Advanced Installer Usage

This page explains the ways in which the installer can be used to install permissions or generate CASPOL scripts that can then be deployed to multiple end users' PCs. Whichever method is used to install permissions, the ultimate result is that an XML file called SECURITY.CONFIG is updated at the following location.
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG

Installing Local Intranet permissions

This simply requires the Local Intranet checkbox to be selected as follows and the site name isn't actually used.

Local Intranet install

Once permissions are installed the Security Viewer can be used to verify that the permissions have been installed as expected. A single .Net code group is installed which ensures that Dealogic permissions are available to Dealogic code. The permissions are related to Dealogic code via a Strong Name public key.

Local Intranet permissions

Installing Trusted Site / Internet permissions

This requires a site name to be specified and if required multiple site names can be separated by semi colons. The below screenshot shows two site names, the first for production and the second for user acceptance testing.

Trusted Sites install

Once permissions are installed the Security Viewer can be used to verify that the permissions have been installed as expected. Two .Net code groups are installed for each site as follows.

Trusted Sites permissions

The first code group ensures that Dealogic permissions are available to Dealogic code. The other code group ensures that Local Intranet permissions are available to Dealogic code, since by default the permissions under the Trusted Sites / Internet zones are very limited and do not allow the Pot book grid to function correctly. The permissions are related to Dealogic code via the Site Name.

DealAxis Permissions

The DealAxis permission set contains the following permissions.

The Security permission enables Unmanaged Code and is required for the Pot book grid to interact with Internet Explorer and fire Javascript events such as invoking lookup windows.
The Printing permission is required for users to be able to select any printer when printing from the Pot book grid.
The Web permission is needed for users of hosted systems, who are routed via a proxy server when using the Pot book grid. This permission allows proxy server credentials to be attached to web service requests so that the request is not blocked with proxy authentication errors.

CASPOL scripts

Some banks do not run the installer directly on end users' PCs and instead script the permissions,then deploy the script to multiple machines. For these users the installer can be used in a similar manner, by filling in the GUI and clicking Generate CASPOL Script.

The user will be prompted to save the generated files to an output folder and two files will be created as follows. Running the batch file as an administrator user will install the permissions for the details selected in the GUI. Running the batch file followed by the /U option will uninstall the permissions.

CASPOL generated files

The below screenshot shows the commands contained in the generated batch file with the Trusted Sites settings in the above example. The result of running the generated CASPOL script will be identical to installing the permission details via the GUI and will simply result in the SECURITY.CONFIG file being updated.

CASPOL text

Return to home page

Advanced topics