Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

Make ClickOnce Work With ASP.NET Forms Authentication

, , 20 Mar 2008
A solution for securing access to a ClickOnce application using ASP.NET Forms authentication.
clickoncesite_1.0.zip
ClickOnceSite
ClickOnceHandler
bin
My Project
Application.myapp
Settings.settings
obj
Debug
ClickOnceHandler.dll
TempPE
ClickOnceSite
App_Data
bin
ClickOnceApp
Application Files
XBAPFormsAuth_1_0_0_0
XBAPFormsAuth.exe.deploy
XBAPFormsAuth.exe.manifest
XBAPFormsAuth.xbap
XBAPRef.dll.deploy
XBAPFormsAuth.xbap
My Project
Application.myapp
Settings.settings
obj
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <configSections>
    <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
      <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
        <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
        <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
          <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" />
          <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
          <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
          <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
        </sectionGroup>
      </sectionGroup>
    </sectionGroup>
  </configSections>
  <appSettings>
    <add key="XbapFileName" value="XBAPFormsAuth.xbap"/>
    <add key="AppManifestName" value="XBAPFormsAuth.exe.manifest"/>
    <add key="PathToManifest" value="/Application Files/XBAPFormsAuth_1_0_0_0/"/>
    <add key="SiteRoot" value="/ClickOnceSite/ClickOnceApp/"/>
    <add key="CertFilePath" value="C:\output\TempKey.pfx"/>
  </appSettings>

  <system.web>
    <compilation debug="true" strict="false" explicit="true">
      <assemblies>
        <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
        <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
        <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
      </assemblies>
    </compilation>
    <pages>
      <namespaces>
        <clear />
        <add namespace="System" />
        <add namespace="System.Collections" />
        <add namespace="System.Collections.Generic" />
        <add namespace="System.Collections.Specialized" />
        <add namespace="System.Configuration" />
        <add namespace="System.Text" />
        <add namespace="System.Text.RegularExpressions" />
        <add namespace="System.Linq" />
        <add namespace="System.Xml.Linq" />
        <add namespace="System.Web" />
        <add namespace="System.Web.Caching" />
        <add namespace="System.Web.SessionState" />
        <add namespace="System.Web.Security" />
        <add namespace="System.Web.Profile" />
        <add namespace="System.Web.UI" />
        <add namespace="System.Web.UI.WebControls" />
        <add namespace="System.Web.UI.WebControls.WebParts" />
        <add namespace="System.Web.UI.HtmlControls" />
      </namespaces>
      <controls>
        <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      </controls>
    </pages>
   
    <authentication mode="Forms">
      <forms loginUrl="login.aspx" name=".ADAuthCookie" timeout="20" cookieless="AutoDetect" enableCrossAppRedirects="true"/>
    </authentication>

    <authorization>
      <deny users="?" />
      <allow users="*" />
    </authorization>

    <membership defaultProvider="AspNetSqlMembershipProvider">
      <providers>
      </providers>
    </membership>
  
    <httpHandlers>
     <add verb="*" path="*.deploy" validate="false" type="System.Web.StaticFileHandler" />
      <add verb="*" path="*.manifest" validate="false" type="System.Web.StaticFileHandler" />
      <add verb="*" path="*.xbap" validate="false" type="ClickOnceHandler.ClickOnceApplicationHandler,ClickOnceHandler" />
     </httpHandlers>
    <httpModules>
    </httpModules>
  </system.web>
  <system.codedom>
    <compilers>
      <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
        <providerOption name="CompilerVersion" value="v3.5" />
        <providerOption name="OptionInfer" value="true" />
        <providerOption name="WarnAsError" value="false" />
      </compiler>
    </compilers>
  </system.codedom>
  
  <system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
    <modules>
      <remove name="FormsAuthentication" />
      <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" preCondition="" />
    </modules>
    <handlers>
      <remove name="WebServiceHandlerFactory-Integrated" />
      <remove name="ScriptHandlerFactory" />
      <remove name="ScriptHandlerFactoryAppServices" />
      <remove name="ScriptResource" />
       
      <add name="Clickonce manifest file" path="*.xbap" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv2.0,bitness32" />
      <add name="Clickonce deployment files" path="*.deploy" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv2.0,bitness32" />
      <add name="Clickonce manifest files" path="*.manifest" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv2.0,bitness32" />
    </handlers>
        <defaultDocument>
            <files>
                <clear />
                <add value="Default.aspx" />
            </files>
        </defaultDocument>
  </system.webServer>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
    <connectionStrings>
        <remove name="LocalSqlServer" />
        <add connectionString="Server=DatabaseServer;Database=ASPNET;Integrated Security=true" name="LocalSqlServer" providerName="System.Data.SqlClient" />
    </connectionStrings>
</configuration>

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Authors

David P Henry

United States United States
No Biography provided

Graham Murray

United States United States
No Biography provided

| Advertise | Privacy | Mobile
Web01 | 2.8.140718.1 | Last Updated 20 Mar 2008
Article Copyright 2008 by David P Henry, Graham Murray
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid