tags:

views:

71

answers:

1
+3  Q: 

Are there any caveats to using ClickOnce in VS 2010 to deploy "real" applications?

It always seemed to me that ClickOnce was a handy way to deploy .NET applications in an intranet environment. I was thinking of using it as the deployment method for a desktop application that's distributed over the internet to general users. (The alternative would be a regular installation package.)

Does anyone have experience with this? Did it work well? Are there problems, either for the developer or end-user, that I should watch out for?

+2  A: 

I have used ClickOnce several times for deployment over the web, with varied experiences. The pointers I would give are:

  • Ensure that the application has one static deliverable
  • Avoid dynamic building of deployment and application manifests server side, especially with regards to a pluggable architecture (i.e. using mage.exe to build manifests based on identity and/or permissions)
  • Control authentication from the application, ClickOnce is incredibly restrictive in terms of facilitating downloads of applications from secure websites. See here for the choices you will face.
  • Avoid delivering prerequisites, or keep it to a minimum. For example, just the .NET framework, SQL express.
  • The application should not require significant privileges client-side (HKLM registry changes, for example). The application will ultimately be run from the logged on user's document's folder and you won't be able to tell whether the user is an administrator or not when they download.
  • Sign the ClickOnce manifests with a verified Authenticode certificate
  • Relating to updating the deliverable, ClickOnce handles this very well if the deliverable is static and updated in place. You have two options for deployment, an "install and run" option and a "run only" option. Both are exactly the same in terms of deployment, they copy the files to the same place, permissions are identical. The only difference is that the install version will create an entry in the start menu and add/remove programs. The update is based on name and version. For the installed version, updates are not mandatory, but the run only option will also get the latest deliverable. If the deliverable hasn't changed and the user has already downloaded the application it will not download again and just launch from the holding directory.

The technology is pretty cool, but there are several caveats that have bit me before.

fletcher  2010-08-15 20:04:38
Valuable information. Thanks! My application will need lots of permissions (have to read and write files locally, and even connect to USB devices, as examples). Is that going to be a big problem for me? I understand it can just ask for elevated permissions when it installs.
Scott Whitlock  2010-08-15 20:20:42
There is no installer per se, that's one of the big problems. You must include all dependent assemblies locally, you can't install assemblies to the GAC, for example. I believe you can include a manifest for requesting elevation that sits along side the executable. If the user was an admin user though, you wouldn't have any problems.
fletcher  2010-08-15 20:50:50
My only prereq is .NET 4, so I should be OK. I'm going to have to assume the users are administrators, as the type of stuff the application does will require it. Thanks!
Scott Whitlock  2010-08-15 21:35:28
Be sure you deploy the application with full trust, and the users can probably do what you need them to, unless it's something like erasing the C drive. Then you'll probably need to elevate privileges and ask them first. ;-)
RobinDotNet  2010-08-18 06:34:18
My company has been using ClickOnce to deploy a desktop application and some VSTO Add-Ins for over 3 years. We have thousands of customers around the world, and have very little trouble with ClickOnce. And just FYI to fletcher, you CAN make updates mandatory.
RobinDotNet  2010-08-19 07:49:32
@RobinDotNet - Interesting, how do you configure the deployment to not prompt for an update?
fletcher  2010-08-19 09:45:26
fletcher -- You set the minimum version in the Updates dialog to the same version you are deploying. When the user runs the application, it automatically installs the update without asking if he wants it. I love that. :-)
RobinDotNet  2010-08-22 18:11:48

related questions

How can I roll-back a ClickOnce application?
ClickOnce Application Not Opening
.net publishing
Password protected .NET ClickOnce deployment?
How to move a ClickOnce deployment package
Find running clickonce deployed single instance app?
Citrix - how to keep smartclient apps from re-downloading every time they are launched
Can I create a desktop icon for a ClickOnce application?
pitfalls/gotchas of click-once/smart-client deployment in .NET
How do I dictate the destination folder of a clickOnce application?
ClickOnce app not working with Office 2007
Specifying a VC++ Redistributable version for ClickOnce prerequisite
Visual Studio ClickOnce deployment - certificate expiration
ClickOnce Online-Only Application as a TS RemoteApp
Can I serve a ClickOnce application with Apache?
How to Modify config file on clickonce deployment?
How do I check ClickOnce prerequisites after first install?
Secure-Wave and click once applications
ClickOnce Deployment, system update required Microsoft.mshtml
Is it possible to deploy a native Delphi application with ClickOnce
ClickOnce disallow publishing of Debug builds
How do I get the Click Once Publish version to match the AssemblyInfo.cs File Version.
What's the best way to create ClickOnce deployments
How can you publish a ClickOnce application through CruiseControl.NET?
What is the best way to deploy a VB.NET application?