Deploying and Deploying and Maintaining Smart Client Maintaining Smart Client ApplicationsApplications

.Henrik Lykke Nielsen.Henrik Lykke NielsenSoftware arkitekt, CaptatorSoftware arkitekt, CaptatorMicrosoft Regional Director for DenmarkMicrosoft Regional Director for Denmark

lykke@captator.dklykke@captator.dkwww.captator.dk/captator.aspx?www.captator.dk/captator.aspx?blog=dothenrikblog=dothenrik

Today's AgendaToday's Agenda

Best practices for building well-designed, Best practices for building well-designed, secure, data-driven, smart client secure, data-driven, smart client applicationsapplications

Session 1: Designing and building Session 1: Designing and building smart clientssmart clients

Patterns and practices for smart clients, Patterns and practices for smart clients, IssueVisionIssueVision

Session 2: Securing smart client Session 2: Securing smart client applicationsapplications

Tips for secure data, CAS, encryption, and moreTips for secure data, CAS, encryption, and more

Session 3: The ins and outs of secure Session 3: The ins and outs of secure data accessdata access

Best practices for smart client data, offline dataBest practices for smart client data, offline data

Session 4: Deploying and maintaining Session 4: Deploying and maintaining smart clientssmart clients

Tips for deploying and updating apps to avoid Tips for deploying and updating apps to avoid “DLL Hell”“DLL Hell”

AgendaAgenda

The “Deployment Big 3” for smart The “Deployment Big 3” for smart clientsclients

Drill-Down: Design choices for Drill-Down: Design choices for deployment deployment

No Touch Deployment optionsNo Touch Deployment options

Installing the .NET runtime with your appInstalling the .NET runtime with your app

Best practices for deploying Smart Client Best practices for deploying Smart Client apps apps

Drill-Down: Design choices for Drill-Down: Design choices for updatingupdating

Automatic update optionsAutomatic update options

Best practices for updating Smart Client Best practices for updating Smart Client appsapps

Avoid CollisionsAvoid Collisions

Avoid collisions between apps and versions!Avoid collisions between apps and versions!Installing App B must not break App AInstalling App B must not break App A

.NET Application Isolation .NET Application Isolation Private deployment by defaultPrivate deployment by default

By default .NET applications use the assembly By default .NET applications use the assembly versions they were built with, not the latestversions they were built with, not the latest

Multiple versions coexist by defaultMultiple versions coexist by default““Side-by-Side” installationSide-by-Side” installationSharing, if any, is controlled and explicitSharing, if any, is controlled and explicitCan be shared by installing to the Global Assembly Can be shared by installing to the Global Assembly Cache (GAC)Cache (GAC)

No DLL registrationNo DLL registrationJust copy filesJust copy files

Protect Resources and Protect Resources and DataDataControl which local data and resources Control which local data and resources

your application may access!your application may access!

.NET Code Access Security.NET Code Access SecurityAccess is controlled based on evidenceAccess is controlled based on evidence

Who created the program (code signing)Who created the program (code signing)

Where the program came fromWhere the program came fromCorporate intranet, specific manufacturer, Web site, Corporate intranet, specific manufacturer, Web site, etc.etc.

In .NET, resource security can be In .NET, resource security can be controlled at deployment timecontrolled at deployment time

Tools including CASPOL and Group Policy Tools including CASPOL and Group Policy help administrators manage secure access help administrators manage secure access policiespolicies

Control CostsControl Costs

Control deployment and update costs!Control deployment and update costs!Easy, “self-service” installationEasy, “self-service” installation

Automatic detection and download of Automatic detection and download of updatesupdates

Low Cost .NET Deploy and UpdateLow Cost .NET Deploy and UpdateJust copy files to the deployment Just copy files to the deployment locationlocation

.NET No Touch Updates detect, .NET No Touch Updates detect, download and apply updatesdownload and apply updates

Drill-Down: Drill-Down: Design Choices for Design Choices for DeploymentDeployment

• Run From Web

• Code Download

• MSI-Deployed

• Installing the .NET Framework

Deployment OptionsDeployment Options

.NET offers several options for .NET offers several options for deploying and installing smart clientsdeploying and installing smart clientsThis discussion focuses on three This discussion focuses on three common choices:common choices:

Run From WebRun From WebUser runs the app by clicking a link in a Web User runs the app by clicking a link in a Web pagepage

Code downloadCode downloadUser runs a bootstrap program from their User runs a bootstrap program from their desktop that downloads and executes code desktop that downloads and executes code from the Web (or intranet)from the Web (or intranet)

MSI-deployedMSI-deployedUser runs the application locally. The User runs the application locally. The application downloads updates from the Web application downloads updates from the Web (or intranet)(or intranet)

Run From WebRun From Web

Entire app is downloaded to Entire app is downloaded to Assembly Download CacheAssembly Download Cache

IEExec process launches the app with IEExec process launches the app with restricted security settingsrestricted security settings

AdvantagesAdvantagesVery easy to deploy / updateVery easy to deploy / update

LimitationsLimitationsRuns only inside Internet Explorer 5.01+ Runs only inside Internet Explorer 5.01+

Semi-trustedSemi-trusted

Can be difficult for users to discoverCan be difficult for users to discover

Run From WebRun From Web

Run From WebRun From Web

Opsætning af sikkerhed på klientenOpsætning af sikkerhed på klientenLagret som XML i:Lagret som XML i:C:\WINDOWS\Microsoft.NET\Framework\C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIGv1.1.4322\CONFIG

.NET Framework 1.1 Configuration MMC .NET Framework 1.1 Configuration MMC snap-insnap-in

CASPOL command line toolCASPOL command line tool

Via MSI:Via MSI:Lavet vha. .NET Framework Configuration Lavet vha. .NET Framework Configuration snap-insnap-in

Vha. kode: System.Security.Policy Vha. kode: System.Security.Policy namespacetnamespacet

Code DownloadCode Download

Program is partitioned into Program is partitioned into assemblies that are downloaded as assemblies that are downloaded as neededneeded

‘‘Stub’ program is installed on local PCStub’ program is installed on local PC

The stub downloads and runs assemblies The stub downloads and runs assemblies from the Web or intranet using from the Web or intranet using Assembly.LoadFrom()Assembly.LoadFrom()

AdvantagesAdvantagesSmall installation size, incremental Small installation size, incremental updatesupdates

Launched from My ProgramsLaunched from My Programs

Fairly easy to deploy and updateFairly easy to deploy and update

Code Download, continuedCode Download, continuedLimitationsLimitations

Application must be factored appropriately Application must be factored appropriately (hard to do)(hard to do)

Local footprint requires an install processLocal footprint requires an install process

No support for working offlineNo support for working offline

No support for side-by-side versionsNo support for side-by-side versions

Updates occur only when app or module is Updates occur only when app or module is loadedloaded

Permissions based on where assembly came Permissions based on where assembly came fromfrom

Must be connectedMust be connected

Best used for…Best used for…Apps that have distinct functional modules Apps that have distinct functional modules

Apps that can tolerate download delaysApps that can tolerate download delays

Code DownloadCode Download

Client Install Via MSIClient Install Via MSI

Deployed to a client machine from a Deployed to a client machine from a web location, a UNC share or a file web location, a UNC share or a file locationlocation

Functions like a standard Windows Functions like a standard Windows applicationapplication

AdvantagesAdvantagesBest range of Smart Client functionality, Best range of Smart Client functionality, including offlineincluding offlineBest performanceBest performanceBest integration with the Windows shellBest integration with the Windows shell

My Programs shortcuts, Add/Remove My Programs shortcuts, Add/Remove programsprograms

Supports working offlineSupports working offlineSupports updater technologiesSupports updater technologies

Client Install Via MSI, cont.Client Install Via MSI, cont.

LimitationsLimitationsLocal footprint requires an install processLocal footprint requires an install process

Best used for…Best used for…Apps that require the best possible client Apps that require the best possible client performanceperformance

Apps that let the user work offlineApps that let the user work offline

Apps that access local resourcesApps that access local resources

Apps that support side-by-side versionsApps that support side-by-side versions

Bundling the .NET Bundling the .NET FrameworkFramework

Free redistributable version of .NET Free redistributable version of .NET FrameworkFramework

Stand-alone executable file, Stand-alone executable file, dotnetfx.exedotnetfx.exe

Distribute via SMS, Active Directory or bundle Distribute via SMS, Active Directory or bundle with appwith app

More information:More information:http://msdn.microsoft.com/library/en-us/dnnetdep/htmhttp://msdn.microsoft.com/library/en-us/dnnetdep/html/redistdeploy1_1.aspl/redistdeploy1_1.asp

Example project from MSDNExample project from MSDNhttp://www.microsoft.com/downloads/http://www.microsoft.com/downloads/details.aspx?FamilyIddetails.aspx?FamilyId=BF253CFD-1EFC-4FC5-BA7E-6A6F21403495=BF253CFD-1EFC-4FC5-BA7E-6A6F21403495

Shareware plug-in to Visual Studio .NETShareware plug-in to Visual Studio .NETAutomates adding dotnetfx.exe to you setup projectAutomates adding dotnetfx.exe to you setup project

http://http://www.gotdotnet.com/community/workspaces/workspacwww.gotdotnet.com/community/workspaces/workspace.aspx?IDe.aspx?ID=2F8F0A23-F529-4158-8E0A-D187D16F41F1=2F8F0A23-F529-4158-8E0A-D187D16F41F1

Best Practices #1: Best Practices #1: DeploymentDeployment

Design up front for deploymentDesign up front for deploymentChoose the deployment option that best fits Choose the deployment option that best fits your app…your app…

PerformancePerformanceSecuritySecurityFunctionalityFunctionality

And, helps you control maintenance costsAnd, helps you control maintenance costsBe careful about sharing code between Be careful about sharing code between applicationsapplications

Use application isolation to avoid future collisionsUse application isolation to avoid future collisions

Grant access only to the resources and Grant access only to the resources and data it needsdata it needsBundle .NET with your application if users Bundle .NET with your application if users might not have it alreadymight not have it already

Drill-Down: Drill-Down: Design Choices for Design Choices for UpdatingUpdating

• Update Web Hosted DLLs

• Application Updater

Updating OptionsUpdating Options

““Always up-to-date”Always up-to-date”Run-From-Web and Code Download apps Run-From-Web and Code Download apps

““Price” is no side-by-sidePrice” is no side-by-side

Application UpdaterApplication UpdaterTwo code blocks from Microsoft make Two code blocks from Microsoft make updating client-installed applications updating client-installed applications easiereasier

AppUpdater componentAppUpdater componentEasier to implementEasier to implement

Updater Application BlockUpdater Application BlockBest choice for enterprise-grade applicationsBest choice for enterprise-grade applications

Application UpdaterApplication Updater

How it works:How it works:Polls for available updatesPolls for available updates

Detects via manifest file or folder/file checkDetects via manifest file or folder/file check

Downloads updates in the backgroundDownloads updates in the backgroundApplies updatesApplies updatesRestarts the applicationRestarts the application

.NET Application Updater Component.NET Application Updater Componentwindowsforms.net/articles/windowsforms.net/articles/appupdater.aspxappupdater.aspx

Application Updater Block from Application Updater Block from Patterns and PracticesPatterns and Practices

http://msdn.microsoft.com/library/en-http://msdn.microsoft.com/library/en-us/dnbda/html/updater.asp us/dnbda/html/updater.asp

Deploying and Deploying and Updating IssueVisionUpdating IssueVision

Captator.Eifos.UpdatingCaptator.Eifos.Updating

Launcher.exe startes i stedet for selve Launcher.exe startes i stedet for selve app’enapp’enAuthentication mod XML web service Authentication mod XML web service (WSE2)(WSE2)Henter AppInfo og info om download-Henter AppInfo og info om download-server(e) fra central server (via WS)server(e) fra central server (via WS)

Kan eksempelvis afhænge af authenticated Kan eksempelvis afhænge af authenticated brugerbrugerSammenligner med lokal AppInfoSammenligner med lokal AppInfo

Henter og installerer nye komponenter Henter og installerer nye komponenter (WSE2)(WSE2)

IDirectoryStrategyIDirectoryStrategy

Kalder eventuelle upgrade Kalder eventuelle upgrade funktionaliteterfunktionaliteterLauncher (nyeste) version af Launcher (nyeste) version af applikationenapplikationen

Best Practices for UpdatingBest Practices for Updating

Design and plan for updating Design and plan for updating

Evaluate updating deployment Evaluate updating deployment optionsoptions

Web-Deployed, Code Download Web-Deployed, Code Download Check for updates every time they are Check for updates every time they are launchedlaunched

Check for updates Check for updates onlyonly when they are when they are launchedlaunched

MSI-Deployed MSI-Deployed Supports side-by-side versionsSupports side-by-side versions

Can automatically update the running Can automatically update the running applicationapplication

Use Application Updater blockUse Application Updater block

SummarySummary

.NET solves the “Deployment Big 3” for .NET solves the “Deployment Big 3” for smart client applicationssmart client applications

Avoids collisions, protects resources and data, Avoids collisions, protects resources and data, controls deployment and updates costscontrols deployment and updates costs

Control your deployment costs by installing Control your deployment costs by installing applications from an intranet or Internet applications from an intranet or Internet locationlocation

Control your maintenance costs using No Control your maintenance costs using No Touch updatingTouch updating

Use Updater Application Block for enterprise-Use Updater Application Block for enterprise-grade applicationsgrade applications

ResourcesResourcesDeploying and Distributing OverviewDeploying and Distributing Overviewhttp://msdn.microsoft.com/vbasic/using/deployinghttp://msdn.microsoft.com/vbasic/using/deploying

Patterns and PracticesPatterns and Practiceswww.microsoft.com/resources/practices/bytaskImplewww.microsoft.com/resources/practices/bytaskImplement.aspment.asp

.NET Framework 1.1 Deployment Guide.NET Framework 1.1 Deployment Guidemsdn.microsoft.com/library/default.asp?url=/library/emsdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetdep/html/dotnetframedepguid1_1.asp?_r=1n-us/dnnetdep/html/dotnetframedepguid1_1.asp?_r=1

Microsoft Visual Studio .NET 2003 Microsoft Visual Studio .NET 2003 Bootstrapper Plug-InBootstrapper Plug-Inwww.microsoft.com/downloads/details.aspx?www.microsoft.com/downloads/details.aspx?

FamilyId=627921A0-D9E7-43D6-A293-FamilyId=627921A0-D9E7-43D6-A293-2F9C370BD19&displaylang=en2F9C370BD19&displaylang=en

Nyheder, artikler, information, …Nyheder, artikler, information, …www.captator.dkwww.captator.dk

Smart Clients in ReviewSmart Clients in Review

The best of Windows with the best of the WebThe best of Windows with the best of the WebCost-effective deployment of programs and updatesCost-effective deployment of programs and updates

Best practice for data: Best practice for data: Use stored procedures, if possibleUse stored procedures, if possible

Use optimistic concurrencyUse optimistic concurrency

For offline data, use DataSet to help you work with data For offline data, use DataSet to help you work with data locally, and sync changes back to the serverlocally, and sync changes back to the server

Best practice for security: Let it work for you! Best practice for security: Let it work for you! Smart Client apps give you fine grain control over who Smart Client apps give you fine grain control over who gets to do (or see) what.gets to do (or see) what.

Best practice for deployment: Control your Best practice for deployment: Control your deployment costs by downloading applications deployment costs by downloading applications and updates from an intranet or Internet locationand updates from an intranet or Internet location

© 2003-2004 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.