We live in the world where if you don’t know the lingo, you’re not an equal member of the worldwide software developers’ guild.

 

So, what is XBAP?

 

First, make sure you know that is WPF…  As a quick refresher, WPF stands for Windows Presentation Foundation which was released by Microsoft as part of the .NET Framework 3.0 (a.k.a. WinFX).  WPF is “Microsoft’s strategic presentation technology for Windows smart client user experiences. Use WPF to deliver innovative user interfaces through support for UI, media, document services, hardware acceleration, vector graphics, resolution-independent DPI for different form factors, data visualization, and superior content readability. “  If this is your first exposure to WPF, make sure to peruse http://netfx3.com.

 

WPF applications can be deployed and hosted either as a stand-alone application or as a XAML browser application (side note: XAML, eXtensible Application Markup Language, is an XML-based language for instantiating and populating nested object hierarchies.  XAML is used outside of WPF, but it’s well suited for dealing with UI definition and construction).

 

Below are some facts you need to know about each deployment option:

 

Standalone WPF Applications

-      Are installed on client’s computer, i.e. appear in Start Menu and Add/Remove Programs.  You can use standard deployment technologies like ClickOnce or MSI.

-      The application has its own window, i.e. you’ll see it in the task bar and in the Task Manager as a “standard” Windows application.

-      If a newer version is available, the client may choose to upgrade or not to upgrade at this time and continue using an older version (some restrictions apply).

-      The application can be programmed to support offline mode.

-      Run with full trust (code access security); i.e. can create child windows, access file system, use WCF, have registry access, etc.  On Vista, users may be prompted whether they trust this application at setup, and possibly, at run time.

 

XAML Browser Applications (XBAPs)

-      The application is not installed on the client’s computer; i.e. will not appear in the in Start Menu or Add/Remove Programs.  You would use the ClickOnce as the deployment technology.

-      At run time, the application will appear in a browser, not its own window.

-      The application can only be used in the “online” mode, and the user must have access to the deployment location at application start time.

-      The client will always be using the latest version.

-      From CAS (code access security) perspective, an XBAP deployed application runs in a security sandbox

§  The security restrictions are defined in the CAS policies and depend on the deployment zone (most likely Internet or Intranet).  Use .NET Framework Configuration MMC console (mscorcfg.msc) to view and configure the runtime security policy.  If the application attempts to use a feature disallowed by the security policy, a SecurityException is thrown.