ClickOnce and WCF
April 6th, 2006
I’ve been concerned about the relationship between ClickOnce and WCF. Lot of buzz has been generated regarding partial-trust scenario not being supported for WCF v1. I see this as something desirable, but it is not the end of the world 
I’ve written a Smart Client application that leverage WCF. I wanted to deploy it so I choose ClickOnce. ClickOnce supports installing prerequisites as part of the whole process, so I downloaded WinFx and include it as part of the installation. If you are insterested in how to do this, keep reading.
WCF is part of
the WinFX Runtime Components, which is currently in Beta 2 (Feb CTP). The installation of this runtime requires
Admin privileges and the size of the Redistributable package is 45.3 MB.
These are the alternatives to distribute it on client desktops:
- Install
WinFx manually on each desktop - Use SMS
to distribute WinFx - Include
WinFx as part of the prerequisites of the ClickOnce application - Distrubute
an MSI which includes WinFx
I was interested in the 3rd option, so let’s analyze it further
Include WinFx as part of the prerequisites of the
ClickOnce application
ClickOnce has a feature that allows including the
prerequisites of the application to be deployed. When the application is published
it creates a setup bootstraper that will download and install all the
prerequisites (if they were not installed yet) before the ClickOnce application
is executed. This way the deployment will be more controlled as it will be a
single package.
The user executing the setup bootstraper must have
Admin
privileges. If the user logged does not have Admin privileges, an
option would
be to execute Internet Explorer with “Run As…†and login with a local
administrator account. This will at least install the prerequisites and
also the application in the Administrator profile. Later you would need
to open a new IE instance and launch the app again from the currently
logged user.
The following sequence illustrates the install of
prerequisites (.Net Framework 2.0 and WinFx Beta 2)
<!–[if !vml]–>
Figure 1. Prerequisites of the
application listed in the Publish ClickOnce html file
Figure 2. Pressing
Install will launch the bootstrapper that detects the uninstalled
prerequisites: Net Framework 2.0 and WinFx Runtime Components Beta 2
Figure 3. The setup downloads the prerequisites from a specific location
<!–[if !vml]–><!–[endif]–>
Figure 4. After
downloading, the setup will install the WinFx Runtime Components
Using WCF on your application requires more
CAS permissions (FullTrust)
In many real scenarios, developers need their applications
to run as a Partial Trust Application, but need more permissions. For example,
you may need to use a SQL Client. To solve this kind of problems, ClickOnce introduces a feature called Permission
Elevation, which allows an application without enough permissions to
request them to the user. If the user accepts, then the needed permissions are
granted and the application can run normally. This could goes up till
FullTrust which is the requirement for WCF. Besides, in scenarios in which users should not make these kinds of
decisions, a practical solution is offered: system administrators can sign the
application manifests or set a deployment policy that specifies that a
publisher is a trusted source. This way, permissions will automatically be
granted before the application loads.
Figure 5. Installing the application and permission elevation
Creating the prerequisites
WinFx does not come as a prerequisite in the
Visual Studio 2005 Publish tab. However, we can create our own
prerequisite with any MSI or EXE installation.
The process to do this is:
- Create a new folder called "WinFx" here %Program Files%\Microsoft Visual Studio 8\SDK\v2.0\BootStrapper\Packages
- Use the Bootstrapper Manifest Generator to create the manifest for WinFx. I’ve created it already for WinFx.
- Copy the manifest to %Program Files%\Microsoft Visual Studio 8\SDK\v2.0\BootStrapper\Packages\WinFx
- Copy the WinFx Runtime Components redistributable to the same folder
- Restart Visual Studio 2005
More resources
- Adding
Custom Prerequisites: http://msdn2.microsoft.com/en-us/library/ms165429.aspx - How
to: Install Prerequisites with a ClickOnce Application: http://msdn2.microsoft.com/en-us/library/8st7th1x.aspx - Brian Noyes ClickOnce article, http://msdn.microsoft.com/msdnmag/issues/04/05/clickonce/default.aspx
- Security
Considerations for ClickOnce Deployments: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dv_vstechart/html/ClickOnceSec.asp - ClickOnce
Deployment and Security: http://msdn2.microsoft.com/en-us/library/76e4d2xw.aspx
April 9th, 2006 at 12:48 pm
Excellent job, Matias.
– Clemens
April 10th, 2006 at 12:40 am
I don’t think it is correct point of view.
The problem is that WCF does not correctly works with CAS — and CAS is substantial, huge part of .NET security technology and phylosophy.
And what are you say? You say “just forget about CAS — it is easy to skip it at all”.
April 10th, 2006 at 5:57 am
Hi mihailik,
I’m not saying “just forget about CAS”. I’m saying “it’s not the end of the world”. Specially in controlled scenarios where you can sign your manifest and make your app trusted. This was the scenario I was concerned about: Enterprise Smart Client applications.
Again, I’m not giving any justification for the reason why WCF only runs with FullTrust. They didn’t make it for v1 and we cannot do anything about that. I’m saying “Hey, you can use ClickOnce and you can have WinFx install as part of the app prerequisites; you can use WCF with permission elevation and a trusted publisher; that is a viable solution for me”. You can take it or leave it. I just wanted to share it.
Matias
April 10th, 2006 at 8:20 am
Matias, actually you propose to throw CAS out. It is what this thing going to be really.
It may be viable for Enterprise applications or other area — or not viable. But if your solution places FullTrust assertion on that library, it skips CAS. Here is no choise — FullTrust means no CAS.
I understand why do you propose it — because there is no other option. But it doesn’t mind this option is good. It’s just best existing
April 10th, 2006 at 8:33 am
But I should say, installing WinFX as part of ClickOnce process is cool powerfull thing. Thank you, Matias.
I’ll recall that prerequisites place of documentation. Nice!
Of course, running IE as admin is dirty thing. IE window does not shows its “privileged” nature by any visual difference. So, when somebody completes the installation he/she could just forget about it and reuse this IE instance for normal surfing. So some malware could come in with high-privileged account.
April 14th, 2006 at 5:53 pm
I am trying to execute a batch file on the client machine in order to install servercertificate on the client machine (x509). I have included certmgr.exe and the batch file in the clickonce but problem is that batch file always take the path of the desktop not the directory path where clickonce place all the file. Is their any other way to install the certificate on the client machine.
April 14th, 2006 at 8:17 pm
You can access the Data path of the clickonce installation using this:
System.Deployment.Application.ApplicationDeployment.DataDirectory
Make sure you mark the batch and the certmgr as Data.
http://msdn2.microsoft.com/en-US/library/6fehc36e(VS.80).aspx
Matias
June 27th, 2006 at 6:26 pm
I tried to add the Winfx as given in the steps above. But I get the error given below when I click on install from client machine. Any clues on why is it happening?
Running checks for package ‘WinFx Runtime Components Beta 2 (Feb CTP)’, phase BuildList
Reading value ‘Version’ of registry key ‘HKLM\Software\Microsoft\Internet Explorer’
Read string value ‘6.0.3790.1830′
Setting value ‘6.0.3790.1830 {string}’ for property ‘IEVersion’
The following properties have been set for package ‘WinFx Runtime Components Beta 2 (Feb CTP)’:
Property: [IEVersion] = 6.0.3790.1830 {string}
Running checks for command ‘WinFXFebCTP\winfxrc.exe’
Result of running operator ‘ValueEqualTo’ on property ‘AdminUser’ and value ‘false’: false
Skipping FailIf because Property ‘Version9X’ was not defined
Result of running operator ‘VersionLessThan’ on property ‘VersionNT’ and value ‘5.0.3′: false
Result of running operator ‘ValueNotExists’ on property ‘IEVersion’: false
Result of running operator ‘VersionLessThan’ on property ‘IEVersion’ and value ‘5.01′: false
Result of running operator ‘ValueNotEqualTo’ on property ‘ProcessorArchitecture’ and value ‘Intel’: false
Result of checks for command ‘WinFXFebCTP\winfxrc.exe’ is ‘Install’
‘WinFx Runtime Components Beta 2 (Feb CTP)’ RunCheck result: Install Needed
EULA for components ‘WinFx Runtime Components Beta 2 (Feb CTP)’ was accepted.
Copying files to temporary directory “C:\DOCUME~1\unigudka\LOCALS~1\Temp\2\VSD2.tmp\”
Downloading files to “C:\DOCUME~1\unigudka\LOCALS~1\Temp\2\VSD2.tmp\”
(6/27/2006 7:39:33 PM) Downloading ‘WinFXFebCTP\winfxrc.exe’ from ‘WinFXExe’ to ‘C:\DOCUME~1\unigudka\LOCALS~1\Temp\2\VSD2.tmp\’
Download completed at 6/27/2006 7:39:33 PM
Downloading failed with HRESULT=-2146697203
(6/27/2006 7:39:35 PM) Downloading ‘WinFXFebCTP\winfxrc.exe’ from ‘WinFXExe’ to ‘C:\DOCUME~1\unigudka\LOCALS~1\Temp\2\VSD2.tmp\’
Download completed at 6/27/2006 7:39:35 PM
Downloading failed with HRESULT=-2146697203