Advanced Visual Studio Advanced Visual Studio 2005 Tools for Office 2005 Tools for Office Programming and Programming and DeploymentDeployment

David TruxallDavid TruxallArchitectArchitectNuSoft SolutionsNuSoft Solutions

AgendaAgenda

Server programmingServer programming

SecuritySecurity

DeploymentDeployment

Server GoalsServer Goals

Make it as simple to create Office Make it as simple to create Office content on the server as it is for content on the server as it is for HTMLHTML

Integrate with VSTO 2005 Integrate with VSTO 2005 programming modelprogramming model

ClientServer Symmetry ClientServer Symmetry

Scale Scale ScaleScale Scale Scale

Integrate with ASP NET programming Integrate with ASP NET programming modelmodel

Server Capabilities in VSTO Server Capabilities in VSTO 20052005

Fill the data island on the serverFill the data island on the server

Program against the data on the Program against the data on the serverserver

Run code outside the documentRun code outside the document

Expose data from Office docs to ASPXExpose data from Office docs to ASPX

Server FeatureServer FeatureRead and Write Cached DataRead and Write Cached Data

Load the document (does not start the Office application)Dim productsDoc As String = CDocumentsProducts0105xlsDim doc As ServerDocument = New ServerDocument(productsDoc)

11

Read the cached data from the dataset in the worksheet Dim cdi As CachedDataItemcdi = docCachedDataManifestViews(ProductWorksheet) _ CachedData(ProductWorksheetProductCache)Dim sr As SystemIOStringReader = New _ SystemIOStringReader(cdiXml)ProductsDataReadXml(sr)

22

Write the modified dataset back to the dataset in the workbookcdiSerializeDataInstance(ProductsData)docSave()docClose()

33

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Server Side Code prepopulates elements before sending to clientServer Side Code prepopulates elements before sending to client

John is cool$34500

URL RequestCreateExpenseaspxCreateExpenseaspx

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Document is transferred with dataDocument is transferred with data

URL RequestCreateExpenseaspxCreateExpenseaspx

Mike is cooler$100000

Filling the Data IslandFilling the Data Island

All the data in a VSTO 2005 enabled All the data in a VSTO 2005 enabled Office document is stored in a Office document is stored in a standard data islandstandard data island

This enables the VSTO 2005 runtime This enables the VSTO 2005 runtime to access the data without having to to access the data without having to invoke Word or Excelinvoke Word or Excel

BenefitsBenefitsDoesnrsquot require you to run Word or Excel Doesnrsquot require you to run Word or Excel on the serveron the server

Some significant scaling issuesSome significant scaling issues

Not supported by MicrosoftNot supported by Microsoft

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

AgendaAgenda

Server programmingServer programming

SecuritySecurity

DeploymentDeployment

Server GoalsServer Goals

Make it as simple to create Office Make it as simple to create Office content on the server as it is for content on the server as it is for HTMLHTML

Integrate with VSTO 2005 Integrate with VSTO 2005 programming modelprogramming model

ClientServer Symmetry ClientServer Symmetry

Scale Scale ScaleScale Scale Scale

Integrate with ASP NET programming Integrate with ASP NET programming modelmodel

Server Capabilities in VSTO Server Capabilities in VSTO 20052005

Fill the data island on the serverFill the data island on the server

Program against the data on the Program against the data on the serverserver

Run code outside the documentRun code outside the document

Expose data from Office docs to ASPXExpose data from Office docs to ASPX

Server FeatureServer FeatureRead and Write Cached DataRead and Write Cached Data

Load the document (does not start the Office application)Dim productsDoc As String = CDocumentsProducts0105xlsDim doc As ServerDocument = New ServerDocument(productsDoc)

11

Read the cached data from the dataset in the worksheet Dim cdi As CachedDataItemcdi = docCachedDataManifestViews(ProductWorksheet) _ CachedData(ProductWorksheetProductCache)Dim sr As SystemIOStringReader = New _ SystemIOStringReader(cdiXml)ProductsDataReadXml(sr)

22

Write the modified dataset back to the dataset in the workbookcdiSerializeDataInstance(ProductsData)docSave()docClose()

33

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Server Side Code prepopulates elements before sending to clientServer Side Code prepopulates elements before sending to client

John is cool$34500

URL RequestCreateExpenseaspxCreateExpenseaspx

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Document is transferred with dataDocument is transferred with data

URL RequestCreateExpenseaspxCreateExpenseaspx

Mike is cooler$100000

Filling the Data IslandFilling the Data Island

All the data in a VSTO 2005 enabled All the data in a VSTO 2005 enabled Office document is stored in a Office document is stored in a standard data islandstandard data island

This enables the VSTO 2005 runtime This enables the VSTO 2005 runtime to access the data without having to to access the data without having to invoke Word or Excelinvoke Word or Excel

BenefitsBenefitsDoesnrsquot require you to run Word or Excel Doesnrsquot require you to run Word or Excel on the serveron the server

Some significant scaling issuesSome significant scaling issues

Not supported by MicrosoftNot supported by Microsoft

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Server GoalsServer Goals

Make it as simple to create Office Make it as simple to create Office content on the server as it is for content on the server as it is for HTMLHTML

Integrate with VSTO 2005 Integrate with VSTO 2005 programming modelprogramming model

ClientServer Symmetry ClientServer Symmetry

Scale Scale ScaleScale Scale Scale

Integrate with ASP NET programming Integrate with ASP NET programming modelmodel

Server Capabilities in VSTO Server Capabilities in VSTO 20052005

Fill the data island on the serverFill the data island on the server

Program against the data on the Program against the data on the serverserver

Run code outside the documentRun code outside the document

Expose data from Office docs to ASPXExpose data from Office docs to ASPX

Server FeatureServer FeatureRead and Write Cached DataRead and Write Cached Data

Load the document (does not start the Office application)Dim productsDoc As String = CDocumentsProducts0105xlsDim doc As ServerDocument = New ServerDocument(productsDoc)

11

Read the cached data from the dataset in the worksheet Dim cdi As CachedDataItemcdi = docCachedDataManifestViews(ProductWorksheet) _ CachedData(ProductWorksheetProductCache)Dim sr As SystemIOStringReader = New _ SystemIOStringReader(cdiXml)ProductsDataReadXml(sr)

22

Write the modified dataset back to the dataset in the workbookcdiSerializeDataInstance(ProductsData)docSave()docClose()

33

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Server Side Code prepopulates elements before sending to clientServer Side Code prepopulates elements before sending to client

John is cool$34500

URL RequestCreateExpenseaspxCreateExpenseaspx

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Document is transferred with dataDocument is transferred with data

URL RequestCreateExpenseaspxCreateExpenseaspx

Mike is cooler$100000

Filling the Data IslandFilling the Data Island

All the data in a VSTO 2005 enabled All the data in a VSTO 2005 enabled Office document is stored in a Office document is stored in a standard data islandstandard data island

This enables the VSTO 2005 runtime This enables the VSTO 2005 runtime to access the data without having to to access the data without having to invoke Word or Excelinvoke Word or Excel

BenefitsBenefitsDoesnrsquot require you to run Word or Excel Doesnrsquot require you to run Word or Excel on the serveron the server

Some significant scaling issuesSome significant scaling issues

Not supported by MicrosoftNot supported by Microsoft

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Server Capabilities in VSTO Server Capabilities in VSTO 20052005

Fill the data island on the serverFill the data island on the server

Program against the data on the Program against the data on the serverserver

Run code outside the documentRun code outside the document

Expose data from Office docs to ASPXExpose data from Office docs to ASPX

Server FeatureServer FeatureRead and Write Cached DataRead and Write Cached Data

Load the document (does not start the Office application)Dim productsDoc As String = CDocumentsProducts0105xlsDim doc As ServerDocument = New ServerDocument(productsDoc)

11

Read the cached data from the dataset in the worksheet Dim cdi As CachedDataItemcdi = docCachedDataManifestViews(ProductWorksheet) _ CachedData(ProductWorksheetProductCache)Dim sr As SystemIOStringReader = New _ SystemIOStringReader(cdiXml)ProductsDataReadXml(sr)

22

Write the modified dataset back to the dataset in the workbookcdiSerializeDataInstance(ProductsData)docSave()docClose()

33

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Server Side Code prepopulates elements before sending to clientServer Side Code prepopulates elements before sending to client

John is cool$34500

URL RequestCreateExpenseaspxCreateExpenseaspx

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Document is transferred with dataDocument is transferred with data

URL RequestCreateExpenseaspxCreateExpenseaspx

Mike is cooler$100000

Filling the Data IslandFilling the Data Island

All the data in a VSTO 2005 enabled All the data in a VSTO 2005 enabled Office document is stored in a Office document is stored in a standard data islandstandard data island

This enables the VSTO 2005 runtime This enables the VSTO 2005 runtime to access the data without having to to access the data without having to invoke Word or Excelinvoke Word or Excel

BenefitsBenefitsDoesnrsquot require you to run Word or Excel Doesnrsquot require you to run Word or Excel on the serveron the server

Some significant scaling issuesSome significant scaling issues

Not supported by MicrosoftNot supported by Microsoft

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Server FeatureServer FeatureRead and Write Cached DataRead and Write Cached Data

Load the document (does not start the Office application)Dim productsDoc As String = CDocumentsProducts0105xlsDim doc As ServerDocument = New ServerDocument(productsDoc)

11

Read the cached data from the dataset in the worksheet Dim cdi As CachedDataItemcdi = docCachedDataManifestViews(ProductWorksheet) _ CachedData(ProductWorksheetProductCache)Dim sr As SystemIOStringReader = New _ SystemIOStringReader(cdiXml)ProductsDataReadXml(sr)

22

Write the modified dataset back to the dataset in the workbookcdiSerializeDataInstance(ProductsData)docSave()docClose()

33

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Server Side Code prepopulates elements before sending to clientServer Side Code prepopulates elements before sending to client

John is cool$34500

URL RequestCreateExpenseaspxCreateExpenseaspx

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Document is transferred with dataDocument is transferred with data

URL RequestCreateExpenseaspxCreateExpenseaspx

Mike is cooler$100000

Filling the Data IslandFilling the Data Island

All the data in a VSTO 2005 enabled All the data in a VSTO 2005 enabled Office document is stored in a Office document is stored in a standard data islandstandard data island

This enables the VSTO 2005 runtime This enables the VSTO 2005 runtime to access the data without having to to access the data without having to invoke Word or Excelinvoke Word or Excel

BenefitsBenefitsDoesnrsquot require you to run Word or Excel Doesnrsquot require you to run Word or Excel on the serveron the server

Some significant scaling issuesSome significant scaling issues

Not supported by MicrosoftNot supported by Microsoft

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Server Side Code prepopulates elements before sending to clientServer Side Code prepopulates elements before sending to client

John is cool$34500

URL RequestCreateExpenseaspxCreateExpenseaspx

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Document is transferred with dataDocument is transferred with data

URL RequestCreateExpenseaspxCreateExpenseaspx

Mike is cooler$100000

Filling the Data IslandFilling the Data Island

All the data in a VSTO 2005 enabled All the data in a VSTO 2005 enabled Office document is stored in a Office document is stored in a standard data islandstandard data island

This enables the VSTO 2005 runtime This enables the VSTO 2005 runtime to access the data without having to to access the data without having to invoke Word or Excelinvoke Word or Excel

BenefitsBenefitsDoesnrsquot require you to run Word or Excel Doesnrsquot require you to run Word or Excel on the serveron the server

Some significant scaling issuesSome significant scaling issues

Not supported by MicrosoftNot supported by Microsoft

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Data in Office SolutionsData in Office SolutionsHow Does Server-Side WorkHow Does Server-Side Work

DataIsland

ServerServerCodeCode

Server Client

DatabasesDatabases CorporateCorporateSystemsSystems

Document is transferred with dataDocument is transferred with data

URL RequestCreateExpenseaspxCreateExpenseaspx

Mike is cooler$100000

Filling the Data IslandFilling the Data Island

All the data in a VSTO 2005 enabled All the data in a VSTO 2005 enabled Office document is stored in a Office document is stored in a standard data islandstandard data island

This enables the VSTO 2005 runtime This enables the VSTO 2005 runtime to access the data without having to to access the data without having to invoke Word or Excelinvoke Word or Excel

BenefitsBenefitsDoesnrsquot require you to run Word or Excel Doesnrsquot require you to run Word or Excel on the serveron the server

Some significant scaling issuesSome significant scaling issues

Not supported by MicrosoftNot supported by Microsoft

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Filling the Data IslandFilling the Data Island

All the data in a VSTO 2005 enabled All the data in a VSTO 2005 enabled Office document is stored in a Office document is stored in a standard data islandstandard data island

This enables the VSTO 2005 runtime This enables the VSTO 2005 runtime to access the data without having to to access the data without having to invoke Word or Excelinvoke Word or Excel

BenefitsBenefitsDoesnrsquot require you to run Word or Excel Doesnrsquot require you to run Word or Excel on the serveron the server

Some significant scaling issuesSome significant scaling issues

Not supported by MicrosoftNot supported by Microsoft

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Filling A Data Island on the Filling A Data Island on the ServerServer

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

What is Not Supported What is Not Supported on the Serveron the Server

Program against the viewProgram against the viewSince Word amp Excel arenrsquot running on the Since Word amp Excel arenrsquot running on the server therersquos no way to get to the object server therersquos no way to get to the object model for each applicationmodel for each application

You can work around this quite easily since you You can work around this quite easily since you can fill the data on the server and do all the can fill the data on the server and do all the databindingview manipulation on the clientdatabindingview manipulation on the client

Integrate with other Office appsIntegrate with other Office appsSince theyrsquore not running on the serverSince theyrsquore not running on the server

However XMLWeb Services provide an ideal However XMLWeb Services provide an ideal way to do thisway to do this

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Server SummaryServer Summary

Program against the data on the Program against the data on the serverserver

Access any VSTO 2005 document Access any VSTO 2005 document from within an ASPX pagefrom within an ASPX page

Built to scale from day oneBuilt to scale from day one

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

NET SecurityNET Security

VSTO Security managed by NET VSTO Security managed by NET security policysecurity policy

Evidence (location signature etc)Evidence (location signature etc)

Permissions (execution UI full etc)Permissions (execution UI full etc)

Since code in VSTO documents call Since code in VSTO documents call into the Office OM (unmanaged into the Office OM (unmanaged code) we require Full Trust code) we require Full Trust permissionpermission

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

VSTO 2005 SecurityVSTO 2005 Security

Wonrsquot run any code by defaultWonrsquot run any code by default

Must trust both the document and the Must trust both the document and the assembly (Full Trust)assembly (Full Trust)

Evidence for assemblies is viaEvidence for assemblies is viaSigning Authenticode or Strong NamingSigning Authenticode or Strong Naming

Location URL Location URL

Local Machine Zone is not enoughLocal Machine Zone is not enough

Evidence for documents is via LocationEvidence for documents is via LocationE-mail attachments must be copied to desktop E-mail attachments must be copied to desktop (Outlook temp directory is Internet Zone)(Outlook temp directory is Internet Zone)

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Code Security ScenariosCode Security Scenarios

Alice creates a VSTO 2005 project for a Budget Alice creates a VSTO 2005 project for a Budget SpreadsheetSpreadsheet

Alice hands over final code to Bob in ITAlice hands over final code to Bob in IT

Bob deploys code amp document to Bob deploys code amp document to httpbudgethttpbudget

Bob deploys security policy to end users machine Bob deploys security policy to end users machine to trust to trust httpbudgethttpbudget

Fred creates a new budget from Fred creates a new budget from httpbudgethttpbudget

Code runsCode runs

Fred sends it to Sue via emailFred sends it to Sue via email

Sue save the budget sheet to her desktopSue save the budget sheet to her desktop

Opens it from the desktopOpens it from the desktop

Code runsCode runs

Code Security ndash Code Security ndash VeryEvilcomVeryEvilcom

Evil Alice creates fakebudgetxls and Evil Alice creates fakebudgetxls and creates a VSTO 2005 projectcreates a VSTO 2005 project

Evil Alice deploys code to Evil Alice deploys code to httpveryevilcombudgethttpveryevilcombudget

Evil Alice sends fakebudgetxls to Bob Evil Alice sends fakebudgetxls to Bob in emailin email

Bob opens the spreadsheetBob opens the spreadsheet

No code runs because No code runs because httpveryevilcomhttpveryevilcom isnrsquot trusted isnrsquot trusted

Bad Trust DecisionBad Trust DecisionISV Alice writes some VSTO 2005 code behind ISVBudgetxlsISV Alice writes some VSTO 2005 code behind ISVBudgetxls

Deploys code and budget to Deploys code and budget to httpwwwbudgetsruscomhttpwwwbudgetsruscom

Fred creates a budget from website amp saves it to his Fred creates a budget from website amp saves it to his machinemachine

IT Bob discovers bug in the code behind ISVBudgetxls that IT Bob discovers bug in the code behind ISVBudgetxls that compromises the corp security practicescompromises the corp security practices

Bob tells ISV Alice but the fix wonrsquot be ready for weeksBob tells ISV Alice but the fix wonrsquot be ready for weeks

Bob blocks access to Bob blocks access to httphttpwwwbudgetsruscomwwwbudgetsruscom for the for the corporationcorporation

Budgets donrsquot work but the corp security is safeBudgets donrsquot work but the corp security is safe

Alice fixes bugAlice fixes bug

Bob reinstates access to Bob reinstates access to httpwwwbudgetsruscomhttpwwwbudgetsruscom

The sun shinesThe sun shines

Security ConfigurationSecurity Configuration

Deployment amp Deployment amp UpdateUpdate

Self updating DocumentSelf updating DocumentApp Manifest is updated to point to App Manifest is updated to point to the latest assemblythe latest assembly

Manifest based deploymentManifest based deploymentApplication level and deployment Application level and deployment level manifestslevel manifests

How Does This How Does This WorkWork

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo10rdquogt

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo101rdquogtltassemblyName=ldquofoodllrdquoupdateURL=http101foodll

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo10rdquogt

Deployxml manifestxml

manifestxml

ltmanifestgtcurVersion-rdquo101rdquo

Fooxls

manifestxml

Foodll v10

Foodll v101

Deployment amp Deployment amp UpdateUpdate

Self updating DocumentSelf updating DocumentApp Manifest is updated to point to App Manifest is updated to point to the latest assemblythe latest assembly

Manifest based deploymentManifest based deploymentApplication level and deployment Application level and deployment level manifestslevel manifests

How Does This How Does This WorkWork

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo10rdquogt

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo101rdquogtltassemblyName=ldquofoodllrdquoupdateURL=http101foodll

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo10rdquogt

Deployxml manifestxml

manifestxml

ltmanifestgtcurVersion-rdquo101rdquo

Fooxls

manifestxml

Foodll v10

Foodll v101

How Does This How Does This WorkWork

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo10rdquogt

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo101rdquogtltassemblyName=ldquofoodllrdquoupdateURL=http101foodll

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo10rdquogt

Deployxml manifestxml

manifestxml

ltmanifestgtcurVersion-rdquo101rdquo

Fooxls

manifestxml

Foodll v10

Foodll v101

Move to Production ServerMove to Production Server

ltmanifestgtltdeployurl=httphellipdeployxmlversion=ldquo10rdquogt

ltmanifestgtltdeploy url=httpsvr2deployxmlversion=ldquo101rdquogtltassemblyName=ldquofoodllrdquoupdateURL=http101foodll

ltmanifestgtltdeploy url= httpsrv1deployxmlversion=ldquo10rdquogt

Deployxml manifestxml

manifestxml

ltmanifestgtcurVersion-rdquo101rdquoltapp url=ldquohttpsrv2 manifestxmlrdquo

Fooxls

manifestxml

Foodll v10

Foodll v101

Deployxml

ltmanifestgtcurVersion-rdquo101rdquoltapp url=ldquohttpsrv2 manifestxmlrdquo

Test Srv

Production Srv

Server Object Model to Server Object Model to modify modify App ManifestApp Manifest

CustomizedDocument doc = new CustomizedDocument doc = new CustomizedDocument (ldquofiledocrdquo)CustomizedDocument (ldquofiledocrdquo)

docAppManifestDeployManifestPathdocAppManifestDeployManifestPath = ldquohellipltnew pathgtrdquo= ldquohellipltnew pathgtrdquo

Can change any parts of the app Can change any parts of the app manifestmanifest

Why ManifestsWhy ManifestsNET and Visual Studio moving to NET and Visual Studio moving to manifestsmanifestsBuilt using the same schema as Click Built using the same schema as Click OnceOnce

New technology coming in the next version New technology coming in the next version of NETVSof NETVSBuilt into VistaBuilt into Vista

Manifests provide rich information Manifests provide rich information about your applicationabout your application

Not just which dll is usedNot just which dll is usedIncludes dependent assembliesIncludes dependent assembliesLocation of assemblies (moving to Product Location of assemblies (moving to Product server)server)

Deployment BasicsDeployment Basics

Requirements for the target Requirements for the target machinesmachines

Office 2003 Professional or Excel 2003 Office 2003 Professional or Excel 2003 Standalone or Word 2003 StandaloneStandalone or Word 2003 Standalone

NET Framework 20NET Framework 20

VSTO 2005 RuntimeVSTO 2005 Runtime

Office PIAs referenced in your assemblyOffice PIAs referenced in your assemblyCan be set to install on demandCan be set to install on demand

Appropriate security policiesAppropriate security policies

LocalLocal Deployment LocalLocal Deployment ModelModel

ProsProsNetwork access is not Network access is not requiredrequired

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document or Updates to document or assembly require assembly require redistribution to each redistribution to each useruser

LocalLocal

LocalNetwork Deployment LocalNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document Updates to document require redistribution to require redistribution to each usereach user

Local Network

NetworkNetwork Deployment NetworkNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Eases updates to Eases updates to documentdocument

ConsConsUsers cannot modify or Users cannot modify or customize master customize master documentsdocuments

Network Network

ConclusionConclusion

ServerServerProgram against the data on the serverProgram against the data on the server

Access any VSTO 2005 document from Access any VSTO 2005 document from within an ASPX pagewithin an ASPX page

SecuritySecurityMust trust document and assemblyMust trust document and assembly

Doesnrsquot run by defaultDoesnrsquot run by default

Deployment optionsDeployment optionsDocumentassembly optionsDocumentassembly options

copy 2005 Microsoft Corporation All rights reservedThis presentation is for informational purposes only Microsoft makes no warranties express or implied in this summary

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29

Why ManifestsWhy ManifestsNET and Visual Studio moving to NET and Visual Studio moving to manifestsmanifestsBuilt using the same schema as Click Built using the same schema as Click OnceOnce

New technology coming in the next version New technology coming in the next version of NETVSof NETVSBuilt into VistaBuilt into Vista

Manifests provide rich information Manifests provide rich information about your applicationabout your application

Not just which dll is usedNot just which dll is usedIncludes dependent assembliesIncludes dependent assembliesLocation of assemblies (moving to Product Location of assemblies (moving to Product server)server)

Deployment BasicsDeployment Basics

Requirements for the target Requirements for the target machinesmachines

Office 2003 Professional or Excel 2003 Office 2003 Professional or Excel 2003 Standalone or Word 2003 StandaloneStandalone or Word 2003 Standalone

NET Framework 20NET Framework 20

VSTO 2005 RuntimeVSTO 2005 Runtime

Office PIAs referenced in your assemblyOffice PIAs referenced in your assemblyCan be set to install on demandCan be set to install on demand

Appropriate security policiesAppropriate security policies

LocalLocal Deployment LocalLocal Deployment ModelModel

ProsProsNetwork access is not Network access is not requiredrequired

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document or Updates to document or assembly require assembly require redistribution to each redistribution to each useruser

LocalLocal

LocalNetwork Deployment LocalNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document Updates to document require redistribution to require redistribution to each usereach user

Local Network

NetworkNetwork Deployment NetworkNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Eases updates to Eases updates to documentdocument

ConsConsUsers cannot modify or Users cannot modify or customize master customize master documentsdocuments

Network Network

ConclusionConclusion

ServerServerProgram against the data on the serverProgram against the data on the server

Access any VSTO 2005 document from Access any VSTO 2005 document from within an ASPX pagewithin an ASPX page

SecuritySecurityMust trust document and assemblyMust trust document and assembly

Doesnrsquot run by defaultDoesnrsquot run by default

Deployment optionsDeployment optionsDocumentassembly optionsDocumentassembly options

copy 2005 Microsoft Corporation All rights reservedThis presentation is for informational purposes only Microsoft makes no warranties express or implied in this summary

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29

Deployment BasicsDeployment Basics

Requirements for the target Requirements for the target machinesmachines

Office 2003 Professional or Excel 2003 Office 2003 Professional or Excel 2003 Standalone or Word 2003 StandaloneStandalone or Word 2003 Standalone

NET Framework 20NET Framework 20

VSTO 2005 RuntimeVSTO 2005 Runtime

Office PIAs referenced in your assemblyOffice PIAs referenced in your assemblyCan be set to install on demandCan be set to install on demand

Appropriate security policiesAppropriate security policies

LocalLocal Deployment LocalLocal Deployment ModelModel

ProsProsNetwork access is not Network access is not requiredrequired

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document or Updates to document or assembly require assembly require redistribution to each redistribution to each useruser

LocalLocal

LocalNetwork Deployment LocalNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document Updates to document require redistribution to require redistribution to each usereach user

Local Network

NetworkNetwork Deployment NetworkNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Eases updates to Eases updates to documentdocument

ConsConsUsers cannot modify or Users cannot modify or customize master customize master documentsdocuments

Network Network

ConclusionConclusion

ServerServerProgram against the data on the serverProgram against the data on the server

Access any VSTO 2005 document from Access any VSTO 2005 document from within an ASPX pagewithin an ASPX page

SecuritySecurityMust trust document and assemblyMust trust document and assembly

Doesnrsquot run by defaultDoesnrsquot run by default

Deployment optionsDeployment optionsDocumentassembly optionsDocumentassembly options

copy 2005 Microsoft Corporation All rights reservedThis presentation is for informational purposes only Microsoft makes no warranties express or implied in this summary

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29

LocalLocal Deployment LocalLocal Deployment ModelModel

ProsProsNetwork access is not Network access is not requiredrequired

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document or Updates to document or assembly require assembly require redistribution to each redistribution to each useruser

LocalLocal

LocalNetwork Deployment LocalNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document Updates to document require redistribution to require redistribution to each usereach user

Local Network

NetworkNetwork Deployment NetworkNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Eases updates to Eases updates to documentdocument

ConsConsUsers cannot modify or Users cannot modify or customize master customize master documentsdocuments

Network Network

ConclusionConclusion

ServerServerProgram against the data on the serverProgram against the data on the server

Access any VSTO 2005 document from Access any VSTO 2005 document from within an ASPX pagewithin an ASPX page

SecuritySecurityMust trust document and assemblyMust trust document and assembly

Doesnrsquot run by defaultDoesnrsquot run by default

Deployment optionsDeployment optionsDocumentassembly optionsDocumentassembly options

copy 2005 Microsoft Corporation All rights reservedThis presentation is for informational purposes only Microsoft makes no warranties express or implied in this summary

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29

LocalNetwork Deployment LocalNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Users can modify and Users can modify and customize their customize their documents documents

ConsConsUpdates to document Updates to document require redistribution to require redistribution to each usereach user

Local Network

NetworkNetwork Deployment NetworkNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Eases updates to Eases updates to documentdocument

ConsConsUsers cannot modify or Users cannot modify or customize master customize master documentsdocuments

Network Network

ConclusionConclusion

ServerServerProgram against the data on the serverProgram against the data on the server

Access any VSTO 2005 document from Access any VSTO 2005 document from within an ASPX pagewithin an ASPX page

SecuritySecurityMust trust document and assemblyMust trust document and assembly

Doesnrsquot run by defaultDoesnrsquot run by default

Deployment optionsDeployment optionsDocumentassembly optionsDocumentassembly options

copy 2005 Microsoft Corporation All rights reservedThis presentation is for informational purposes only Microsoft makes no warranties express or implied in this summary

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29

NetworkNetwork Deployment NetworkNetwork Deployment ModelModel

ProsProsEases updates to Eases updates to assemblyassembly

Eases updates to Eases updates to documentdocument

ConsConsUsers cannot modify or Users cannot modify or customize master customize master documentsdocuments

Network Network

ConclusionConclusion

ServerServerProgram against the data on the serverProgram against the data on the server

Access any VSTO 2005 document from Access any VSTO 2005 document from within an ASPX pagewithin an ASPX page

SecuritySecurityMust trust document and assemblyMust trust document and assembly

Doesnrsquot run by defaultDoesnrsquot run by default

Deployment optionsDeployment optionsDocumentassembly optionsDocumentassembly options

copy 2005 Microsoft Corporation All rights reservedThis presentation is for informational purposes only Microsoft makes no warranties express or implied in this summary

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29

ConclusionConclusion

ServerServerProgram against the data on the serverProgram against the data on the server

Access any VSTO 2005 document from Access any VSTO 2005 document from within an ASPX pagewithin an ASPX page

SecuritySecurityMust trust document and assemblyMust trust document and assembly

Doesnrsquot run by defaultDoesnrsquot run by default

Deployment optionsDeployment optionsDocumentassembly optionsDocumentassembly options

copy 2005 Microsoft Corporation All rights reservedThis presentation is for informational purposes only Microsoft makes no warranties express or implied in this summary

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29

copy 2005 Microsoft Corporation All rights reservedThis presentation is for informational purposes only Microsoft makes no warranties express or implied in this summary

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29

BIND LIST

If Not MeEmpData Is Nothing Then MeList1DataSource = MeEmpDataTables(0) Else

MeList1DataSource = nothing End If

FILL DATA ISLAND

Protected Sub GridView1_RowUpdating(ByVal sender As Object ByVal e As SystemWebUIWebControlsGridViewUpdateEventArgs) Handles GridView1RowUpdating

Dim da As New SqlClientSqlDataAdapter(MeSqlDataSource1SelectCommand MeSqlDataSource1ConnectionString)

Dim empData As DataSet = New DataSet() daFill(empData) Dim doc As ServerDocument = New ServerDocument(ServerMapPath(EmployeeServerDataxls)) Dim hostItem As CachedDataHostItem Dim dataItem As CachedDataItem hostItem = docCachedDataHostItems(EmployeeServerDataSheet1) dataItem = hostItemCachedData(EmpData) dataItemSerializeDataInstance(empData) docSave() docClose()End Sub

• Advanced Visual Studio 2005 Tools for Office Programming and Deployment
• Agenda
• Server Goals
• Server Capabilities in VSTO 2005
• Server Feature Read and Write Cached Data
• Data in Office Solutions How Does Server-Side Work
• Slide 7
• Filling the Data Island
• Slide 9
• What is Not Supported on the Server
• Server Summary
• NET Security
• VSTO 2005 Security
• Code Security Scenarios
• Code Security ndash VeryEvilcom
• Bad Trust Decision
• Slide 17
• Deployment amp Update
• How Does This Work
• Move to Production Server
• Server Object Model to modify App Manifest
• Why Manifests
• Deployment Basics
• LocalLocal Deployment Model
• LocalNetwork Deployment Model
• NetworkNetwork Deployment Model
• Conclusion
• Slide 28
• Slide 29