Nov 26

Understanding Xbap: Full Trust, Partial Trust, Certificates and more…

By Jim Yekrang Software Development, Solutions No Comments »

Xaml Browser Application(Xbap) is a part of Wpf that runs inside the browser. Xbap applications combine features of both web and rich window based applications. Generally xbap runs in Sandbox (Partial trust) environment where application has access to limited system resources. In this article, I will discuss various issues I have worked on while developing Xbap application like

  • “Trust Not Granted” error.
  • Installing certificates for full trust Xbap application on client machines.
  • How to use 3rd party dll in your Xbap application etc.

If you are new to xbap, you must know that for using xbap application user must have either Windows vista or .net 3.0 framework on their System.  .net 3.5 also has support for mozilla firefox and WCF service. You can deploy xbap application either in partial trust or in full trust and application will not be installed but cached into client machine. In partial trust you cannot use features like accessing client file system,common dialogs, working with registry etc , so if you publish application with above features in partial trust, you will get “Trust Not granted” error. To resolve this:-

  • Add Unrestricted=”true” into permission set of app.manifest file of your project.
  • Sign the clickonce manifest with certificate and install certificate in client machine. Installation of certificate can also automated, see this link for more info
CertificateJPG
Add Certificate in Trusted Publishers and Trusted Root Store of browser.

When you are using 3rd party dll in your xbap application like OpenNETCF.Desktop.Communication.dll then it will give error “Assembly generation failed — Referenced assembly ‘OpenNETCF.Desktop.Communication’ does not have a strong name”,this is because it is not signed using Certificate which you are using to sign your app.manifest. You can resolve this in 2 ways:-

  • Sign your assembly:-  sn -R “YourAssemblyName.dll” “yourpublickey.snk”
  • Or you can download the source code for that dll , add it in your project and then compile your project.

One more thing you can also add support url in Publish>Options>Support Url where user can navigate in case if there is some error in application which can have information regarding how to manually install certificate among other support information .Hope this post will help developers trying their hand at Xbap applications.

Tagged with:
Nov 26

WPF Applications and XBAP Applications- What’s the difference

By Jim Yekrang Software Development No Comments »

WPF (Windows Presentation Foundation) is a new API for creating graphical user interfaces for the Windows platform. It provides a consistent programming model for building applications and provides a clear separation between the user interface and the business logic. WPF employs the use of 2D and 3D drawing, fixed and adaptive documents, advanced typography, vector graphics, raster graphics, animation, data binding, audio and video A standalone WPF application is one that is compiled into an EXE and placed on the users computer via any of the standard installation techniques. If installed to the local hard drive it has the default security settings of Full Trust.
XBAP (XAML Browser Application) is a new windows technology used for creating rich internet applications. While windows applications are normally compiled to an .exe file, browser applications are compiled to an extension .xbap and can be run inside the browser. XBAP applications are run within a security sandbox to prevent untrusted applications from controlling local system resources. (E.g. deleting local files)

XBAP’s application are full-blown WPF applications, however there are some key differences listed below

img4

 Standalone WPF application is installed on user’s computer while XBAP applications are not installed on the client’s computer.
 Standalone WPF applications appears in start menu and in add/remove programs but XBAP application doesn’t appears in start menu and in add/remove programs since these are not installed on the user’s computer.
 Standalone WPF application can be installed using standard installation techniques but XBAP applications are called Click-Zero deployment because the user is not prompted to ‘install’ the application, user runs the application by going to a specific URL on the Web.
 Standalone WPF application has the default security settings of full trust but there is a huge security risk involved with allowing applications to install and run from the Web. Therefore all XBAPs are run in a restrictive security sandbox under partial trust.
 There is offline access for standalone WPF application but we cannot run XBAP application unless user has the access to the XBAP URL.

References: WPF in C# 2008  by Matthew MacDonald

Tagged with:
preload preload preload