Mostafa Elzoghbi: SharePoint 2010 Sandbox Solutions Best Practices


Published on

1 Comment
1 Like
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • MostafaElzoghbiMetroStar SystemsSr. Software EngineerMCAD,MCSD,MCTS,C# MVP
  • In this demo will show:Use VS 2010 to create sandbox solutions.Deploy and configuration on the Sandbox solutions.Test deploy the sandbox solution.Go through the prerequisites to enable user code service on your farm. Enable User code service in your farm-- Tips: Don’t use WSP Builder menu for Sandbox solutions, use Retract,Deply…etc options from the Project properties menu.Try to do a change in UI and redeploy your wsp, the old webpart UI still cached, Resolve: Remove the webpart from webpart gallery.
  • Inert: Not effectiveIt’s called also : Sandbox Solution model process: 4 phases: Upload stageActivation stageDeactivation stage: pages with web parts will shows an error message.Delete Stage: cant be deleted if the solution is activated. If deleted it goes to the site recycle bin and can be deleted or restored.Upgrade Stage
  • Activate/ Deactivate/ Delete and restore.
  • Path for the configuration for the sandbox solution is:C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions14CONFIGFile name: wss_usercode.config
  • How to get VS 2010 SP power tools:From VS tools -> Extension manager and Top Ranked Extensions.
  • Open SPSNYCDemo2Try to build - > Get an error since the SPSecurity in not available in sandbox solutions.Change the project target to farm solution and try to build -> 0 errors.This is only applied on: VS 2010 Power tools. This is your validation for Sandbox solutions.Details:
  • To show how to load balance the sandbox solutions:Central AdministrationSystem SettingsManage User Solutions All user requests will be executed on the same machine - >Users’ requests are routed using solution affinity.Try to blocksharepoint solution and navigate to the webpart page. You will see the block message is appearing.
  • Farm solution.
  • Only 14 metric:
  • From Central admin -> application management -> Configure quotas and locks
  • Mostafa Elzoghbi: SharePoint 2010 Sandbox Solutions Best Practices

    1. 1. SP 2010 Sandboxed Solutions <br />MostafaElzoghbi<br />Sr. Software Engineer - C# MVP<br />MetroStar Systems<br />
    2. 2. Agenda<br />Sandbox Solutions Overview<br />SharePoint 2007 Challenges for Farm Solutions<br />SharePoint 2010 Approach for Sandbox Solutions<br />Sandbox Solutions Lifecycle<br />Executing Code in the Sandbox<br />Sandbox Solutions Limitations<br />Sandbox Resource Monitoring<br />Load balancing Sandbox solutions<br />Solution Validation<br />
    3. 3. Overview of the Sandbox<br />Allows a subset of the full capabilities in the SharePoint API<br />Secure – enforcing the sandbox<br />Execute in a partially trusted environment<br />Code executes in a special service process<br />Subject to CAS<br />Validation framework<br />Provides way to do custom farm wide validation for the deployed packages<br />Each solution is isolated to its site collection<br />
    4. 4. Defining the Sandbox<br />Solution Administration - Quota/Blocked Solutions<br />Subset Object Model<br />External Process<br />Code Access Security (CAS Policies)<br />
    5. 5. SharePoint 2007 Challenge<br />Developers build custom solutions<br />Administrators can only secure solutions with CAS<br />Hard to control what is being done in custom code<br />Biggest cause of SharePoint support cases: custom code<br />
    6. 6. SharePoint 2010 Approach<br />Developers build custom solutions<br />Site collection owners deploy, activate and implement the customizations<br />Administrators leverage resource monitors to check site collection usage<br />Automatic triggers “turn off” custom solutions in a site collection that are too expensive and taxing on the server<br />
    7. 7. Sandboxed Solutions Help Enterprises<br />Sandboxed solutions are important because<br />Hosted environments much easier to manage<br />Reduces time to deploying custom solutions<br />Removing process of getting code approved and deployed by IT (Dev-Staging-Production)<br />Improves stability of SharePoint servers<br />Now badly performing code isolated to site collection rather than potentially bringing down an entire server<br />
    8. 8. Create/Deploy Sandbox solution<br />demo <br />
    9. 9. Site Collection Administration<br />Solution Gallery -- _catalogs/solutions<br />Empower Site Collection administrators<br />
    10. 10. Sandboxed Solution Lifecycle<br />
    11. 11. Managing Sandbox Solutions<br />demo <br />
    12. 12. Solution Administration<br />Central Administration<br />Block Solutions<br />Quota Templates<br />
    13. 13. The Subset Object Model<br />SPSite<br />In general<br />SPSite and below<br />No SPSecurity<br />No SPSite construction<br />Common namespaces not available<br />Microsoft.SharePoint.Administration<br />Microsoft.SharePoint.WebControls<br />SPWeb<br />SPList<br />SPListItem<br />
    14. 14. A Separate Process<br />User Code Service : Started where WFE configured to run sandbox solutions.(SPUCHostService.exe)<br />Sandbox Worker Process: where your actual code runs(SPUCWorkerProcess.exe)<br />Sandbox Worker Process Proxy(SPUCWorkerProcessProxy.exe)<br />
    15. 15. Sandbox and Code Access Security<br />AspNetHostingPermission, Level=Minimal<br />SharePointPermission, ObjectModel=true<br />SecurityPermission, Flags=Execution<br />Sandbox<br />My.dll<br />wss_usercode.config<br />Other.dll<br />System DLL<br />SharePoint DLL<br />Full Trust<br />SharePoint OM<br />Subset OM<br />
    16. 16. Front end<br />Back end<br />Host Service<br />ExecutionManager<br />Sandboxing Architecture<br />Worker Process<br />Untrusted Code<br />Subset Object Model<br />Full Object Model<br />
    17. 17. Sandboxed Solutions Process<br />2<br />1<br />5<br />6<br />7<br />4<br />3<br />Per-WFE AssemblyCache<br />RootSPWeb of SPSite<br /><siteguid>company.intranet.webpart.wspfoo.dll<br />Solution gallery<br />Web Part gallery<br />Sandboxed Worker Process<br />WebParts.wsp<br />
    18. 18. Types of Sandboxed Solutions<br />Sandboxed Solutions Support<br />Sandboxed solutions offer developers a subset of the SharePoint API available fully trusted solutions<br />Site collection and site scoped Features<br />Many XML constructs available: Modules, Lists, ContentTypes, etc.<br />Client technologies to access external data – JavaScript, Silverlight etc.<br />Offloading resource usage and access handling to client<br />
    19. 19. Best Practices: Sandbox Boundaries <br />Off-box connections, http, web services, etc<br /><br />Enterprise features (Search, BCS, etc.)<br />Threading  (No complex processing)<br />P-Invoke<br />IO<br />Other sites<br />x<br />x<br />x<br />x<br />x<br />x<br />x<br />
    20. 20. Compiling vs. Executing Sandboxed Solutions<br />Visual Studio 2010uses IntelliSense tohide full-trust types<br />All code is compiled against the full API<br />Thus, no “sandbox” check at compile time… only at runtime<br />Workaround: change the Microsoft.SharePoint.dll project reference to reference the sandbox’s version<br />[..]14UserCodeAssembliesMicrosoft.SharePoint.dll<br />NOTE: Switch it back before deployment!<br />Use this as a temporary test - do not deploy code that references the sandbox’s assembly<br /> This is valid if you don’t have VS 2010 SP Power tools.<br />MyWebPart.dll<br />Runtime<br />Full Object Model<br />Subset Object Model<br />Proxy<br />
    21. 21. Execution vs. Compilation in Sandbox<br />Demo <br />
    22. 22. Load Balancing<br />Sandboxed solutions can be run in two modes<br />Local Mode<br />Execute code on the SharePoint WFE<br />Low administration overhead<br />Lower scalability<br />Remote Mode<br />Execution on back-end farm machine<br />Via dedicated service applications<br />Load balanced distribution of code execution requests<br />
    23. 23. Load balancing Sandbox Solutions & Blocking<br />demo <br />
    24. 24. Solution Validation<br />[GuidAttribute("34805697-1FC4-4b66-AF09-AB48AC0F9D97")]<br />publicclassPublisherValidator:SPSolutionValidator{<br />publicoverridevoidValidateSolution(<br />SPSolutionValidationProperties properties){<br />properties.Valid = [true || false];<br />properties.ValidationErrorMessage = “no soup for you”;<br />}<br />publicoverridevoidValidateAssembly(<br />SPSolutionValidationPropertiesproperties,<br />SPSolutionFileassembly){<br />}<br />}<br />
    25. 25. Solution Validator<br />demo <br />
    26. 26. Monitored Resources<br />You can tweak these values to fit your need…<br />
    27. 27. Manage Sandbox solution resources<br />demo <br />
    28. 28. Summary<br />Sandbox Solutions Overview<br />SharePoint 2007 Challenges for Farm Solutions<br />SharePoint 2010 Approach for Sandbox Solutions<br />Sandbox Solutions Lifecycle<br />Executing Code in the Sandbox<br />Sandbox Solutions Limitations<br />Sandbox Resource Monitoring<br />Load balancing Sandbox solutions<br />Solution Validation<br />
    29. 29. Blog:<br />Twitter: @mostafaelzoghbi<br />