Menu
I am using ClickOnce to distribute an application from a website URL. The application has a few merge modules such as ADO ActiveSync that requires the ClickOnce installer to download the dependecy.
If I password protect the URL, the user can log in and start the Click Once process using the publish.htm page. The process fails when it tries to download the dependecy files since ClickOnce is not supplying the authentication information. Is there a setting I can use so that ClickOnce can log back into the website it was just started from and download the merge modules?
I don't really care if the username/password is stored in the XML config files in plain text. I just want to stop anyone in the world from downloading the app.
355
ClickOnce is old technology no longer supported by Microsoft.
ClickOnce Publish properties are used to specify when and how often the application should check for updates. Update behavior can be specified in the deployment manifest, or it can be presented as user choices in the application's user interface by means of the ClickOnce APIs.
To enable ClickOnce security settings With a project selected in Solution Explorer, on the Project menu, click Properties. Click the Security tab. Select the Enable ClickOnce Security Settings check box. You can now customize the security settings for your application on the Security page.
To specify prerequisites to install with a ClickOnce application. With a project selected in Solution Explorer, on the Project menu click Properties. Select the Publish pane. Click the Prerequisites button to open the Prerequisites dialog box.
You cannot use forms authentication with ClickOnce deployment.
ClickOnce does not support forms-based authentication because it uses persistent cookies; these present a security risk because they reside in the Internet Explorer cache and can be hacked. Therefore, if you are deploying ClickOnce applications, any authentication scenario besides Windows NT authentication is unsupported. MSDN for ClickOnce Deployment and Security
If you want more control over your distribution system you might consider a third party solution. I have used AppLife Update and enjoyed the flexibility it game me. But there are other 3rd party solutions out there.
There is an excellent StackOverflow question about alternatives to ClickOnce over here: Alternatives to ClickOnce
52
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
