How to specify user credentials for a click-once application?

Question

For a regular .exe file i can always right click and select "run as..". How can i run a Click-Once application under different credentials in a similar way?

I am talking about the application itself, not the installer.

Answer 1

This is actually possible, you just need to do it in two steps. First you'll need to launch ClickOnce (dfsvc.exe) as the user you are trying to impersonate and then you can launch the deploy application using rundll32, something like this:

(From the command line)

1.- Click once:

runas /user:domain\user "c:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe"

2.- Launch app:

runas /user:domain\user "rundll32 c:\Windows\System32\dfshim.dll,ShOpenVerbApplication http://someurl.com/tool.application"

Note that you only need to run dfsvc.exe once if you need to launch multiple apps and it will go away after a while once you close all your impersonated click once applications.

Answer 2

The answer really is no, you shouldn't do this. ClickOnce applications are installed under the user profile and belong only to that user. THey will not and do not work as an all-user installation.

Also note that if you double-click on the [exe] file (the location of which changes every time there is an update), it will not look for updates, it will not check the files to make sure they haven't been tampered with. In other words, it will not run as a ClickOnce application.

I also think passing the username and password in the query string is ill-advised because anybody running fiddler or charles or any other network traffic sniffer will be able to see the credentials.