 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / Windows Forms / WinForm General / June 2006ClickOnce deployment security on the Internet
We have a TabletPC application used by remote, roaming users who only have Internet access. We would like to place the deployment site on our Internet so they will be able to apply updates, however the issue of security for ClickOnce seems not to have been considered by Microsoft for some odd reason (considering that Microsoft has, in theory, become so security conscience these days). For example, we would like the users to be authenticated prior to applying updates. This can be somewhat dicey because we do not have AD for our internal network users in the DMZ, even if it could be done at all (which appears to not be the case). Has anyone faced this issue and, if so, how did you go about solving it? Nope, we use AD to enforce this stuff. That said, if you open up the default.htm generated by clickonce, you'll see it ain't doing a whole lot. You could easily do away with default.htm and replace it with a .asp or .aspx page that incorporates your own authentication. You'd have to tweak stuff to hide the folders and files. But, it could definitely be done. P.S. I think MS is really heavily on AD if you want something like this locked down. You could also make the site only accessible from inside your network.  SignatureRobbe Morris - 2004-2006 Microsoft MVP C# Earn money answering .NET questions http://www.eggheadcafe.com/forums/merit.asp > We have a TabletPC application used by remote, roaming users who only have > Internet access. We would like to place the deployment site on our [quoted text clipped - 7 lines] > > Has anyone faced this issue and, if so, how did you go about solving it? I would prefer to limit it to the inside network, but unfortunetly our TabletPC's are being used by remote staff throughout the country. For SOX reasons, we are not allowed to give them VPN access to our internal network. > Nope, we use AD to enforce this stuff. That said, > if you open up the default.htm generated by [quoted text clipped - 24 lines] >> >> Has anyone faced this issue and, if so, how did you go about solving it? > I would prefer to limit it to the inside network, but unfortunetly our > TabletPC's are being used by remote staff throughout the country. For SOX > reasons, we are not allowed to give them VPN access to our internal network. I have to ask; what specifically in SOX disallows you from giving VPN access to your internal network? It would seem rather odd that SOX suddenly makes the use of VPN illegal... It is not illegal, but VPN access is tightly controlled and much more difficult to get approval. >> I would prefer to limit it to the inside network, but unfortunetly our >> TabletPC's are being used by remote staff throughout the country. For SOX [quoted text clipped - 4 lines] > access to your internal network? It would seem rather odd that SOX > suddenly makes the use of VPN illegal... Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.