- ClickOnce Security Overview
- Internet Explorer Security Settings Affecting ClickOnce
- Configuring ClickOnce Security Permissions
- Understanding and Managing Publisher Certificates
- Signing Application Updates
- User Prompting
- Trusted Applications' User Security Policies
- Trusted Publishers' Permission Elevation
- Adding Restricted Code Sections
- Securing the Application Based on User Roles
- Securing Access to ClickOnce Application Files on the Server
- Where Are We?
Where Are We?
This chapter discussed the complex security mechanisms and options for ClickOnce deployment. You learned about the way ClickOnce applications identify the set of permissions that they require to run, how the .NET runtime determines what permissions they would be granted based on their launch URL, and how permissions can be elevated through user prompting or trusted publishers. You learned about certificates and their role in protecting application files from tampering and in determining trust relationships with application publishers.
The following are some of the key takeaways from this chapter.
- ClickOnce provides both install-time and runtime protections to the client machine.
- ClickOnce checks to see if an application requires more permission than it would be granted by default based on its launch URL. If so, it will elevate permissions based on either user prompting (the default) or trusted publishers.
- Manifests are signed by Class 3 Code Signing Authenticode certificates. Configuring a certificate as a trusted publisher on a client machine will avoid user prompting for most deployment zones.
- You can restrict access to deployment server application files based on Access Control Lists if all users will come from the local network and their logged-in user identities can be determined based on the individual file requests.
In the next chapter, we will look at how to configure and deploy prerequisites for your ClickOnce applications. Prerequisites include setup steps that require administrative privileges you do not want to require your users to have.