Securing and Deploying Add-Ins

Some add-in developers will want to share their add-ins with other people. Visual Studio Tools for Applications provides two options that you can choose between to help add-in developers secure and deploy their add-ins: 

  • Specifying one or more directories that the host application will search to discover add-ins.

    This option is relatively easy to implement. However, it does not include any help for add-in developers who want to update deployed solutions.

  • Implementing ClickOnce for securing and deploying add-ins and prerequisites.

    ClickOnce requires more infrastructure work to implement, but it includes security and maintenance features.

Both of these options require implementation in the host application. Depending on the scale of the ClickOnce implementation, the add-in developer may also have some implementation steps as well.

Directory-Based Deployment

The host application can discover and load add-ins by searching directories that you specify. Add-in developers then deploy their add-ins to those directories on the target computers.

Searching for Add-ins and Loading Them

Use the FindAddIn or FindAddIns methods of the AddInStore class to search the specified directories.

Use one of the Activate methods of the AddInToken class to load the discovered add-ins.

For more information, see Discovering and Loading Add-Ins.

Considerations for Making Add-ins More Robust

Add-ins are less likely to cause other add-ins to fail or the host application to close unexpectedly when they are isolated. To isolate add-ins, make the base directory of the application domain into which an add-in loads separate from the base directory of the application domain of the application. The base directory of an application domain is the path in which the common language runtime searches for assemblies to load into the application domain. The base directory is specified by the BaseDirectory property.

Load add-ins from the following recommended locations, which are listed in order from most isolated to least isolated:

  1. The host application loads each add-in from a different folder. The base directory of the application domain into which each add-in is loaded is unique to each add-in.

  2. The host application loads all add-ins from a set of folders, where each folder contains all of the add-ins that are loaded into a single application domain.

  3. The host application loads all add-ins from a set of folders, where each folder contains all of the add-ins that share the same T:System.IServiceProvider object.

  4. The host application loads all add-ins from a single folder.

ClickOnce Deployment

ClickOnce is an optional feature in Visual Studio Tools for Applications that helps add-in developers secure and maintain their add-ins. For security, ClickOnce can use certificates and the ClickOnce trust prompt to help administrators and users make trust decisions. You can implement ClickOnce infrastructure to help simplify publishing, installing, discovering, and loading add-ins. For general information about ClickOnce, see ClickOnce Deployment and Authenticode.

To use Visual Studio Tools for Applications and ClickOnce, you must implement certain interfaces in the host application. These interfaces are part of the ClickOnce infrastructure that you build in your host application to perform the following steps:

  • Securing add-ins.

  • Publishing add-ins.

  • Installing add-ins and prerequisites.

  • Discovering and loading add-ins.

Securing Add-Ins

ClickOnce uses certificates as evidence for trust decisions. Add-in developers must sign their application and deployment manifests with a certificate, and administrators can grant trust to specified certificates in the company security policy. Alternatively, ClickOnce can display the certificate publisher in a trust prompt so add-in users can decide whether to install an add-in.

To use ClickOnce, you must implement IClickOnceAddInTrustManager. For more information, see Securing Add-ins by Using ClickOnce.

Publishing Add-Ins

Add-in developers must publish their add-ins, assemblies, and manifests to an installation location on a network file share, Web site, SharePoint portal, or CD. To take advantage of ClickOnce maintenance, add-in developers cannot simply copy their add-ins to another computer, because in that case ClickOnce will have nowhere to check for updates.

For more information, see Deploying Add-ins by Using ClickOnce.

Installing Add-ins and Prerequisites

To install add-ins, call the InstallAddIn method. You can implement an optional IClickOnceAddInInstaller interface to track add-in installation progress and create a graphical user interface (GUI) that displays the installation updates.

ClickOnce installers have some specific requirements and recommendations that differ from other installers. For example, the deployment manifest that is used to install the add-in should have a unique file name extension that is specific to the host application and its add-ins. Also, you must write some shell and MIME handlers that take appropriate action to complete the installation steps. For more information, see Deploying Add-ins by Using ClickOnce.

Discovering and Loading Add-Ins

You must implement a host deployment manager that interacts with the ClickOnce deployment manager to discover and load Visual Studio Tools for Applications add-ins on the end user's computer. For more information, see Deploying Add-ins by Using ClickOnce.

See Also

Tasks

How to: Configure the ClickOnce Trust Prompt

Concepts

Securing Add-ins by Using ClickOnce

How to: Sign Application and Deployment Manifests with Mage.exe

Deploying Add-ins by Using ClickOnce

Walkthrough: Integrating ClickOnce for a Managed Object Model

Other Resources

Visual Studio Tools for Applications 2.0