.NET Smart Client .NET Smart Client DevelopmentDevelopment

Stephen TurnerStephen TurnerSoftware Design Software Design

EngineerEngineersturner@microsoft.costurner@microsoft.co

mmMicrosoft UKMicrosoft UK

Stuff we’ll talk about…Stuff we’ll talk about…

Evolution of the client modelEvolution of the client modelWindows FormsWindows Forms The .NET Framework smart clientThe .NET Framework smart client

Code Access SecurityCode Access Security Run applications safely from the InternetRun applications safely from the Internet

Smart Device ProgrammabilitySmart Device Programmability Pocket PC and SmartphonePocket PC and Smartphone

Office System 2003Office System 2003 The document-centric smart clientThe document-centric smart client

Visual Studio Tools for OfficeVisual Studio Tools for Office

Evolution of the Client Evolution of the Client ModelModelTraditional Rich ClientTraditional Rich Client

ProsPros UncompromisedUncompromised

user experienceuser experience Great interactivityGreat interactivity Flexible offline operation & storageFlexible offline operation & storage Strong integration with client-side Strong integration with client-side

APIsAPIs Great developer tools supportGreat developer tools support

ConsCons Difficult to deploy & administer appsDifficult to deploy & administer apps Global machine impact or “DLL hell”Global machine impact or “DLL hell” Serious security issues, viruses, etc.Serious security issues, viruses, etc.

Traditional Web ClientTraditional Web ClientProsPros

Broad desktop reachBroad desktop reach Easy administrationEasy administration

ConsCons Impaired or frustrating user Impaired or frustrating user

experienceexperience No offline operation or storageNo offline operation or storage Poor integration with client-side APIsPoor integration with client-side APIs DHTML / scripting tools non-existentDHTML / scripting tools non-existent

.NET Framework Smart Client.NET Framework Smart ClientTo the metal performanceTo the metal performance

GDI+ & DirectX graphicsGDI+ & DirectX graphics Direct Win32 & COM as neededDirect Win32 & COM as needed

““Real time” interactivityReal time” interactivityNo mind-numbing “round trip” waitNo mind-numbing “round trip” wait

Asynchronously web servicesAsynchronously web servicesFriction free deployment & Friction free deployment & versioningversioning

Launch app from a URLLaunch app from a URL Embed control in a web pageEmbed control in a web page

Safe and secure app executionSafe and secure app execution Code access securityCode access security

Automatic online / offline supportAutomatic online / offline support Application updater componentApplication updater component

Gartner on .NETGartner on .NETThe “High Fidelity” (or Smart) ClientThe “High Fidelity” (or Smart) Client

Microsoft’s much-misunderstood .NET … Microsoft’s much-misunderstood .NET … strategy will lead astrategy will lead a resurgence in rich-client … resurgence in rich-client … deploymentdeployment..Despite the focus during the past five years on Despite the focus during the past five years on browser-enabled applications, the browser-enabled applications, the problems … problems … (such as lack of richness and … server round-trip (such as lack of richness and … server round-trip processing)processing) have become all too well-known. have become all too well-known.… … Microsoft’s Microsoft’s .NET message has always been .NET message has always been aboutabout so-called so-called “smart” clients“smart” clients (synonymous (synonymous with Gartner’s term “high-fidelity client”) with Gartner’s term “high-fidelity client”) and on and on experiencesexperiences..By 2005, as much as By 2005, as much as 60 percent of new .NET 60 percent of new .NET applications will beapplications will be designed with designed with high-fidelity high-fidelity clientclient deployment in mind. deployment in mind.

Windows FormsWindows FormsThe .NET Framework Smart ClientThe .NET Framework Smart Client

Operating SystemOperating SystemOperating SystemOperating System

Common Language Runtime (CLR)Common Language Runtime (CLR)Common Language Runtime (CLR)Common Language Runtime (CLR)

Base Class Libraries (BCL)Base Class Libraries (BCL)Base Class Libraries (BCL)Base Class Libraries (BCL)

ADO.NET and XMLADO.NET and XMLADO.NET and XMLADO.NET and XML

ASP.NETASP.NETWeb Forms Web ServicesWeb Forms Web Services

ASP.NETASP.NETWeb Forms Web ServicesWeb Forms Web Services

WindowsWindowsFormsForms

WindowsWindowsFormsForms

Common Language SpecificationCommon Language SpecificationCommon Language SpecificationCommon Language Specification

VisualVisual BasicBasicVisualVisual BasicBasic C#C#C#C# J#J#J#J# …………

Visu

al S

tud

io .N

ET

Visu

al S

tud

io .N

ET

Visu

al S

tud

io .N

ET

Visu

al S

tud

io .N

ET

C++C++C++C++

Windows FormsWindows FormsA Powerful Framework for Windows A Powerful Framework for Windows AppsApps

Visual form and control inheritanceVisual form and control inheritance Runtime & design-time architectureRuntime & design-time architecture

Advanced support for layout and printingAdvanced support for layout and printing Control anchoring & docking, auto-scroll, etc.Control anchoring & docking, auto-scroll, etc.

Powerful data binding semanticsPowerful data binding semantics Bind any control property to any data sourceBind any control property to any data source

Easy internationalization & accessibilityEasy internationalization & accessibility Just set properties on forms & controlsJust set properties on forms & controls

Extensive third-party control marketExtensive third-party control market http://www.componentsource.comhttp://www.componentsource.com

““Friction Free” DeploymentFriction Free” DeploymentNo-Touch Maintenance of the ClientNo-Touch Maintenance of the Client

No “installation” necessary – just run itNo “installation” necessary – just run it Code downloads on-demand Code downloads on-demand from afrom anyny web web

serverserver Saved in cache and dynamically updatedSaved in cache and dynamically updated

CCopy opy to a folderto a folder and delete when done and delete when done No No registry entries or registry entries or other other dependenciesdependencies

Side-by-side Side-by-side “isolation by default”“isolation by default” DDifferent app versions in different foldersifferent app versions in different folders Share “strong namShare “strong named”ed” assemblies assemblies in GAC in GAC

Windows Installer technologyWindows Installer technology Self repairing installations, rollback, signingSelf repairing installations, rollback, signing

Building & Running a .NET Building & Running a .NET ClientClient

DataSets & data DataSets & data bindingbindingVisual InheritanceVisual InheritanceInternationalizationInternationalization

Issues of Code SecurityIssues of Code Security

The enemy is among us – no The enemy is among us – no perimetersperimetersInnocent but trusted code often plays Innocent but trusted code often plays host to malicious mobile codehost to malicious mobile codeMalicious code can do anything that Malicious code can do anything that the user has permissions to dothe user has permissions to doThe user will always make the wrong The user will always make the wrong security decisionsecurity decision

LIBRARYOnly people

with a membership card can use

books.

LIBRARYOnly people

with a membership card can use

books.

Code Security in PicturesCode Security in PicturesSecurity Policy

BobAliceEve

Alice, would you get a book for

me?

Bob, would you get a book for

Eve?

I would like to check out a book

Are you and all who will handle this book members?

Shared Library

Luring attack

Untrusted code

Stack Walk

Security Demand

Call Chain

MEMBERcard

Evidence

MEMBERcard

MEMBERcard

LIBRARYOnly those who have a member card can check out a book.

LIBRARYOnly those who have a member card can check out a book.

BobAliceEve

Alice, would you get a book for

me?

Bob, would you get a book for

Eve?

I would like to check out a book

Are you and all who will handle this book members?

Eve is not a member, but I vouch

for her.

Stack Modifier:Assert() I don’t

want to be responsible – won’t

pass books

promoting violence!

Stack Modifier:Deny()

I will only pass

books printed

after 1980

Stack Modifier:

PermitOnly()

Code Security in PicturesCode Security in Pictures

Code Access SecurityCode Access SecurityClient Apps Client Apps Run Run Safely from the Safely from the InternetInternet

Evidence of Evidence of code code origin and credentialsorigin and credentials Origin: Origin: IE zone, web site & IE zone, web site & URLURL Credentials: Credentials: strong name signature, strong name signature,

AuthenticodeAuthenticode

Security PermissionsSecurity Permissions AAuthorization to execute a protected operationuthorization to execute a protected operation Restricted access to Restricted access to a a machine resourcemachine resource

Security PolicySecurity Policy Determines permissions based on evidenceDetermines permissions based on evidence Easily Easily maintainedmaintained by administrator by administrator & policy & policy

No security decision is ever made by the No security decision is ever made by the user!user!

Code Access SecurityCode Access SecurityGranular Permissions Protect Granular Permissions Protect ResourcesResources

FileIOFileIOFileDialogFileDialogIsolatedStorage IsolatedStorage EnvironmentEnvironmentRegistryRegistryUI UI PrintingPrintingReflection Reflection SecuritySecurity

SocketSocketWebWebOleDbOleDbSQLClientSQLClientMessageQueueMessageQueueEventLogEventLogDirectoryServicesDirectoryServices… … extensible extensible

Execution, Assertion, Skip verification, Execution, Assertion, Skip verification, Unmanaged code, Control evidence, Control Unmanaged code, Control evidence, Control policy, Control principal, Control threadspolicy, Control principal, Control threads

Code Access SecurityCode Access SecurityAll Code in Call Chain is EvaluatedAll Code in Call Chain is Evaluated

MYAPP (INTRANET)MYAPP (INTRANET). . . .. . . .myComponent.ReadSetting(key);myComponent.ReadSetting(key);. . . .. . . .

MYCOMPONENT (LOCALMACHINE)MYCOMPONENT (LOCALMACHINE). . . .. . . .Stream fileStream = FileStream.Open(“settings.xml”);Stream fileStream = FileStream.Open(“settings.xml”);. . . .. . . .

CallsCalls

Got Permission?Got Permission?

Got Permission?Got Permission?

ExceptionException

CallsCalls

FRAMEWORKFRAMEWORKpublic FileStream (string name) {public FileStream (string name) {

FileIOPermission fp = new FileIOPermission(name)FileIOPermission fp = new FileIOPermission(name)fp.Demand()fp.Demand(). . . .. . . .

}}

Code Access SecurityCode Access SecurityStack Walk Stopped by AssertStack Walk Stopped by Assert

MYAPP (INTRANET)MYAPP (INTRANET). . . .. . . .myComponent.ReadSetting(key);myComponent.ReadSetting(key);. . . .. . . .

MYCOMPONENT (LOCALMACHINE)MYCOMPONENT (LOCALMACHINE). . . .. . . .FileIOPermission fp = new FileIOPermissionFileIOPermission fp = new FileIOPermission

(FileIOPermissionAccess.Read, “settings.xml”);(FileIOPermissionAccess.Read, “settings.xml”);fp.Assert();fp.Assert();Stream fileStream = FileStream.Open(“settings.xml”);Stream fileStream = FileStream.Open(“settings.xml”);

CallsCalls

Got Permission?Got Permission?CallsCalls

FRAMEWORKFRAMEWORKpublic FileStream (string name) {public FileStream (string name) {

FileIOPermission fp = new FileIOPermission fp = new FileIOPermission(name)FileIOPermission(name)

fp.Demand()fp.Demand(). . . .. . . .

}}

ReturnsReturns

ReturnsReturns

Code Access SecurityCode Access Security

Internet, Local Internet, Local Intranet & My Intranet & My Computer zonesComputer zonesWindows Forms Windows Forms control within a control within a browser pagebrowser page

Device ProgrammabilityDevice ProgrammabilityBroad Reach vs. Smart DeviceBroad Reach vs. Smart Device

ASP.NET Mobile ASP.NET Mobile ControlsControls

ASP.NET Mobile ASP.NET Mobile ControlsControls

Mobile Web Mobile Web BrowserBrowser

Mobile Web Mobile Web BrowserBrowser

Remote Web PagesRemote Web Pages

Device Operating SystemDevice Operating SystemDevice Operating SystemDevice Operating System

Smart Device Smart Device ProgrammabilitProgrammabilit

yy

Smart Device Smart Device ProgrammabilitProgrammabilit

yy

.NET Compact .NET Compact FrameworkFramework

.NET Compact .NET Compact FrameworkFramework

Local CodeLocal Code

Smart clientSmart client

Smart Device Smart Device ProgrammabilityProgrammabilityVS .NET and .NET Compact VS .NET and .NET Compact FrameworkFramework

Common Language RuntimeCommon Language Runtime

Base Class LibrariesBase Class Libraries

ADO.NET and XMLADO.NET and XML

ASP.NETASP.NETWeb FormsWeb Forms

Web Web ServicesServices

WindowsWindowsFormsForms

VisualVisualBasicBasic C++C++ C#C# J#J# …… V

isu

al S

tud

io .N

ET

Vis

ual S

tud

io .N

ET

Smart Device Smart Device ProgrammabilitProgrammabilityy• Targets .NET Targets .NET Compact Compact FrameworkFramework• Integrated IDEIntegrated IDE• EmulatorsEmulators• Remote Remote debuggingdebugging

.NET Compact .NET Compact FrameworkFramework• Managed codeManaged code• Web servicesWeb services• Rich subset Rich subset of .NET of .NET Framework Class Framework Class LibrariesLibraries

Smart Device Smart Device Programmability Programmability Remote DebuggingRemote Debugging

Same user experience as desktopSame user experience as desktop Compile application for deviceCompile application for device Automatically deploys to selected device Automatically deploys to selected device Output Window used for deployment Output Window used for deployment

messagesmessages

Supported features includeSupported features include On-device debuggingOn-device debugging BreakpointsBreakpoints Multi-language debuggingMulti-language debugging Call Stack, Watch windowsCall Stack, Watch windows Command window – ImmediateCommand window – Immediate

Smart Device Smart Device Programmability Programmability SQL Server™ Windows® CE Edition SQL Server™ Windows® CE Edition 2.02.0

On-device data engine for Windows CE-On-device data engine for Windows CE-powered devicespowered devices

Rich replication and synchronization Rich replication and synchronization with SQL Serverwith SQL Server

Designed for high performance in Designed for high performance in resource-constrained environmentsresource-constrained environments

Managed .NET Compact Framework Managed .NET Compact Framework providerprovider

Smart Device Smart Device ProgrammabilityProgrammability

Windows Mobile Windows Mobile 2003 for Pocket PC2003 for Pocket PC

Office System 2003Office System 2003The Document Centric Smart ClientThe Document Centric Smart Client

XML in WordXML in Word & & ExcelExcel 2003 2003 Customer defined XML schema mappingCustomer defined XML schema mapping

Research Library Task PaneResearch Library Task Pane Customized information search & actionsCustomized information search & actions

Smart Documents Task PaneSmart Documents Task Pane User reactive guided User reactive guided solutionssolutions

InfoPath 2003InfoPath 2003 Easy forms to gather and reuse XML dataEasy forms to gather and reuse XML data

Visual Studio Tools for OfficeVisual Studio Tools for Office New New pprojects rojects ttypes for VS 2003ypes for VS 2003

Visual Studio Tools for Visual Studio Tools for OfficeOfficeNew PNew Prrojects Tojects Types ypes forfor VSVS.NET 2003.NET 2003

Power and richness of the Office SystemPower and richness of the Office System ““Code Code behind” forbehind” for Word Word && Excel 2003 Excel 2003 Secure auto-deployment of .NET application Secure auto-deployment of .NET application

codecode

VS.NET VS.NET developer developer productivityproductivity Real languages – Visual BasicReal languages – Visual Basic .N.NETET and Visual and Visual

C#C# IntelliSense, IntelliSense, ccode ode ooutlining, utlining, ddynamic ynamic hhelp, etc.elp, etc. Advanced debugging environmentAdvanced debugging environment Visual designers for WinForms, XML, dataVisual designers for WinForms, XML, data, etc., etc. Power of the .NET Framework and web servicesPower of the .NET Framework and web services

Visual Studio Tools for Office Beta 1 can be downloaded from:Visual Studio Tools for Office Beta 1 can be downloaded from:http://msdn.microsoft.com/vstudio/officehttp://msdn.microsoft.com/vstudio/office

Office System 2003Office System 2003

Visual Studio ToolsVisual Studio Toolsfor Office with Excelfor Office with Excel

TaskVisionTaskVisionA “Best Practice” Windows Forms A “Best Practice” Windows Forms SampleSample

Extensive high quality sample source Extensive high quality sample source codecodeSmart client task management Smart client task management applicationapplication Authenticated users can add, view & Authenticated users can add, view &

modify shared projects and tasks modify shared projects and tasks

Any number of scenariosAny number of scenarios Customer serviceCustomer service Bug trackingBug tracking Create your ownCreate your own

TaskVision 1.1 can be downloaded from:TaskVision 1.1 can be downloaded from:http://www.windowsforms.nethttp://www.windowsforms.net

TaskVisionTaskVisionExtensive Client & Server Extensive Client & Server RequirementsRequirements

Offline / online model Offline / online model Auto-updating over Auto-updating over HTTP (no-touch HTTP (no-touch maintenance) maintenance) Asynchronous web Asynchronous web service callsservice callsAuthentication ticket to Authentication ticket to prevent replay attacksprevent replay attacksAuthorization to control Authorization to control access to features access to features ADO.NET data access ADO.NET data access with stored procedureswith stored procedures

Data collision handling Data collision handling Printing with preview Printing with preview Integration with Win32 Integration with Win32 and COM componentsand COM componentsLocalization (UI) and Localization (UI) and globalization (format) globalization (format) Accessibility supportAccessibility supportDynamic properties Dynamic properties Graphics development Graphics development using GDI+ using GDI+ Windows XP Themes Windows XP Themes

.NET Smart Client .NET Smart Client SummarySummaryThe Best of the Web… The Power of The Best of the Web… The Power of the PCthe PCEvolution of the client modelEvolution of the client model

Windows FormsWindows Forms The .NET Framework smart clientThe .NET Framework smart client

Code Access SecurityCode Access Security Run applications safely from the InternetRun applications safely from the Internet

Smart Device ProgrammabilitySmart Device Programmability Pocket PC and SmartphonePocket PC and Smartphone

Office System 2003Office System 2003 The document-centric smart clientThe document-centric smart client

Visual Studio Tools for OfficeVisual Studio Tools for Office

Useful ResourcesUseful Resources

http://www.windowsforms.nethttp://www.windowsforms.net TaskVisionTaskVision, sample code, forum, articles, etc., sample code, forum, articles, etc.

Mobility and the .NET Compact FrameworkMobility and the .NET Compact Framework http://msdn.microsoft.com/mobilityhttp://msdn.microsoft.com/mobility

http://http://msdn.microsoft.com/officemsdn.microsoft.com/office Visual Studio Tools for Office, etc.Visual Studio Tools for Office, etc.

http://msdn.microsoft.com/communityhttp://msdn.microsoft.com/community Hundreds of active third party communitiesHundreds of active third party communities

http://msdn.microsoft.com/newsgroupshttp://msdn.microsoft.com/newsgroups dotnet.framework.windowsformsdotnet.framework.windowsforms vsnet.tools.officevsnet.tools.office

© 2003 Microsoft Ltd. All rights reserved.© 2003 Microsoft Ltd. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.