Get started for free
Visual Studio Developer Center >
How to control access to a published Excel AddIn?

Answered How to control access to a published Excel AddIn?

  • Monday, May 21, 2012 6:10 PM
     
     
    Sign In to Vote
    0

    Can I control access to a published AddIn so that only authorised persons can install it or get updates? Is there a preferred way of doing it?

    TIA

    kr

     

All Replies

  • Tuesday, May 22, 2012 3:01 AM
    Moderator
     
     
    Sign In to Vote
    0

    Hi kr,

    It's besed on my experience that you need set the logic to check whether the use have permission to use your application in the add-in process.

    I hope what I said can help you.

    Have a good day,

    Tom

    Tom Xu [MSFT]
    MSDN Community Support | Feedback to us

     
  • Wednesday, May 23, 2012 1:26 PM
     
     
    Sign In to Vote
    0

    Thanks Tom.

    Can yuo give me a little more detail? Where should I add such logic? Can I add code to installer? How?

    If I check the user in the Add-In code itself then I can control visibility of my Add-In depending on who the user is. However, this is not what I want to do. I want to control  the installation of the Add-In so that only authorized users get this Add-In.

    kr

     
  • Friday, May 25, 2012 7:00 AM
    Moderator
     
     Answered Has Code
    Sign In to Vote
    0

    Hi kr,

    This is a simple sample it will be more complex in practical busniess.

    In the sample I set a Hashcode as a key of this add-in. When the add-in loaded, add-in will ask customer give correct text. It will disable the add-in and close Excel if customer can't provide correctly key. I just use it to explain what I said, it doesn't fit to use in busniess due to it has a great deal of "loopholes". And who to provide a useful way of your wish is out of the support range in the forum (it is a "Trade secrets" for you, and I think you will not let other persons know it. Is it right?)

    Following is the snippet:

    using System.Configuration;
using System.Windows.Forms;
using System.Collections;
using System.Security.Cryptography;
using Microsoft.Win32;

namespace ExcelAddIn7
{
    public partial class ThisAddIn
    {

        private void ThisAddIn_Startup(object sender, System.EventArgs e)
        {
            Configuration cnf = ConfigurationManager.OpenExeConfiguration(
                AppDomain.CurrentDomain.SetupInformation.ConfigurationFile
                .Replace(".config", ""));
            Hashtable ht = (Hashtable)ConfigurationManager.GetSection("MySecurityStrng");
            Form1 frm = new Form1();
            frm.ShowDialog();
            string value = frm.Value;
            using (MD5 hash = MD5.Create())
            {
                byte[] buffer = hash.ComputeHash(Encoding.UTF8.GetBytes(value));
                StringBuilder sb = new StringBuilder();
                for (int i = 0; i < buffer.Length; i++)
                {
                    sb.Append(buffer[i].ToString("X2"));
                }
                if (!ht["key"].ToString().Equals(sb.ToString()))
                {
                    RegistryKey rk = Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\Office\\Excel\\Addins\\ExcelAddIn7",true);
                    if (rk != null)
                    {
                        rk.SetValue("LoadBehavior", 2);
                        rk.Close();
                    }
                    MessageBox.Show("You can't use this Add-in");
                    Application.Quit();
                }
            }
           
        }

        private void ThisAddIn_Shutdown(object sender, System.EventArgs e)
        {
        }

        #region VSTO generated code

        /// <summary>
        /// Required method for Designer support - do not modify
        /// the contents of this method with the code editor.
        /// </summary>
        private void InternalStartup()
        {
            this.Startup += new System.EventHandler(ThisAddIn_Startup);
            this.Shutdown += new System.EventHandler(ThisAddIn_Shutdown);
        }
        
        #endregion
    }
}

    app.config

    <?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <configSections>
    <section name="MySecurityStrng" type="System.Configuration.SingleTagSectionHandler"/>
  </configSections>
  <MySecurityStrng key="702EDCA0B2181C15D457EACAC39DE39B" />
  <!-- Key: This is a test! -->
</configuration>

    I hope it can help you.

    Have a good day,

    Tom

    Tom Xu [MSFT]
    MSDN Community Support | Feedback to us


     
  • Monday, May 28, 2012 12:33 PM
     
     Answered
    Sign In to Vote
    0

    A better way would be to write a web service (over SSL) which validates a user / password / domain combination against your organisation's active directory, and then query a database (or use security groups in AD) to control who accesses the application.

    I am using this in a live scenario, and it works extremely well.

    Good luck!