While continuing my research and learning of ClickOnce deployment, I came across a very interesting page that explains Click Once Deployment Architecture. The article describes how a ClickOnce installation is physically installed on a client computer.
Application Publication
Each application publication has:
- A deployment manifest – A deployment manifest is an XML file that describes a ClickOnce deployment, including the identification of the current ClickOnce application version to deploy.
- An application manifest – An application manifest is an XML file that describes an application that is deployed using ClickOnce.
- All of the application files for that version.
The client computer must have the .NET framework 2.0 or later installed in order to do a ClickOnce deployment to that computer. The .NET framework can be deployed in a variety of ways including the ClickOnce Bootstrapper.
Here is the sequence of events that happen during a ClickOnce Application Installation including Deployment:
- The ClickOnce application is published and the files that support the deployment are staged on the Deployment Server, including the deployment manifest, application manifest and all supporting application files.
- If there are Bootstrapper elements that are prerequisites that need to be installed that the application depends on, When a user clicks a link to the deployment manifest, application files are copied to the client computer. These files are copied under the user’s windows profile. A Start menu shortcut is added and an Add or Remove Programs item is also added if the ClickOnce deployment is of Installed type. At this point the application is ready for the user to launch from the Start menu and/or the Desktop shortcut that is created as part of the ClickOnce installation.
- The application launches and the user works with the application because it is now locally installed. The user can continue to launch the application using the Start Menu and shortcuts created.
At some point in the future, a new version of the application is deployed and published to the host server. Here is how the update process works:
- The next time the user launches the application on the client computer, the ClickOnce run time checks the Deployment Server and determines if there is a new version of the application.
- A new version is detected:
- The user is prompted if they would like to download the new version of the application
OR - If a Minimum Required Version is set during the ClickOnce deployment, the ClickOnce run time starts to download any files that have changed from the previous deployment. For files that have not changed, ClickOnce will get the files from the previous installation directory. Updated files and Unchanged files are copied into a new installation directory.
- The user is prompted if they would like to download the new version of the application
- The shortcuts are updated and the new version of the application launches. The user is now free to interact with the new version of the ClickOnce Application.
- The previous version of the application continues to be cached on the user’s computer after the update. This gives the user the ability to roll back and revert to the previous version of the application via the Add or Remove Programs. The roll back feature is only available if the Minimum Required Version is NOT set during publication. Also, ClickOnce only keeps the current version and the previous version of the application.
Regarding application security:
The ClickOnce deployment process utilizes the Manifest Generation and Edition tool behind the scenes (Mage.exe). This tool can also be used via command line. This utility populates the Application Manifest with descriptions of all assembles and files in the application’s compile directory (bin\release, for example). During the publication process, mage.exe adds a tag of .dependency for assembly files or .file for static files in the Publication Server Directory. Also, mage.exe generates a hash for each files based on file size. This hash ensures that no one can modify or tamper with any of the application files since the manifest was created. If a file is manually updated/replaced inside the Publication Server Directory, an error will occur during the installation or upgrade of the publication. There are other functions that Mage.exe provides, but as far as security is concerned, hashing of files based on file size is pretty important.
Summary (from this page)
ClickOnce is a deployment technology that enables you to create self-updating Windows-based applications that can be installed and run with minimal user interaction.
ClickOnce deployment overcomes three major issues in deployment:
- Difficulties in updating applications. With Microsoft Windows Installer deployment, whenever an application is updated, the user can install an update, an msp file, and apply it to the installed product; with ClickOnce deployment, you can provide updates automatically. Only those parts of the application that have changed are downloaded, and then the full, updated application is re-installed from a new side-by-side folder.
- Impact to the user’s computer. With Windows Installer deployment, applications often rely on shared components, with the potential for versioning conflicts; with ClickOnce deployment, each application is self-contained and cannot interfere with other applications.
- Security permissions. Windows Installer deployment requires administrative permissions and allows only limited user installation; ClickOnce deployment enables non-administrative users to install and grants only those Code Access Security permissions necessary for the application.
In the past, these issues sometimes caused developers to decide to create Web applications instead of Windows-based applications, sacrificing a rich user interface for ease of installation. By using applications deployed using ClickOnce, you can have the best of both technologies.
I hope that this post has been helpful to you. Thank you.