Avoiding ActiveX controls

[muzalu]

Hi

Apologies in advance if this is a faq or just a silly question.

I am using XMetal Developer and Author 5.1 with VS 2008.

My client has an XMetal project for which I have taken over development. They have recently had the security on their machines tightened somewhat. They had been using an activeX control menu loaded into the Resource Manager, that was fine. However, they are now not allowed to use ActiveX controls for security reasons. I have recompiled the menu (originally in vb6) using VS 2008 to make a .dll COM control. When this is registered the XMetal project fails to load the menu using ResourceManager.AddTab. Should it be possible to use a VS2008 generated .dll COM control (not ActiveX) if so, what do I need to do.

Regards

Russell

Reply

[Derek Read]

You can only add true ActiveX controls to the Resource Manager and it is unlikely we will be supporting .NET controls in there soon (though never say never).

There are two things I can think of, one possibly useful in your case, the other probably not so much:

1) If you are able to get whatever you have built to load itself into Internet Explorer then you could embed IE into the Resource Manager. This assumes the restriction on using ActiveX controls does not include IE, which in this case is itself an ActiveX control. For an example of loading an HTML page into the ResourceManager see the Meeting Minutes sample and the meeting.mcr file located in the Macros subfolder of your XMetaL Author installation (search for “ResourceManager”).

2) Create an ActiveX control wrapper that itself embeds your DLL then embed the ActiveX control in the Resource Manager. Of course, this goes against the policies of the company in question and does not actually help you I guess. This solution is more for people restricted to developing purely in .NET and that cannot (for whatever reason) create a proper ActiveX control. I do at one point remember seeing a tutorial or instructions on how to create such a wrapper (lots of apps allowing embedding of ActiveX but not too many can handle .NET stuff, including most versions of Word, etc) but unfortunately I cannot seem to locate them at the moment. I can't remember if they were at MSDN, SourceForge, CodeProject (my most frequented sources) or elsewhere.

Reply

[muzalu]

Thanks Derek

I don't think either of these will float, in any case we still have the ActiveX control. I'll forward this to my client so they can plead with the powers that be…

Thanks

Russell Wyatt

Reply

[Derek Read]

You may wish to explain that it is not really possible to have a working version of Windows that does not have IE installed on it. So much of the operating system relies on it that there really isn't any good way to remove IE from Windows. This means the IE solution should not expose the client to any additional risk as no additional ActiveX control is being installed, you are just using the copy of IE that is already present on all machines.

Reply

[muzalu]

It's looking like the ActiveX may be working anyway, so possibly not as nobbled as previously thought.

Thanks for your help anyway.

Russell Wyatt

Reply

[Author]

Posts