Ahmadreza's Notes

On .NET Framework and Software Architecture

Posts Tagged ‘XBAP

How to sign the XBAP with your own certificate

with 5 comments

I am writing a series of posts about WPF Browser Application, XBAP  and configuration tips. I’m going to host this application in IIS 5.1 and I developed them in .Net 3.5. The reason I have chosen IIS5.1 and .Net 3.5 is because of challenges I had in one of my recent projects. Configuring this type of projects is different in other versions of IIS and .Net frameworks and they are not is subject of this post series.

  1. How to create a simple Browser Enables WPF application
  2. How to host a windows form application inside XBAP
  3. How to sign the XBAP with your own certificate
Note: Making a browser enabled application as full trust according to this method is not completely secured. This can be used for testing purposes in testing environments. Please select proper certificates and known trusted root certification authorities.

Before starting I think its better to have same understanding of file extension that we are going to talk about.

.cer file: Apublic key which is given by Certificate Authority

.pvk file: This file is your private key and should keep it confidential

.pfx file: This is a Personal Information Exchange file and again you should keep it confidential because it contains

We have created a simple WPF Browser application and a simple windows application which is hosted inside the XBAP application. When we created WPF application Visual Studio automatically create a .pfx (Which is used for signing ClickOnce manifest).

To create your own certificate you need to follow these steps:

Step 1: Creating your key pairs (Public and Private)

open Visual Studio Command Prompt (2010) and then goto your application path and type following command


makecert -n "CN=Your Company Name" -r -sv Key.pvk Key.cer

A password dialog box will be displayed and you set your own password. This command creates two files one private key and one certificate.

Step2: Then you need to create PFX file which is used for signing ClickOnce manifest and contains both private and public key.


pvk2pfx.exe -pvk Key.pvk -spc Key.cer -pfx KeyPFX.pfx -po [password]

Put your own password as [password] and this command will create a PFX file

Step 3: Back to the solution explorer delete “SimpleBrowserApplication_TemporaryKey.pfx” and goto Application property page and select signing tab. Click on “Select from file” and select the PFX file you have just created.

Step 4: Just like before  publish it to you server.

Step 5: Give certificate to the client and register the certificate on the client machine. To do this double-clicking on .cer file. You will see following window. Click on Install Certificate button.

Follow installation wizard and click Next on the first window.

In this window select “Place all certificates in the following store”  and then select “Browse…” button.

In this window select “Trusted Publishers” and then click Ok. Select “Next” previous windows and then select finish.

Step 6: Redo the step 5 but this time select “Trusted Root Certification Authorities” as the certificate store.

Now you have enabled your client to accept this XBAP application as full-trust application.

Written by Ahmadreza Atighechi

May 20, 2011 at 9:30 am

Posted in Blog

Tagged with

How to host a windows form application inside XBAP

with 2 comments

I am writing a series of posts about WPF Browser Application, XBAP  and configuration tips. I’m going to host this application in IIS 5.1 and I developed them in .Net 3.5. The reason I have chosen IIS5.1 and .Net 3.5 is because of challenges I had in one of my recent projects. Configuring this type of projects is different in other versions of IIS and .Net frameworks and they are not is subject of this post series.

  1. How to create a simple Browser Enables WPF application
  2. How to host a windows form application inside XBAP
  3. How to sign the XBAP with your own certificate
Imagine we have an existing windows form application or you are developing a windows form application. The question is how you can make your windows application browser enabled. The answer is Browser Enabled WPF application. But usually when we create a WPF application we have to use WPF elements inside Xaml. “WindowsFormsIntegration” will help you to host your windows form application inside your WPF.
For rest of this post I consider you already have previous post sample, because I’m going to update the same project. Lets open the SimpleBrowserApplication and add a reference to ”WindowsFormsIntegration”. As the second step I want to add new project to our solution of type “Windows Form Application” and I call it “WinFormSample”.
Note: Make sure when you are creating windows form application you selected .Net 3.5 because we are going to reference this project inside WPF project and they should be compatible.
That is how our solution looks like after adding windows form application and couple of simple controls on it. Next step we have to reference WinFormSample in SimpleBrowser application. Now our WPF application has got two more references which are “WindowsFormsIntegrations” and “WinFormSample”. Now we have to change Page1.xaml and put the following StackPanel instead of previous <Grid>

<StackPanel x:Name="stackPanel">
</StackPanel>

Actually this is a place holder for WindowsFormsHost that we are going to place in main form. For next step we need add System.Windows.Froms reference to WBP project. Then  we have to change page1.xaml code as follow.

public partial class Page1 : Page
{
	private readonly Form1 mainForm = new Form1();
	WindowsFormsHost windowsFormsHost;

	public Page1()
	{
		InitializeComponent();
		AddWindowsForm();
	}
	private void AddWindowsForm()
	{
		windowsFormsHost = new WindowsFormsHost();

		stackPanel.Children.Add(windowsFormsHost);

		// If you don't write this line you'll get "The child control cannot be a top-level form" exception
		mainForm.TopLevel = false;
		windowsFormsHost.Child = mainForm;
	}

}

We created a WindowsFormHost and added this control into stackPanel Child list and set the child property of windowsFormsMost to mainForm which is already instantiated of Form1.

One of important thing is setting mainForm.TopLevel to false. Because if you don’t do that you will get an exception and if you dive into innerexeptions you will find out that main reason is System.ArgumentException: The child control cannot be a top-level form.

If you run this application you’ll see following browser window which hosts Form1.

The point is when you run this application from visual studio it runs in My Computer Zone so there is no problem for security. According Microsoft document “WPF Partial Trust Security” section “Partial Trust Programming” when you run WPF application which requires full trust and current zone is “My Computer” behavior is “Automatic full trust” and for getting full trust no action is required.

But if you publish this project and try to browse this application you will get Trust Not Granted error. Because application will request for full trust and it fails with “Trust Not Granted”. In order to get full trust is signing XBAP with certificate.

In the next post we will see how to sign XBAP with your own certificate and make it work.

The source code of this application is also available you can download it here

Written by Ahmadreza Atighechi

May 17, 2011 at 9:29 am

Posted in Blog

Tagged with

How to create a simple Browser Enabled WPF application

with one comment

I am writing a series of posts about WPF Browser Application, XBAP  and configuration tips. I’m going to host this application in IIS 5.1 and I developed them in .Net 3.5. The reason I have chosen IIS5.1 and .Net 3.5 is because of challenges I had in one of my recent projects. Configuring this type of projects is different in other versions of IIS and .Net frameworks and they are not is subject of this post series.

  1. How to create a simple Browser Enables WPF application
  2. How to host a windows form application inside XBAP
  3. How to sign the XBAP with your own certificate

Firstly run Visual Studio 2010 and select new project from file menu

To create simple WPF browser application you need to select “WPF Browser Application” template from project templates. Once project template is created open Page1.xaml Xaml code and change Grid into following code

    <Grid>
        <Rectangle
            Fill="#33CC66"
            Width="2in"       Height="1in"
            Canvas.Top="25"          Canvas.Left="50"
            StrokeThickness="6px" Stroke="Orange" />
    </Grid>

This Xaml code will create a simple rectangle with border and if you run this application, It will show following shape inside your browser.

Deploying a WPF application

There are multiple ways to do that. Simply you can publish your application using visual studio. Right-click on project and select publish menu. Publish wizard is displayed. Follow the steps until the end of publish steps.

You must follow Microsoft instruction for How to: Configure IIS 5.0 and IIS 6.0 to Deploy WPF Applications to configure your server and client requires Internet Explorer plus .Net Framework to run this application.

Basically internet application which runs inside the browsers should have restricted access to critical resources. It means WPF browser application -By default- should respect to these restrictions so that client can make sure there is no harm to execute this application. Browser Enabled application by default is marked as partially trusted and ClickOnce security setting is set to Internet Zone so that your application will be running on the client browser without any problem.

As you see “Enable ClickOnce security settings” and “This is a partial trust application” are ticked by default and and ClickOnce manifests is signed by a temporary key. Which means on one your application will be restricted to security permission which is fully described in this document. On the other hand your application will be executed on client browser without any other additional configuration.

Above picture shows that you can run This simple WPF Browser Enabled application in “Internet Zone”.

The main reason of writing this post series for me is hosting windows form application inside XBAP application and running inside browser. In next post we will see how to host an existing windows form application within a WPF Browser application.

Sample project is also available you can download it here

Written by Ahmadreza Atighechi

May 12, 2011 at 2:59 pm

Posted in Blog

Tagged with

Follow

Get every new post delivered to your Inbox.