Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009

1,865
-1

Published on

Slides from my talk at SharePoint Saturday Kansas City December 2009 about deploying partially trusted code in SharePoint 2010.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,865
On Slideshare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Partial trust vs. Full Trust
  • Demo code of web part.
  • Demo CAS by adding APTCA attribute and Manifest.xml configuration.
  • SecurityPermission class controlled by SecurityPermissionFlagenum.EnvironmentPermission - EnvironmentPermissionAccess (NoAccess, Read, Write, AllAccess)SqlClientPermission - DBDataPermissionAttribute (AllowBlankPassword, ConnectionString)FileIOPermission - FileIOPermissionAttribute (Read, Write, PathDiscovery, Append)EventLogPermission - EventLogPermissionAttribute (MachineName, Unrestricted)ConfigurationPermission - Unrestricted OnlyReflectionPermission - Needed for LINQAspNetHostingPermission - Needed for ControlsSharePointPermission - ObjectModel = True (Unrestricted = true) sometimes
  • Show web.config and partial trust config files.
  • Demo sandboxed solutions.
  • Deploying Binaries To The Bin Folder Share Point Saturday Kc 2009

    1. 1. Deploying binaries to the bin folder<br />Partially Trusted Code in SharePoint<br />Corey Roth<br />Stonebridge<br />Twitter: @coreyroth<br />Blog: www.dotnetmafia.com<br />
    2. 2. Corey Roth<br />Consultant for Stonebridge in Tulsa, OK<br />Worked in Consumer Electronics, Travel, Advertising, and Energy industries<br />Currently doing SharePoint development specializing in Enterprise Search<br />Microsoft Solutions Advocate<br />Microsoft Award for Customer Excellence (ACE) Winner<br />E-mail: coreyroth@gmail.com<br />Twitter: @coreyroth<br />Blog: www.dotnetmafia.com<br />
    3. 3. What is Partial Trust?<br />
    4. 4. Why use Partial Trust?<br />More Secure<br />Allows deployment of assemblies to bin folder<br />Deployment doesn’t require an Application Pool reset<br />Doesn’t require giving every deployed DLL full trust<br />
    5. 5. Demo<br />
    6. 6. Implementing Partial Trust<br />Add [Assembly: AllowParitallyTrustedCallers()] to AssemblyInfo.cs<br />Set <trust Level=“Minimal” originUrl=“” /> in web.config<br />Define Security Policy in Trust configuration file<br />Security policy can be deployed via solution package (.wsp) using manifest.xml<br />PowerShell: Install with Install-SPSolution and –CASPolicies parameter<br />WSS3: Install with stsadm and –allowCasPolicies parameter<br />
    7. 7. Visual Studio 2010<br />CAS policies configured in Package Editor manifest tab<br />Still must configure permissions manually<br />Set Assembly Deployment Target to WebApplication on project properties<br />
    8. 8. Demo<br />
    9. 9. How do I determine CAS policy?<br />Google<br />Reflector<br />Exceptions<br />DotNetMafia.com<br />
    10. 10. <CodeAccessSecurity><br />Element in trust configuration file that defines which CAS Policies apply to each assembly<br /><IPermission> element defines individual rights to resources such as ASP.NET, SharePoint, EventLog, Configuration, SQL Server, File I/O<br />Can be copied to configuration file manually or deployed via solution package (wsp)<br />
    11. 11. <IPermission><br />AspNetHostingPermission (Level=“Minimal”) – Required for ASP.NET Controls<br />SharePointPermission (ObjectModel=“True”) – Required to use SharePoint API<br />FileIOPermission (Read, Write, PathDiscovery, Append) – Specifies files the code can access - $AppDir$ by default<br />SqlClientPermission – Required to access SQL Server<br />ReflectionPermission – Required for LINQ<br />SecurityPermission – Required for most basic operations<br />EnvironmentPermission – Provides access to environment variables<br />
    12. 12. What the solution package does<br />Backs up your web.config<br />Changes the trust element to WSS_Custom in web.config<br />Backs up trust configuration file – wss_minimaltrust.config becomes wss_custom_wss_minimaltrust.config<br />Changes the path to the trust configuration file in the web.config <trustLevel> element<br />Adds code access security settings from manifest.xml<br />
    13. 13. Demo<br />
    14. 14. Sandboxed Solutions<br />Variation of Code Access Security but more restrictive<br />Permissions configured in wss_UserCode.xml in the 14CONFIG folder<br />Only allows use of ASP.NET controls and some of the SharePoint object model<br />
    15. 15. Demo<br />
    16. 16. What requires full trust?<br />Event Receivers<br />Visual Web Parts<br />Timer Jobs<br />PowerShell commandlets<br />STSADM Commands<br />
    17. 17. Questions?<br />
    18. 18. Thank you sponsors!!<br />
    19. 19. 2 HP Netbook’s<br />Also Tons of books<br />2 thinkgeekgiftcards for $100 <br />Telerikrad controls set<br />2 licenses of essential user interface studio<br />1 webcast from critical path<br />Microsoft Zune<br />
    20. 20. Thanks<br />Corey Roth<br />E-mail: coreyroth@gmail.com<br />Twitter: @coreyroth<br />Blog: www.dotnetmafia.com<br />

    ×