Implemting Partial Trust in SharePoint<br />Presenter: Corey Roth<br />Enterprise Consultant<br />Stonebridge<br />Blog: w...
Corey Roth<br />Consultant for Stonebridge<br />Worked in Consumer Electronics, Travel, Advertising, and Energy industries...
Beer and Code Meetup Tonight!<br />Tonight at Dirty Tavern (325 W 2nd) around 6pm after TechFest<br />Come talk with other...
SharePint – A SharePoint Meetup<br />Next Thursday at Crawpappy’s (51st and Harvard)<br />Come talk with other SharePoint ...
What is Partial Trust?<br />
Why use Partial Trust<br />More Secure<br />Doesn’t require giving every deployed DLL full trust<br />Allows deployment of...
Demo<br />
Implementing Partial Trust<br />Add [Assembly: AllowParitallyTrustedCallers()] to AssemblyInfo.cs<br />Set <trust Level=“M...
Demo<br />
What the Solution Package does…<br />Backs up your web.config<br />Changes the trust element to WSS_Custom in web.config<b...
<CodeAccessSecurity><br />Element in trust configuration file that defines which CAS Policies apply to each assembly<br />...
<IPermission><br />AspNetHostingPermission (Level=“Minimal”) – Required for ASP.NET Controls<br />SharePointPermission (Ob...
What requires Full Trust?<br />Item Event Receivers<br />Timer Jobs<br />STSADM Commands<br />
Questions?<br />
Don’t Forget!<br />Beer and Code Meetup Tonight at Dirty’s Tavern (325 E 2nd)<br />SharePintMeetup – This Thursday October...
Thanks<br />Corey Roth<br />coreyroth@gmail.com<br />www.dotnetmafia.com<br />
Upcoming SlideShare
Loading in...5
×

Implementing Partial Trust In Share Point

2,081
-1

Published on

Slides from my talk at Tulsa School of Dev about Implementing partially trusted code using code access security policies in SharePoint.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,081
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
17
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Partial trust vs. Full Trust
  • Demo the first web part without CAS.
  • Demo CAS by adding APTCA attribute and Manifest.xml configuration.
  • Demo the use of BDC Tools, the MetaData Model and the Import Process
  • Implementing Partial Trust In Share Point

    1. 1. Implemting Partial Trust in SharePoint<br />Presenter: Corey Roth<br />Enterprise Consultant<br />Stonebridge<br />Blog: www.dotnetmafia.com<br />
    2. 2. Corey Roth<br />Consultant for Stonebridge<br />Worked in Consumer Electronics, Travel, Advertising, and Energy industries<br />Currently doing MOSS development specializing in Enterprise Search and ECM<br />OSU Graduate<br />Microsoft Award for Customer Excellence (ACE) Winner<br />E-mail: corey.roth@gmail.com<br />Blog: www.dotnetmafia.com (mirrored on sharepointblogs.com)<br />
    3. 3. Beer and Code Meetup Tonight!<br />Tonight at Dirty Tavern (325 W 2nd) around 6pm after TechFest<br />Come talk with other IT professionals about .NET, C#, Agile, SharePoint, Ruby and more<br />Downtown – Just minutes from TechFest<br />Now you have something to do tonight!<br />
    4. 4. SharePint – A SharePoint Meetup<br />Next Thursday at Crawpappy’s (51st and Harvard)<br />Come talk with other SharePoint developers in a casual setting<br />Great place to talk to others about best practices and your latest SharePoint issues<br />No presentations or slides<br />Not a User Group<br />All are welcome!<br />
    5. 5. What is Partial Trust?<br />
    6. 6. Why use Partial Trust<br />More Secure<br />Doesn’t require giving every deployed DLL full trust<br />Allows deployment of assemblies to bin folder<br />Deployment doesn’t require an Application Pool reset<br />
    7. 7. Demo<br />
    8. 8. Implementing Partial Trust<br />Add [Assembly: AllowParitallyTrustedCallers()] to AssemblyInfo.cs<br />Set <trust Level=“Minimal” originUrl=“” /> in web.config<br />Define Security Policy in Trust configuration file<br />Security policy can be deployed via solution package (.wsp)<br />Install solution files with –allowCasPolicies parameter<br />
    9. 9. Demo<br />
    10. 10. What the Solution Package does…<br />Backs up your web.config<br />Changes the trust element to WSS_Custom in web.config<br />Backs up trust configuration file – wss_minimaltrust.config becomes wss_custom_wss_minimaltrust.config<br />Changes the path to the trust configuration file in the web.config <trustLevel> element<br />Adds code access security settings from manifest.xml<br />
    11. 11. <CodeAccessSecurity><br />Element in trust configuration file that defines which CAS Policies apply to each assembly<br /><IPermission> element defines individual rights to resources such as ASP.NET, SharePoint, EventLog, Configuration, SQL Server, File I/O<br />Can be copied to configuration file manually or deployed via solution package (wsp)<br /><IPermission class="Microsoft.SharePoint.Security.SharePointPermission, <br />Microsoft.SharePoint.Security, Version=12.0.0.0, <br />Culture=neutral, PublicKeyToken=71e9bce111e9429c"<br /> version="1" ObjectModel="True" /><br />
    12. 12. <IPermission><br />AspNetHostingPermission (Level=“Minimal”) – Required for ASP.NET Controls<br />SharePointPermission (ObjectModel=“True”) – Required to use SharePoint API<br />FileIOPermission (Read, Write, PathDiscovery, Append) – Specifies files the code can access - $AppDir$ by default<br />SqlClientPermission – Required to access SQL Server<br />ReflectionPermission – Required for LINQ<br />SecurityPermission – Required for most basic operations<br />EnvironmentPermission – Provides access to environment variables<br />
    13. 13. What requires Full Trust?<br />Item Event Receivers<br />Timer Jobs<br />STSADM Commands<br />
    14. 14. Questions?<br />
    15. 15. Don’t Forget!<br />Beer and Code Meetup Tonight at Dirty’s Tavern (325 E 2nd)<br />SharePintMeetup – This Thursday October 16th at Crawpappy’s (51st and Harvard) at 6pm<br />
    16. 16. Thanks<br />Corey Roth<br />coreyroth@gmail.com<br />www.dotnetmafia.com<br />
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×