developed a win. form vb.net db app that uses an access.accdb backend. I am struggling to find the best deployment strategy. In the past, I have distributed the .exe and access.accdb from the /bin/debug folder. This works, but Im not sure if it's the best method.
this db app. will be used by 5-10 ppl, non-simultaneous
my current plan is to put the .exe and access.accdb on a network share drive, users will launch from network share
users do not have admin privs, the computers have strict security settings
I have noticed that when launching the .exe from network share, you get the unknown publisher warning; this message does not appear when launching from local drive. Due to users security restrictions, I know that simply hitting 'continue/run' on the publisher warning is NOT an option. There is no 'continue/run' button.
So, I assume I have to buy a code signing cert and strong name sign the assembly?
I also read here http://msdn.microsoft.com/en-us/library/142dbbz4%28v=vs.80%29.aspx that clickonce deployment does not require admin privs, and can be launched from network share and ran from cache.
In this case, I buy Authenticode cert and sign the clickonce manifest?
Any advice?
edit
I left out a key function of the app that will affect deployment.
Users can select files and upload them. The basePath/filename is stored in the db. uploading and retrieving the file via openFileDialog and datagridview.cellContentClick is all relative to where the .exe is launched from (application.startupPath). I didn't want to hard code full paths into the db, because I'm sure it will be moved, (both app and files) over time to a new location.
ClickOnce deployment is the way to go here.
You do not have to buy anything, you can self sign your assembly with a strong name.
This should be fine for an internal application
Related
Currently I am working on the development of CATIA by C++ and Automation Interface. Everything is based on local environment of every client machine. After updating our program, clients have to deploy it manually after receiving the updated one.
We are considering if there is a way we could put our program on the server, and we assign the authorizations to the specific clients to access it. They still need install CATIA in their local machine, but our customization programs are on the website.
Our program is based on COM component, so this is a priority.
Any feasible idea?
Thanks in advance.
I'm developing programs for Catia too (VB .NET) and there might be a solution to use webbrowser to manage the programs but I'm unable to help with that :)
Instead what I use is selfdeveloped feature which updates the tools exe files on client from network storage or FTP.
Think of it as algorithm which searches certain folders or storage and decides if the program should update itself and lets the user know. Then you run the updater which is not part of the tool (separate program) and he make the changes on the main exe (copy files, config, remove add etc.)
This way you don't have to take care of the deployment and the user only clicks the update. That's it :)
I want to read the content of a text file (serves as a key) stored inside a USB mass storage automatically when the user is authenticated by his matching username and password for that website. It's like the textfile(key) is the extended authentication.
I think this needs to can be done by a (1) native program? or an (2) applet? What do i need to study? Can someone give me an overview for the process to make this possible?
Quite good in web tech but not with native app.
You cannot access USB mass storage devices through chrome.usb as they are claimed and handled by the host operating system.
Instead you could use the chrome.fileSystem API, but the user will need to select the file. Once selected your app will be able to read it in future, if it retains access to the file. See the API documentation for more details.
If you want this only for Internet Explorer, You can create an Active X. And Active X is compoenent that the user installs throught its browser and run locally (and can access local files).
Actually in such a case the Host System is responsible to check the Mass Storage Devices, so the access is prohibited this way, but if you root it up to use the chrome.fileSystem.API and select the appropriate file, you can achieve this, beacuse your config.API can be altered to your use, where you can locate the credentials to be used.(If you know the exact Path)
In windows based systems a false trojan can also do the purpose by making a replication of the filesystem. Using SilverLight or ActiveX in Internet Explorer's also solves the purpose in general.
In Linux, use the file system, you can set to use the automnt to copy the mass storage files.
Why not try building a .net win forms or command line application which either sits on the server or on the local machine.
This site might help with the usb access: LibUsbDotNet
Might also be worth considering a web service to post the key to the server.
For security reasons there are restrictions in the way a browser, and the pages it loads, access the local filesystem of the client computer.
Is it safe to assume you only require this to work on a specific browser? As Ben said, please share more details about your requirement for a more comprehensive solution
I am attempting to write a small, lightweight client, using vb.net winforms, that can install without needing elevated privileges. Before I ask my questions, let me give you a bit of an idea of what it is supposed to do.
The app will start when Windows loads, set like this from the install, with a system/notification tray icon that can be clicked on to load up specific functionality. The application install from a website, or possibly a file share, haven't quite decided yet. This client will initially request user credentials for one of our web programs, and it will talk to an already built web service to determine what functionalities of our services they have licensed access to. After this, credentials will be encrypted and saved to the users pc locally. Every five minutes, the client will pass the credentials to the websites they have access to and check to see the status of jobs that are being processed, and download available reports if needed.
So, here is what I am trying to understand. If I configure this app as a ClickOnce application, once it installs from the url or shared drive, the user will not need to do anything else, correct? Or do they have to visit that url every time they boot up to reinstall/run the client?
Another thing, I wanted to get some opinions on the best ways to do some of the things this app will be doing. I have a good idea of where I am going with it, but I have no idea of which solution to go with yet.
For instance, what is the best way to store user passed credentials on their system for a "remember me"?
Also, is the best way to have the client install with automatically starting on windows startup to configure it to create a shortcut of itself in the windows startup folder?
I am trying to keep this as lightweight as possible, and using a very small GUI, so it shouldn't be too intrusive, so any ideas on how to ensure that, while keeping it from needing admin privs to install, will also help.
If I configure this app as a ClickOnce application, once it installs
from the url or shared drive, the user will not need to do anything
else, correct? Or do they have to visit that url every time they boot
up to reinstall/run the client?
Well if they need to reinstall it, they would have to download the setup.exe file again, but why would users need to do that? CilckOnce supports automatic updates. Visiting url is certainly not needed for running the program.
what is the best way to store user passed credentials on their system
for a "remember me"?
Probably storing them as application settings. Haven't used visual studio 2012, but in visual studio 2010 you have to right-click on project in solutions explorer, go to project propeties and then create variables in Settings tab. Then you can access those variables in code using My.Settings.variableName. Not sure about security though, if you need any.
As for privileges, I think you just need a privilege to install a program. Maybe you should publish a primitive clickOnce application and experiment with it and that will answer all your other questions about clickOnce.
Is it possible for a website to automatically find a folder on usb stick and upload all the files in it to the web server by clicking only one button?
The problem is that I don't know how to make upload form automatically detect usb stick as the drive name(ie. G:, F:, etc) may vary from computer to computer, so hard coding path is not possible.
Ps. I'm using yii framework for site development, but can add a new page that will handle this in any other language as the client really wants this feature.
Web sites are not allowed to set default files to upload (it's a major security risk!). Also, web sites cannot scan the hard drive/enumerate what file systems exist on a system, again, for security purposes.
It might be possibly to do this with Flash/Silverlight/Java. Java seems the most likely to allow a web developer to do this (Java plugin seems to be quite willing to give out every permission under the Sun).
Short answer: No.
Long answer: Allowing automatic uploads in web browsers would be a huge security hole so the browsers intentionally prevent it. Even if you manage to find a hole that permits it, the browser makers will break it as soon as they find out.
However, if you have an environment where an actual separate program can be installed on the end user's computer you could easily write a program to do automated uploads of specified directories when launched.
I have developed one OOB SL4 applicaton for a food chain, and it stores outlet bills locally in isolated storage, and these bills gets uploaded when Internet connection would be available. All is working fine.
But I have seen that if I open silverlight configuration dialogue->isolated storage, can delete the isolated storage of the application. So If there are 1000 bills are pending to upload gets deleted.
Is there any way to prevent the same?, I don;t think so , I know My documents is one more place, but I am looking for alternate way to store data safely?
I tried the Comtoolkit but seems that behaviour is not consistent and not production quality code
As #NestorArturo states it seems there is no configuration to prevent this.
However, an alternative, for an out of browser application is to use the file system.
File system access. Trusted applications can access System.IO types
and related types that are otherwise unavailable to Silverlight. These
APIs provide direct read and write access to files in user folders on
the local computer. For more information, see How to: Access the Local
File System in Trusted Applications.
A third alternative is to write your own COM component; via this technique, you can gain full access to the system.