Deploying binaries to the bin folder<br />Partially Trusted Code in SharePoint<br />Corey Roth<br />Stonebridge<br />Twitt...
Corey Roth<br />Consultant for Stonebridge in Tulsa, OK<br />Worked in Consumer Electronics, Travel, Advertising, and Ener...
What is Partial Trust?<br />
Why use Partial Trust?<br />More Secure<br />Allows deployment of assemblies to bin folder<br />Deployment doesn’t require...
Demo<br />
Implementing Partial Trust<br />Add [Assembly: AllowParitallyTrustedCallers()] to AssemblyInfo.cs<br />Set <trust Level=“M...
Visual Studio 2010<br />CAS policies configured in Package Editor manifest tab<br />Still must configure permissions manua...
Demo<br />
How do I determine CAS policy?<br />Google<br />Reflector<br />Exceptions<br />DotNetMafia.com<br />
<CodeAccessSecurity><br />Element in trust configuration file that defines which CAS Policies apply to each assembly<br />...
<IPermission><br />AspNetHostingPermission (Level=“Minimal”) – Required for ASP.NET Controls<br />SharePointPermission (Ob...
What the solution package does<br />Backs up your web.config<br />Changes the trust element to WSS_Custom in web.config<br...
Demo<br />
Sandboxed Solutions<br />Variation of Code Access Security but more restrictive<br />Permissions configured in wss_UserCod...
Demo<br />
What requires full trust?<br />Event Receivers<br />Visual Web Parts<br />Timer Jobs<br />PowerShell commandlets<br />STSA...
Questions?<br />
Thank you sponsors!!<br />
2 HP Netbook’s<br />Also Tons of books<br />2 thinkgeekgiftcards for $100 <br />Telerikrad controls set<br />2 licenses of...
Thanks<br />Corey Roth<br />E-mail: coreyroth@gmail.com<br />Twitter: @coreyroth<br />Blog: www.dotnetmafia.com<br />
Upcoming SlideShare
Loading in...5
×

Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009

1,809

Published on

Slides from my talk at SharePoint Saturday Kansas City December 2009 about deploying partially trusted code in SharePoint 2010.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,809
On Slideshare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Partial trust vs. Full Trust
  • Demo code of web part.
  • Demo CAS by adding APTCA attribute and Manifest.xml configuration.
  • SecurityPermission class controlled by SecurityPermissionFlagenum.EnvironmentPermission - EnvironmentPermissionAccess (NoAccess, Read, Write, AllAccess)SqlClientPermission - DBDataPermissionAttribute (AllowBlankPassword, ConnectionString)FileIOPermission - FileIOPermissionAttribute (Read, Write, PathDiscovery, Append)EventLogPermission - EventLogPermissionAttribute (MachineName, Unrestricted)ConfigurationPermission - Unrestricted OnlyReflectionPermission - Needed for LINQAspNetHostingPermission - Needed for ControlsSharePointPermission - ObjectModel = True (Unrestricted = true) sometimes
  • Show web.config and partial trust config files.
  • Demo sandboxed solutions.
  • Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009

    1. 1. Deploying binaries to the bin folder<br />Partially Trusted Code in SharePoint<br />Corey Roth<br />Stonebridge<br />Twitter: @coreyroth<br />Blog: www.dotnetmafia.com<br />
    2. 2. Corey Roth<br />Consultant for Stonebridge in Tulsa, OK<br />Worked in Consumer Electronics, Travel, Advertising, and Energy industries<br />Currently doing SharePoint development specializing in Enterprise Search<br />Microsoft Solutions Advocate<br />Microsoft Award for Customer Excellence (ACE) Winner<br />E-mail: coreyroth@gmail.com<br />Twitter: @coreyroth<br />Blog: www.dotnetmafia.com<br />
    3. 3. What is Partial Trust?<br />
    4. 4. Why use Partial Trust?<br />More Secure<br />Allows deployment of assemblies to bin folder<br />Deployment doesn’t require an Application Pool reset<br />Doesn’t require giving every deployed DLL full trust<br />
    5. 5. Demo<br />
    6. 6. Implementing Partial Trust<br />Add [Assembly: AllowParitallyTrustedCallers()] to AssemblyInfo.cs<br />Set <trust Level=“Minimal” originUrl=“” /> in web.config<br />Define Security Policy in Trust configuration file<br />Security policy can be deployed via solution package (.wsp) using manifest.xml<br />PowerShell: Install with Install-SPSolution and –CASPolicies parameter<br />WSS3: Install with stsadm and –allowCasPolicies parameter<br />
    7. 7. Visual Studio 2010<br />CAS policies configured in Package Editor manifest tab<br />Still must configure permissions manually<br />Set Assembly Deployment Target to WebApplication on project properties<br />
    8. 8. Demo<br />
    9. 9. How do I determine CAS policy?<br />Google<br />Reflector<br />Exceptions<br />DotNetMafia.com<br />
    10. 10. <CodeAccessSecurity><br />Element in trust configuration file that defines which CAS Policies apply to each assembly<br /><IPermission> element defines individual rights to resources such as ASP.NET, SharePoint, EventLog, Configuration, SQL Server, File I/O<br />Can be copied to configuration file manually or deployed via solution package (wsp)<br />
    11. 11. <IPermission><br />AspNetHostingPermission (Level=“Minimal”) – Required for ASP.NET Controls<br />SharePointPermission (ObjectModel=“True”) – Required to use SharePoint API<br />FileIOPermission (Read, Write, PathDiscovery, Append) – Specifies files the code can access - $AppDir$ by default<br />SqlClientPermission – Required to access SQL Server<br />ReflectionPermission – Required for LINQ<br />SecurityPermission – Required for most basic operations<br />EnvironmentPermission – Provides access to environment variables<br />
    12. 12. What the solution package does<br />Backs up your web.config<br />Changes the trust element to WSS_Custom in web.config<br />Backs up trust configuration file – wss_minimaltrust.config becomes wss_custom_wss_minimaltrust.config<br />Changes the path to the trust configuration file in the web.config <trustLevel> element<br />Adds code access security settings from manifest.xml<br />
    13. 13. Demo<br />
    14. 14. Sandboxed Solutions<br />Variation of Code Access Security but more restrictive<br />Permissions configured in wss_UserCode.xml in the 14CONFIG folder<br />Only allows use of ASP.NET controls and some of the SharePoint object model<br />
    15. 15. Demo<br />
    16. 16. What requires full trust?<br />Event Receivers<br />Visual Web Parts<br />Timer Jobs<br />PowerShell commandlets<br />STSADM Commands<br />
    17. 17. Questions?<br />
    18. 18. Thank you sponsors!!<br />
    19. 19. 2 HP Netbook’s<br />Also Tons of books<br />2 thinkgeekgiftcards for $100 <br />Telerikrad controls set<br />2 licenses of essential user interface studio<br />1 webcast from critical path<br />Microsoft Zune<br />
    20. 20. Thanks<br />Corey Roth<br />E-mail: coreyroth@gmail.com<br />Twitter: @coreyroth<br />Blog: www.dotnetmafia.com<br />
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×