Your SlideShare is downloading. ×
Deploying Binaries To The Bin Folder   Share Point Saturday Kc 2009
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009

1,762
views

Published on

Slides from my talk at SharePoint Saturday Kansas City December 2009 about deploying partially trusted code in SharePoint 2010.

Slides from my talk at SharePoint Saturday Kansas City December 2009 about deploying partially trusted code in SharePoint 2010.

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,762
On Slideshare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Partial trust vs. Full Trust
  • Demo code of web part.
  • Demo CAS by adding APTCA attribute and Manifest.xml configuration.
  • SecurityPermission class controlled by SecurityPermissionFlagenum.EnvironmentPermission - EnvironmentPermissionAccess (NoAccess, Read, Write, AllAccess)SqlClientPermission - DBDataPermissionAttribute (AllowBlankPassword, ConnectionString)FileIOPermission - FileIOPermissionAttribute (Read, Write, PathDiscovery, Append)EventLogPermission - EventLogPermissionAttribute (MachineName, Unrestricted)ConfigurationPermission - Unrestricted OnlyReflectionPermission - Needed for LINQAspNetHostingPermission - Needed for ControlsSharePointPermission - ObjectModel = True (Unrestricted = true) sometimes
  • Show web.config and partial trust config files.
  • Demo sandboxed solutions.
  • Transcript

    • 1. Deploying binaries to the bin folder
      Partially Trusted Code in SharePoint
      Corey Roth
      Stonebridge
      Twitter: @coreyroth
      Blog: www.dotnetmafia.com
    • 2. Corey Roth
      Consultant for Stonebridge in Tulsa, OK
      Worked in Consumer Electronics, Travel, Advertising, and Energy industries
      Currently doing SharePoint development specializing in Enterprise Search
      Microsoft Solutions Advocate
      Microsoft Award for Customer Excellence (ACE) Winner
      E-mail: coreyroth@gmail.com
      Twitter: @coreyroth
      Blog: www.dotnetmafia.com
    • 3. What is Partial Trust?
    • 4. Why use Partial Trust?
      More Secure
      Allows deployment of assemblies to bin folder
      Deployment doesn’t require an Application Pool reset
      Doesn’t require giving every deployed DLL full trust
    • 5. Demo
    • 6. Implementing Partial Trust
      Add [Assembly: AllowParitallyTrustedCallers()] to AssemblyInfo.cs
      Set <trust Level=“Minimal” originUrl=“” /> in web.config
      Define Security Policy in Trust configuration file
      Security policy can be deployed via solution package (.wsp) using manifest.xml
      PowerShell: Install with Install-SPSolution and –CASPolicies parameter
      WSS3: Install with stsadm and –allowCasPolicies parameter
    • 7. Visual Studio 2010
      CAS policies configured in Package Editor manifest tab
      Still must configure permissions manually
      Set Assembly Deployment Target to WebApplication on project properties
    • 8. Demo
    • 9. How do I determine CAS policy?
      Google
      Reflector
      Exceptions
      DotNetMafia.com
    • 10. <CodeAccessSecurity>
      Element in trust configuration file that defines which CAS Policies apply to each assembly
      <IPermission> element defines individual rights to resources such as ASP.NET, SharePoint, EventLog, Configuration, SQL Server, File I/O
      Can be copied to configuration file manually or deployed via solution package (wsp)
    • 11. <IPermission>
      AspNetHostingPermission (Level=“Minimal”) – Required for ASP.NET Controls
      SharePointPermission (ObjectModel=“True”) – Required to use SharePoint API
      FileIOPermission (Read, Write, PathDiscovery, Append) – Specifies files the code can access - $AppDir$ by default
      SqlClientPermission – Required to access SQL Server
      ReflectionPermission – Required for LINQ
      SecurityPermission – Required for most basic operations
      EnvironmentPermission – Provides access to environment variables
    • 12. What the solution package does
      Backs up your web.config
      Changes the trust element to WSS_Custom in web.config
      Backs up trust configuration file – wss_minimaltrust.config becomes wss_custom_wss_minimaltrust.config
      Changes the path to the trust configuration file in the web.config <trustLevel> element
      Adds code access security settings from manifest.xml
    • 13. Demo
    • 14. Sandboxed Solutions
      Variation of Code Access Security but more restrictive
      Permissions configured in wss_UserCode.xml in the 14CONFIG folder
      Only allows use of ASP.NET controls and some of the SharePoint object model
    • 15. Demo
    • 16. What requires full trust?
      Event Receivers
      Visual Web Parts
      Timer Jobs
      PowerShell commandlets
      STSADM Commands
    • 17. Questions?
    • 18. Thank you sponsors!!
    • 19. 2 HP Netbook’s
      Also Tons of books
      2 thinkgeekgiftcards for $100
      Telerikrad controls set
      2 licenses of essential user interface studio
      1 webcast from critical path
      Microsoft Zune
    • 20. Thanks
      Corey Roth
      E-mail: coreyroth@gmail.com
      Twitter: @coreyroth
      Blog: www.dotnetmafia.com