How do I run a Full Trust XBAP on intranet?
I've made a WPF Browser Application that hosts old WinForms controls (I haven't migrated fully to WPF yet). Using WindowsFormsHost means my Browser App requires Full Trust to run. This is not a problem for me since this app is only meant to be run on the intranet at my company. However, after I deploy the xbap to a network share, it refuses to run, saying "Trust not granted".
What are the methods I can use to grant Full Trust to XBAP applications stored on my companies intranet?
Answer
So far, I've found 2 ways to do this. Through a really complicated method of installing certificates on the target machine.
Or through a simpler method, which is only suitable for intranets here:
Deploy a custom CLR Security policy that modifies the default permissionset for the given zone
So I did just that, and it works. Here's the detailed steps how I got it to work:
- Open Control Panel > Administrative Tools > .NET Framework 2.0 Configuration
- Expand Runtime Security Policy > Machine > Code Groups > All_Code
- Right Click All_Code and click New…
- Create a new code group, I named mine MyProject_FullTrust_Zone
- Choose the URL condition type and specify the path on the network where the apps will be deployed.
- Choose Use Existing permission set, and set it to Full Trust.
Now the only problem with this method, is that I have to deploy this change to hundreds of machines. So maybe there's still a simpler way to do this?