Best option for IE hosted user control vs. stand-alone
-
I tried posting this to the ASP.NET forum and got no response, so I'll try here. I will be developing some .NET C# GUIs that will use one or more web services to get and display information. The web services the GUIs use may need to do some things that require the security environment of a process running from the local hard disk, such as accessing the registry, creating a socket connection to a process on the local or a remote host, etc. All of this is not an issue if I develop the GUIs as C# applications. However, it occurred to me that there might be some advantage in creating them as user control libraries, where the controls are hosted in IE web pages (with the web page .html files and the DLLs containing the C# user control libraries installed locally on each client, not downloaded over the internet). My concern is that an article I have read (15 Seconds : Hosting .NET Windows Forms Controls in IE) indicates that if the hosted user controls access the web services and the web services try to do something like access the registry, create an event log, make a socket connection, etc., then they may fail due to security restrictions. Given that all the user control libraries are local to the machines running them hosted in IE, is there a simple way to set up security so that these controls (and the services they use) have permissions to do essentially the same things that a GUI program could do? I don't want to make the system vulnerable or upset system administrators, so if it isn't a simple and relatively safe thing to do, I'll just go with the native applications.