FormsSystem.Windows.Forms
System.ConsoleSystem.Console
System.ServiceProcessSystem.ServiceProcess
System.Windows.FormsSystem.Windows.Forms System.WebSystem.Web System.StorageSystem.Storage System.Data.SqlServ
erSystem.Data.SqlServer
AnimationAnimation
ControlsControls
ControlControl
DesignDesign
PanelPanel
ControlsControls
DialogsDialogs
SideBarSideBar
NotificationNotification
System.WindowsSystem.Windows
DocumentsDocuments
Text ElementText Element
ShapesShapes
ShapeShape
InkInk
UI ElementUI Element ExplorerExplorer MediaMedia
System.Windows.FormsSystem.Windows.Forms
FormsForms
ControlControl
PrintingPrinting
DesignDesign
System.Web.UISystem.Web.UI
PagePage
ControlControl
HtmlControlsHtmlControls
MobileControlsMobileControls
WebControlsWebControls
AdaptorsAdaptors
DesignDesign
PortsPorts
InteropServicesInteropServices
System.RuntimeSystem.Runtime
System.IOSystem.IO
System.CollectionsSystem.Collections
GenericGeneric
System.SearchSystem.Search
AnnotationsAnnotations
MonitoringMonitoring
LoggingLogging
RelevanceRelevance
System.DataSystem.Data
SqlClientSqlClient
SqlTypesSqlTypes
SqlXMLSqlXML
OdbcClientOdbcClient
OleDbClientOleDbClient
OracleClientOracleClient
CoreCore
ContactContact
LocationLocation
MessageMessage
DocumentDocument
EventEvent
System.StorageSystem.Storage
System.WebSystem.Web
PersonalizationPersonalization
CachingCaching
SessionStateSessionState
System.XmlSystem.Xml
SchemaSchema
SerializationSerialization
XpathXpath
QueryQuery
PermissionsPermissions
PolicyPolicy
PrincipalPrincipal
TokenToken
System.SecuritySystem.Security
System.CollaborationSystem.Collaboration
RealTimeEndpointRealTimeEndpoint
TransientDataSessionTransientDataSession
SignalingSessionSignalingSession
MediaMedia
ActivitiesActivities
HttpWebRequestHttpWebRequest
FtpWebListenerFtpWebListener
SslClientStreamSslClientStream
WebClientWebClient
System.NetSystem.Net
NetworkInformationNetworkInformation
SocketsSockets
CacheCache
System.WebSystem.Web
AdministrationAdministration
ManagementManagement
NavigationNavigation
Peer GroupPeer Group
PolicyPolicy
SerializationSerialization
CompilerServicesCompilerServices
RecognitionRecognition
System.SpeechSystem.Speech
SynthesisSynthesis
4
Deployment ProblemsDeployment Problems
Installing client apps is fragileWill the install of app1 break app2?Traditional DLL hell problem
Installing client apps is hard & expensive
Must touch every clientBoth for 1st time install & subsequent updates
Installing client apps is fragileWill the install of app1 break app2?Traditional DLL hell problem
Installing client apps is hard & expensive
Must touch every clientBoth for 1st time install & subsequent updates
5
ClickOnce VisionClickOnce Vision
Bring the ease & reliability of web application deployment to client applications.
Bring the ease & reliability of web application deployment to client applications.
6
ClickOnce User Experience
Running a client app from the web
7
V1 of the .NET FrameworkV1 of the .NET Framework
Addressed #1 app safety issue, DLL Hell
Application IsolationControlled versioning of shared componentsDid not address application install safety
Began to address ease of deployment
Run from URL/UNC exes, browser controls…ClickOnce builds upon these technologies
Addressed #1 app safety issue, DLL Hell
Application IsolationControlled versioning of shared componentsDid not address application install safety
Began to address ease of deployment
Run from URL/UNC exes, browser controls…ClickOnce builds upon these technologies
8
Development ExperienceDevelopment Experience
Integrated VS SupportIntegrated to core project systemSetup is not a post-development operation
Publish WizardCopies application to web serverFTP, UNC, FrontPage Server Extensions
Integrated VS SupportIntegrated to core project systemSetup is not a post-development operation
Publish WizardCopies application to web serverFTP, UNC, FrontPage Server Extensions
9
ClickOnce End-To-End
Building, deploying & updating a client application
10
The Best of the Client & WebThe Best of the Client & Web
Web ClickOnce
MSI Client
Reach Y
No Touch Deployment Y Y
Low System Impact Y Y
Install/Run Per-User Y Y
Rich / Interactive Y Y
Offline Y Y
Windows Shell Integration Y Y
Per-Machine/Shared Components
Y
Unrestricted Install Y
11
Install GoalsInstall GoalsReduce install fragility
Allow what’s low impactEx. App file copy, start menu integration, etc…
Can always undo what was installed
Disallow what’s not low impactApps never run with admin rights (LUA)
Driver registration, COM objects, etc..
Custom actions; large source of install uncertainty
Expand the definition of “low impact”
Requires OS Changes. Starts with Longhorn
Reduce install fragility
Allow what’s low impactEx. App file copy, start menu integration, etc…
Can always undo what was installed
Disallow what’s not low impactApps never run with admin rights (LUA)
Driver registration, COM objects, etc..
Custom actions; large source of install uncertainty
Expand the definition of “low impact”
Requires OS Changes. Starts with Longhorn
12
Install-Time SupportInstall-Time SupportClickOnce “Whidbey”
ClickOnce “Longhorn
”
MSI
Low Impact Yes Yes No*Application Files Yes Yes YesStart Menu / ARP Yes Yes YesRegFree COM (XP)
Yes Yes Yes
File Associations Yes Yes
Shell Extensions Yes Yes
Managed Config Yes Yes
Shared Component
Yes
Custom Actions Yes*MSI is flexible, what it does is totally up to the MSI developer.
13
VS BootstrapperBridging the Gap to the FutureVS BootstrapperBridging the Gap to the Future
Lay down application pre-reqsEx. (.NET FX, Crystal, DirectX, MDAC, etc…)Must be an admin to run BootstrapperExtensible
Install ClickOnce application after pre-reqsUse ClickOnce for auto-updates No auto-updates of pre-reqs components
.NET FX V1.1 Bootstrapper available todayAll ClickOnce apps require the .NET FX
FX is part of “Longhorn”
Lay down application pre-reqsEx. (.NET FX, Crystal, DirectX, MDAC, etc…)Must be an admin to run BootstrapperExtensible
Install ClickOnce application after pre-reqsUse ClickOnce for auto-updates No auto-updates of pre-reqs components
.NET FX V1.1 Bootstrapper available todayAll ClickOnce apps require the .NET FX
FX is part of “Longhorn”
14
Declarative InstallDeclarative Install
Application ManifestDescribes the applicationEx.. What assemblies constitute the appAuthored by the developer
Deployment ManifestDescribes the application deploymentEx.. What version clients should runAuthored by the administrator
Application ManifestDescribes the applicationEx.. What assemblies constitute the appAuthored by the developer
Deployment ManifestDescribes the application deploymentEx.. What version clients should runAuthored by the administrator
15
Run & Update from the WebRun & Update from the Web
Deployment Manifest
1.0
Deployment Manifest
1.0Application Manifest
1.0
Application Manifest
1.0
Web Page w/ Link to Manifest
Web Page w/ Link to Manifest Application
Manifest
1.1
Application Manifest
1.1
Assembly List…
1.1
Assembly List…
16
Deployment OptionsDeployment Options
‘Installed’ ApplicationsFrom Web, UNC or CDStart Menu, Add/Remove ProgramsVaried update options
‘Launched' ApplicationsApp launches but doesn’t “install”No Start Menu, Add/Remove ProgramsAlways update on launch
‘Installed’ ApplicationsFrom Web, UNC or CDStart Menu, Add/Remove ProgramsVaried update options
‘Launched' ApplicationsApp launches but doesn’t “install”No Start Menu, Add/Remove ProgramsAlways update on launch
17
Update OptionsUpdate OptionsOn App Startup
If found, ask user to update app
After App StartupIf found, ask user to update on next run
ProgrammaticIntegrate update experience into app
Required Update can specify minimum version required
Background UpdatesUpdates drizzle in silently – like Windows Updates“Longhorn” only
On App StartupIf found, ask user to update app
After App StartupIf found, ask user to update on next run
ProgrammaticIntegrate update experience into app
Required Update can specify minimum version required
Background UpdatesUpdates drizzle in silently – like Windows Updates“Longhorn” only
18
Secure UpdatesSecure Updates
Only the original deployer can updateNo auto-deployment of viruses
Manifests are signedXMLDSIGDeployer key needed to publish updates
Only the original deployer can updateNo auto-deployment of viruses
Manifests are signedXMLDSIGDeployer key needed to publish updates
19
“Longhorn Web” Apps“Longhorn Web” Apps
Integrated with BrowserInstall UI built into browser Best possible user experienceLeverages Avalon app/navigation modelNo shell presence (ex. Start Menu shortcut)Runs in semi-trust
Progressive InstallApp automatically installs as it’s usedFile level install
Integrated with BrowserInstall UI built into browser Best possible user experienceLeverages Avalon app/navigation modelNo shell presence (ex. Start Menu shortcut)Runs in semi-trust
Progressive InstallApp automatically installs as it’s usedFile level install
20
“Longorn Web” Apps
Deploying & running an app in the browser
21
Security: The Sandbox (SEE)Security: The Sandbox (SEE)
Apps run in secure sandbox by default
Similar to IE javascriptEnsures applications are safe to run
Increased sandbox size“Longhorn” > “Whidbey” > .NET V1.1
VS helps author for the sandboxDebug in ZonePermissionCalcSecurity Exception helper
Apps run in secure sandbox by default
Similar to IE javascriptEnsures applications are safe to run
Increased sandbox size“Longhorn” > “Whidbey” > .NET V1.1
VS helps author for the sandboxDebug in ZonePermissionCalcSecurity Exception helper
22
Security: Sandbox Restrictions Security: Sandbox Restrictions
Some apps need more permissionUn-managed code access
Export to Excel or any MS Office integration
Un-restricted file accessUn-restricted network access
Some apps need more permissionUn-managed code access
Export to Excel or any MS Office integration
Un-restricted file accessUn-restricted network access
23
Security: Policy DeploymentSecurity: Policy Deployment
Application level policy“Trust this app”“App” defined by it’s app manifestBaked into core CLR security
Trust LicensesLicense issued by admin, deployed with appLicense indicates admin says app is trustedRequires only one-time (ever) client touch
To configure trusted license issuer
Application level policy“Trust this app”“App” defined by it’s app manifestBaked into core CLR security
Trust LicensesLicense issued by admin, deployed with appLicense indicates admin says app is trustedRequires only one-time (ever) client touch
To configure trusted license issuer
24
User ConsentUser Consent
Admins should make trust decisions, but…
Not always possibleHome users are their own admin
Users make trust decisions all the time
Putting a CD in their computerInstalling softwareSubmitting a Credit card to a web page
Admins should make trust decisions, but…
Not always possibleHome users are their own admin
Users make trust decisions all the time
Putting a CD in their computerInstalling softwareSubmitting a Credit card to a web page
25
User Consent DesignUser Consent Design
App request permissions neededRequests specified in app manifestVS helps identify needed permissions
Prompt is simple & binaryHappens at install / 1st launchCombined Install & Trust Prompt
User prompted if:App needs permissions above the sandboxAdmin has configured to allow prompting
App request permissions neededRequests specified in app manifestVS helps identify needed permissions
Prompt is simple & binaryHappens at install / 1st launchCombined Install & Trust Prompt
User prompted if:App needs permissions above the sandboxAdmin has configured to allow prompting
26
ClickOnce Security
Declarative security & user consent
27
ClickOnce APIsClickOnce APIs
Update SupportControl when & how the app updatesCheckForUpdate(), Update(), etc..
On-Demand SupportDownload files as neededDownload only required files at 1st installUse API to trigger download of files as neededReplaces Assembly.LoadFrom()
Update SupportControl when & how the app updatesCheckForUpdate(), Update(), etc..
On-Demand SupportDownload files as neededDownload only required files at 1st installUse API to trigger download of files as neededReplaces Assembly.LoadFrom()
28
Other Sessions…Other Sessions…
Session Date/TimeCLI400: Advanced Topics in Web Based Application Deployment for Windows Forms and "Avalon"
Wens, 2:00 PM
TLS344: Visual Studio "Whidbey": Deploying Applications Using ClickOnce
Wens, 10:00 AM
CLI303: Avalon: Creating Windows “Longhorn” User Experiences
Wens, 3:30 PM
CLI312: Windows “Longhorn”: Enhancements for a Trustworthy Application Experience
Wens, 5:00 PM
29
Call to ActionCall to Action
Use ClickOnce! Included in “Whidbey” & “Longhorn” Alphas
Give us your Feedback!What do you like?What’s missing?What did you have problems with?
Use ClickOnce! Included in “Whidbey” & “Longhorn” Alphas
Give us your Feedback!What do you like?What’s missing?What did you have problems with?
30© 2003-2004 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
