As Windows Vista has its launch in the UK and enters the mainstream, there will doubtless be a proliferation of sidebar gadgets. By the choice of technology (DHTML plus a set of System APIs to interact with Windows), and built-in unrestricted support for XmlHttpRequest, gadgets have been squarely targetted at the "enthusiast" developer. We have already seen considerable interest in their commercial application.
One consideration for the deployment of gadgets in the enterprise is how to code-sign these gadgets. This will become increasingly important as administrators discover there are a bunch of group policy settings to restrict their use in a domain context. These settings include:
- Turn off Windows Sidebar
This policy allows administrators to completely disable the Windows Sidebar. The user will not be able to start the Windows Sidebar if this policy is enabled.
- Disable unpacking and installation of gadgets that are not digitally signed.
This policy allows an administrator to require that all gadgets installed by a user are digitally signed. This policy only affects gadgets that are downloaded and then run, such as double-clicking on a gadget package. All previously or manually installed gadgets will still function.
- Turn Off User Installed Windows Sidebar Gadgets
This policy provides administrators with the ability to block all gadgets not placed into the Shared Gadgets or Gadgets folders (in the Sidebar’s Program Files folder), both of which can only be modified by a user in the administrator group. Gadgets in the user’s directory will not display in the Gadget Gallery dialog or otherwise be allowed to run.
- Override the More Gadgets Link
The Gadget Gallery dialog provides a link where users can discover more gadgets. By default this link points to an online Microsoft website, however administrators can specify that this link open another website. Administrators can then more easily distribute gadgets that are approved for use within their organization.
(lifted from an excellent blog post on the topic from the Sidebar team http://blogs.msdn.com/sidebar/archive/2006/08/31/733880.aspx)
Gadgets must be created using CAB compression if you want to code-sign them. Zip files renamed to .gadget cannot be code-signed - therefore gadgets created in this way for distribution will always show up as "untrusted publisher" if a user clicks on them.
To make a redistributable gadget that is code-signed, you must compress the file as a Windows CAB file using the “cabarc” utility (if you've opened a VS2005 Command Prompt it should be in the path or you'll probably find it in %ProgramFiles%\Microsoft Visual Studio 8\Common7\Tools\Bin). Example command line: (from within gadget folder):
cabarc -r -p n Filename.gadget "*.*"
Signtool.exe (found in the same folder) can then be used to code sign the .gadget file. I tend to have a .pfx (packaged certificate and private key) so that the build process is portable across machines. Example command line (assuming you are signing with a public certificate):
signtool.exe "sign" /f "MyPfxFile.pfx" /p "MyPrivateKeyPassword" /d "My Excellent Gadget" /du "http://www.myurl.com" /t "http://www.mycertprovider/timestampurl" "Filename.gadget"
One perhaps useful bit of information about this - unlike webserver SSL certificates where the certificate expires and you get warnings in a web browser, if you code-sign with a public certificate and timestamp as in the example above (most public certificate providers provide this URL) - you'll find that Windows will trust the file forever, even when the certificate has expired.