Geeks With Blogs
Saqib Ullah BootStrapper Know How

Yesterday I wrote simple Windows application on .Net 2.0, after the completion of development and little bit testing of application I deployed it’s on the user machine by using the new feature of .Net 2.0 called ClickOnce [that is only available in Microsoft .Net 2.0 frameworks and above version]. This is one of most impressive feature set of the .Net 2.0 for application deployment. At this moment don’t think that Windows Installer technology is gone, it is still present with strong arms in the Windows and Web applications deployment. ClickOnce is mainly focused on bringing simplicity of application deployment. If you want to deploy your [old or new] applications with ClickOnce, you simply need to place the application files on a Web server or file server and publish application manifest by the help of “Publish.htm” web page. Deploying application with ClickOnce in Visual Studio 2005 is very trivial task and you can easily publish the application by using Publish Wizard. To access the Publish Wizard, simply right-click the project name in the Solution Explorer, then select Publish from the context menu. Alternatively, you can access the Wizard from the Publish tab of the Project Properties dialog box.


How ClickOnce Works

Once the development and testing of application done move the application to the Web server or file server for the deployment [there is no rocket science involve in the movement of application to Web or file server simply copying the file into the server folder]. Publish application from publish wizard and click the browse button that open [Open Web site form] from here you can easily publish application on the following locations.

·          File System

·          Local IIS

·          FTP Site

·          Remote Site

Follow the wizard steps and click the finish button in the end. Publishing of assembly start and Visual Studio 2005 automatically start the “Publish.htm” page for you. All application and deployment manifest files that describe the deployment to the ClickOnce should be present in the Web or file folder of the deployment server. One feature set of ClickOnce technology is automatically installation of all necessary bootstrapper on the client machine base on configuration in the manifest files. ClickOnce allow the application to check the version updates after and before application starts and so Microsoft Background Intelligent Transfer Service does not plays its role here I will discuss BITS service in my upcoming blogs.


What you give to client

I know what question is coming to your mind what I give to my user and the answer is very simple URL.

Actually this is the last thing in the deployment cycle of the ClickOnce, a link to the deployment manifest is provider to the user in the form of a URL (as a hyperlink or shortcut). When a user click on that link, the .Net runtime on the client machine will recognize the file extension and perform a ClickOnce deployment of the application on the user’s desktop.


Hello I m Security I m on Top
CLR Code Access Security CAS is the spine of ClickOnce deployment. ClickOnce deployed application always run in the special boundary of the CLR called sandbox. ClickOnce application has the ability to do safe and unsafe job mean open database connection, accessing registry and calling unmanaged code. Permission of the user is very common issue in the ClickOnce deployment so it’s possible user get more permission then its required or user get less permission for the running of application so in this scenario user prompt and application will get the permissions it requested. An alternative way is to sign the application with the authenticode certificate. Admin right is not required for the ClickOnce application, if we say ClickOnce are installed on per-user bases so it true [ClickOnce deployment is not machine deployment]. File security is also the issue and is maintain by hash (a value that summarizes a larger piece of data and can be used to verify that the data has not be been modified since the hash was generated by Shawn Wildermuth and Tony Northrup). The manifests have a hash of all the files they reference, so application integrity can be ensured, even if the application files are not signed.


When use ClickOnce

Not ever technology is applicable ever time so it’s the responsibility of the deployer to select the best and secure technology for the application deployment. ClickOnce is not suited for applications that need admin level permission to run, so if you think that your application should require admin privilege for installation Windows Installer MSI is the better choose for you. Another reason of selecting MSI is if your application is doing any operation that apply on per-machine bases or installing share components (GAC). MSI more robust then ClickOnce.


Requirements & OS Support

ClickOnce needs only an HTTP 1.1 on server side or file server and all Microsoft .Net 2.0 Framework supported Operating System support ClickOnce. Next version of the Microsoft OS “Vista” keep continuing ClickOnce with the support of Background Intelligent Transfer Service.

Posted on Thursday, April 19, 2007 9:38 AM .Net | Back to top

Comments on this post: ClickOnce Deployment

# re: ClickOnce Deployment
Requesting Gravatar...
great effort!
Left by Murtaza on Apr 21, 2007 2:32 AM

# re: ClickOnce Deployment
Requesting Gravatar...
I m facing one problem - when i try publish smart client in localhost, it works but when i try to publish on remote machine it gives me error - failed to connect http://ecindia/appname unable to create web...

Left by Dharmesh on Aug 07, 2007 11:18 PM

Your comment:
 (will show your gravatar)

Copyright © Saqib Ullah | Powered by: