I have created an full trust XBAP application that exists in a hidden frame when the page is loaded using .NET 4.0 and the BrowserInteropHelper which provides me communication between the host web page and access to the client file system. All of this is working perfectly.
I have found the following installation process where I provide a Support URL found @ Project Properties Page > Publish > Options beneath description. Then the support link the user is presented with when they get the 'Trust Not Granted' error can provide a set of steps walking the end user through the installation process ultimately getting the user to grant the XBAP full trust.
http://social.msdn.microsoft.com/Forums/en-US/wpf/thread/b6f33aa4-4399-430f-ba0f-81fa8ff6efec/
This would work fine for me, but the control I wish to provide the end user with is UI-less when the page loads. So the model mentioned above doesn't work because the user can't see the 'Trust Not Granted' error and click the link on the control to walk through the process of granting trust.
I then thought of creating a second control without UI that was marked PartialTrust that was signed with the same cert as the full trust control and performing an IO operation out of the isolated storage sandbox to see if that control would be granted access to perform the operation because it had the same certificate it was signed with already installed in the trusted publishers store, no luck.
I then came across an article about how full trust XBAPs executed in the trusted zone go through a one time clickonce verification process prior to launching where the user can grant see the publisher of the software and grant the XBAP full trust. I thought this may be an alternative so I investigated further but found programmatically checking for a trusted site seems a little cludgy as the only solution I really found has you to create an activex object that the site would otherwise not have permission to create to if it weren't a trusted site.
What I'm really looking for is some kind of a reliable model that may be a 90% solution for determining if an XBAP has already been granted full trust or if the current domain has been marked as a trusted site so the end user can go through the clickonce process.
Thanks for your help in advance!
EDIT: So I thought of the solution as a part of writing my question and have yet to try it but I think it'll suffice unless any of you have a better suggestion.
Prior to launching the page the requires the UI-less control direct the user to a pre-requisites page that loads a FullTrust XBAP signed with the same cert as my UI-less control uses.
Redirect to pre-requisites page that has a full trust XBAP WITH UI signed with the same cert as the UI-less control.
If the user sees the trust not granted error they can use the Support URL provided as part of the error to walk through the installation process.
After the user completes the steps necessary for installation present the user with a link that sends them back to the pre-requisites page.
Whenever the control loads in the pre-requisites page the after the user supposedly granted the XBAP full trust execute code through the javascript interop supported in .NET 4.0 that redirects the user to the page with the UI-less control.