So the user installs the Silverlight application to their desktop, could this desktop version be launched based on them visiting a url?
http://somesite.com/url?params
And the silverlight application could inspect the parameters of the url it was launched from?
No, only the user can initiate it becoming an out of browser application.
Not to mention that any application which does this without the user expecting it would probably be classed as a virus or at the very least spamming the machine. Not good for your reputation!
Related
We are adding modern authentication (OAuth/OIDC) to an application that currently uses Windows integrated authentation for single sign on. The user signs into Windows workstation and those credentials can be used by many applications with authentication happening transparently over Kerberos.
Our app is a dot net web services based application and we have a client for users with browsers and a desktop client in WinForms. The browser scenario is no issue as the identity provider stores information in the browser that can be reused across applications in a similar way to WIA (IWA), but we are unsure the best way to handle the WinForms desktop application case. Currently the WinForms application opens a browser window to authenticate using the typical browser based method. The details from the identity provider are passed through the browser back to the WinForms app using a redirect and a custom protocol based URL.
This all works fine, but the user experience is not super tight and, for the case where the user is already logged in, requires them to press a button in the browser window as current Chromium based browsers seem unwilling to do a redirect without a recent user interaction.
Is there a better way?
The standard options according to RFC8252 are as you describe:
Log in via the system browser
Use either a loopback or private scheme based URL
I have a few blog posts about this and it is a tricky flow. The posts link to code examples you can run that explore the UX a little. You may find that a loopback URL avoids the need for a button click, though personally I think private scheme based URLs are cleaner.
There are UX things you can do, such as an interstitial web page to better control what happens in the disconnected browser. I have seen companies redirect to their own website after desktop logins, to make the UX better.
In the longer term I expect this to be replaced with API Driven OAuth Flows so that you never need to leave the app. For now you may have to live with some UX linitations, but it is the right flow from a security viewpoint.
I've made a silverlight application, with 2 projects in it, a projectname and then a projectname.web but which one will run on the IIS while no one is visiting the site?
or will they both?
Your projectname.xap file will be downloaded from the web server's ClientBin directory to the visitor's web browser, and will run on his computer. If your silverlight application makes any web service (WCF, etc.) calls to the projectname.web Web Application, then during the lifetime of these calls the projectname.web will run, but will otherwise sit idle -- unless you have some code in your projectname.web which keeps running in the background regardless of whether requests are made.
We have a SharePoint site that our users have open all the time (type of dashboard for the business). We have a WinForms application that listens on a specific port for when the user clicks a web part on the SharePoint site, we take the JSON in the WinForms, parse the request and launch a feature in the WinForms. Essentially allowing a web site to launch a feature in a running WinForms app on the same client machine.
This worked great when we were running in XP. When we moved to Windows 7 (with elevated UAC), this feature stopped working. Since we launch the WinForms app via ClickOnce, and ClickOnce apps can't be Run As Administrator, our current code won't work.
We can't make the ClickOnce app Run As Administrator for all the reasons you see here on StackOverflow.
So my question is: how can we invoke a feature in a ClickOnce deployed WinForms app when a user clicks on something in SharePoint site? It is super easy to get the WinForms app to call a Sharepoint web service but I need to go the otherway.
You can invoke a ClickOnce application by calling the deployment manifest URL. If you want to be able to call the app and have it do something specific, call the deployment manifest URL and pass query parameters to it, then have the application handle the query parameters.
This article shows you how to handle query parameters with ClickOnce applications.
We have a requirement to start a WPF application with specific parameters from a link in a browser.
We are wondering if this is possible?
As an alternative could we embed the web application in a WPF browser control, and read the values out of the html web page?
Several possibilities :
if you control the browser (i.e. if you are in an intranet scenario, and have the opportunity to deploy applications), you can :
create an activex or plugin that runs the application
register a new uri scheme to interpret the url of kind "yourapplication://yourarguments"
(complex): deploy a listening app ran under the user session, and from the webapplication, ask this listening app to run the target application
reduce the security of the browser (not recommended)
if you don't control the browser:
create a clickonce application... this involves a setup, but which does not require admin privilege
Moving to Silverlight also might be an option, depending on your needs. SilverLigth V5 (still in beta) notably adds the ability for an admin to control the rights of the application via a GPO
Note: My feelings is the later option (Silverlight) is far more preferable because it's a lot more cleaner and less security hole factor. However, it can only be done if your requirements fits into the SL features
It is not possible to call client app from a browser, previously it was possible from activex controls but for that you need to have a signed library, in wpf you can make browser based application but you cant embed your web app in it.
So partially you are correct if you used wpf app you will be able to launch application on client side but with browser it seems difficult until unless you make activex control
but still i am not 100% sure that with activex control you will be able to launch the app or not
I just lost 5 hours looking for a answer which i haven't been able to find :p
First, I'd like to force a trusted application (i need to access the file system) to display into the browser. Based on what i found on google a trusted application must be installed and launched as a desktop application (also called out-of-browser application).
So, i want to have an installed application on the client side but meanwhile, the user must also be able to start this same application into a browser window when he goes on my web site. Is this possible ?
Second, I'd like to give to the user the possibility to start the application from the browser. To be clear, the application is installed on the client computer but i want a button on my web site which starts the desktop application. How can i do that ?
Thanks
The answers are sort of and no.
Yes you can run an application that has been installed on the client also in the browser. However, not all of the installed application features will be available. Anything that requires elevated trust will not work inside the browser.
No you can't launch the installed application programmatically from within code running in the browser. The best you can do is display a polite message to the user to the effect that they have this app already installed and in order to access all of its feature they will need to launch it.
Yes, it is possbile since Silverlight 5, see my answer on silverlight-4-elevated-permission-inside-the-browser