views:

489

answers:

3

I'm having trouble running a full trust WPF 4 XBAP (browser application), created with Visual Studio 2010, from my intranet. I do not get a ClickOnce elevation prompt, as described in ScottGu's post on WPF 4:

Full Trust XBAP Deployment

Starting in WPF 4, the ClickOnce elevation prompt is also enabled for XAML Browser Applications (XBAPs) in Intranet and Trusted Zones, making it easier to deploy full-trust XBAPs. For XBAPs that require security permissions greater than the minimum code access security (CAS) permission grantset of the Intranet and Trusted Zones, the user will be able to click 'Run' on the ClickOnce elevation prompt when they navigate to the XBAP to allow the XBAP to run with the requested permissions.

Instead, I get the "Trust Not Granted" message.

I'm running the application in two ways; in both cases, I get the "Trust Not Granted" message. First, I'm launching the application by double-clicking on the xbap file from my NAS on the local network. Secondly, I'm also trying to launch the application when it is hosted on a website via IIS from the same machine. Are both of these scenarios considered to be run from an "intranet?" Or does "intranet" mean some in particular here? Or am I doing something completely wrong?

Of note, I am able to launch the application without problem when I simply double-click the xbap from my local computer.

The xbap in question was created specifically to test the ClickOnce elevation prompt. It was created with Visual Studio 2010 as a WPF Browser Application. The only change I made was to change this to a full trust application (My Project > Security tab > This is a full trust application).

In the publish wizard, I am choosing the following:

  1. Where do you want to publish the application? - I chose to publish to a local directory
  2. How will user install the application? - I chose "From a CD-ROM or DVD-ROM"
  3. Will the application be available offline - All choices were grayed out
+1  A: 

Are you signing the deployment? Go into the Signing tab and create a test certificate (with a password) and use it to sign the deployment. It won't elevate to full trust unless it's signed because XBAP apps come from the internet zone.

RobinDotNet
+1  A: 

I read in the xbap faq this happens because popups are turned off for the browser.

Tony Lee
+2  A: 

"Intranet" is defined by your security zones settings in the internet options:

Local intranet settings

Yacoder
This is right. Obviously if the machine is not really on your intranet, then you should add it to the trusted sites instead. This new functionality in .NET 4 is great and stopped me from banging my head against the wall!
Dommer