Deploying Binaries To The Bin Folder   Share Point Saturday Kc 2009
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009

on

  • 2,450 views

Slides from my talk at SharePoint Saturday Kansas City December 2009 about deploying partially trusted code in SharePoint 2010.

Slides from my talk at SharePoint Saturday Kansas City December 2009 about deploying partially trusted code in SharePoint 2010.

Statistics

Views

Total Views
2,450
Views on SlideShare
2,426
Embed Views
24

Actions

Likes
0
Downloads
13
Comments
0

8 Embeds 24

http://todosharepoint.blogspot.com 12
http://www.slideshare.net 3
http://todosharepoint.blogspot.com.es 3
http://todosharepoint.blogspot.be 2
http://todosharepoint.blogspot.com.ar 1
http://todosharepoint.blogspot.mx 1
http://todosharepoint.blogspot.ch 1
http://todosharepoint.blogspot.tw 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Partial trust vs. Full Trust
  • Demo code of web part.
  • Demo CAS by adding APTCA attribute and Manifest.xml configuration.
  • SecurityPermission class controlled by SecurityPermissionFlagenum.EnvironmentPermission - EnvironmentPermissionAccess (NoAccess, Read, Write, AllAccess)SqlClientPermission - DBDataPermissionAttribute (AllowBlankPassword, ConnectionString)FileIOPermission - FileIOPermissionAttribute (Read, Write, PathDiscovery, Append)EventLogPermission - EventLogPermissionAttribute (MachineName, Unrestricted)ConfigurationPermission - Unrestricted OnlyReflectionPermission - Needed for LINQAspNetHostingPermission - Needed for ControlsSharePointPermission - ObjectModel = True (Unrestricted = true) sometimes
  • Show web.config and partial trust config files.
  • Demo sandboxed solutions.

Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009 Presentation Transcript

  • 1. Deploying binaries to the bin folder
    Partially Trusted Code in SharePoint
    Corey Roth
    Stonebridge
    Twitter: @coreyroth
    Blog: www.dotnetmafia.com
  • 2. Corey Roth
    Consultant for Stonebridge in Tulsa, OK
    Worked in Consumer Electronics, Travel, Advertising, and Energy industries
    Currently doing SharePoint development specializing in Enterprise Search
    Microsoft Solutions Advocate
    Microsoft Award for Customer Excellence (ACE) Winner
    E-mail: coreyroth@gmail.com
    Twitter: @coreyroth
    Blog: www.dotnetmafia.com
  • 3. What is Partial Trust?
  • 4. Why use Partial Trust?
    More Secure
    Allows deployment of assemblies to bin folder
    Deployment doesn’t require an Application Pool reset
    Doesn’t require giving every deployed DLL full trust
  • 5. Demo
  • 6. Implementing Partial Trust
    Add [Assembly: AllowParitallyTrustedCallers()] to AssemblyInfo.cs
    Set <trust Level=“Minimal” originUrl=“” /> in web.config
    Define Security Policy in Trust configuration file
    Security policy can be deployed via solution package (.wsp) using manifest.xml
    PowerShell: Install with Install-SPSolution and –CASPolicies parameter
    WSS3: Install with stsadm and –allowCasPolicies parameter
  • 7. Visual Studio 2010
    CAS policies configured in Package Editor manifest tab
    Still must configure permissions manually
    Set Assembly Deployment Target to WebApplication on project properties
  • 8. Demo
  • 9. How do I determine CAS policy?
    Google
    Reflector
    Exceptions
    DotNetMafia.com
  • 10. <CodeAccessSecurity>
    Element in trust configuration file that defines which CAS Policies apply to each assembly
    <IPermission> element defines individual rights to resources such as ASP.NET, SharePoint, EventLog, Configuration, SQL Server, File I/O
    Can be copied to configuration file manually or deployed via solution package (wsp)
  • 11. <IPermission>
    AspNetHostingPermission (Level=“Minimal”) – Required for ASP.NET Controls
    SharePointPermission (ObjectModel=“True”) – Required to use SharePoint API
    FileIOPermission (Read, Write, PathDiscovery, Append) – Specifies files the code can access - $AppDir$ by default
    SqlClientPermission – Required to access SQL Server
    ReflectionPermission – Required for LINQ
    SecurityPermission – Required for most basic operations
    EnvironmentPermission – Provides access to environment variables
  • 12. What the solution package does
    Backs up your web.config
    Changes the trust element to WSS_Custom in web.config
    Backs up trust configuration file – wss_minimaltrust.config becomes wss_custom_wss_minimaltrust.config
    Changes the path to the trust configuration file in the web.config <trustLevel> element
    Adds code access security settings from manifest.xml
  • 13. Demo
  • 14. Sandboxed Solutions
    Variation of Code Access Security but more restrictive
    Permissions configured in wss_UserCode.xml in the 14CONFIG folder
    Only allows use of ASP.NET controls and some of the SharePoint object model
  • 15. Demo
  • 16. What requires full trust?
    Event Receivers
    Visual Web Parts
    Timer Jobs
    PowerShell commandlets
    STSADM Commands
  • 17. Questions?
  • 18. Thank you sponsors!!
  • 19. 2 HP Netbook’s
    Also Tons of books
    2 thinkgeekgiftcards for $100
    Telerikrad controls set
    2 licenses of essential user interface studio
    1 webcast from critical path
    Microsoft Zune
  • 20. Thanks
    Corey Roth
    E-mail: coreyroth@gmail.com
    Twitter: @coreyroth
    Blog: www.dotnetmafia.com