1 / 37

Developing with Microsoft SharePoint Server 2010 Sandboxed Solutions

Required Slide. SESSION CODE: OSP308. Developing with Microsoft SharePoint Server 2010 Sandboxed Solutions. Scot Hillier scot@shillier.com Scot Hillier Technical Solutions, LLC. Code for Today’s Session. http://hillier.codeplex.com http://sandbox.codeplex.com. Agenda.

niyati
Download Presentation

Developing with Microsoft SharePoint Server 2010 Sandboxed Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Required Slide SESSION CODE: OSP308 Developing with Microsoft SharePoint Server 2010 Sandboxed Solutions Scot Hillier scot@shillier.com Scot Hillier Technical Solutions, LLC

  2. Code for Today’s Session http://hillier.codeplex.com http://sandbox.codeplex.com

  3. Agenda • Why do we need Sandboxed Solutions? • What is the Sandbox? • How does the Sandbox work? • How do I build a Sandboxed Solution? • What are the restrictions on a Sandboxed Solution? • Can I get out of the Sandbox when necessary? • How are Sandboxed Solutions managed?

  4. How to Enrage SP IT Pros • Ask them to change the production farm trustLevel to Full. • Ask them to make hand edits to the web.config files in the production farm. • Forget to compile your production code in Release mode. • Forget to run SPDisposeCheck against your assemblies before deployment. • Tell them everything has to go in the GAC.

  5. Sandboxed Solutions – Why? Security & Stability BusinessAgility Totally Agile Business • Simple deployment model • Limited restrictions on developer access to farm • All resources are available to solutions • Iterative development process

  6. Sandboxed Solutions – Why? Security & Stability BusinessAgility Totally Stable & Secure • ‘Clean Room’ Datacenter • 3 week change control process • Formal code review • Severe restrictions on resource access

  7. Sandboxed Solutions – Why? Security & Stability BusinessAgility Essential Agility Essential Stability • Easy deployment • Iterative development • Safe • Limited API Access • Monitored

  8. Supported Solutions • Content Types, Site Columns • Custom Actions • Declarative Workflows • Event Receivers, Feature Receivers • InfoPath Forms Services (not admin-appr)JavaScript, AJAX, jQuery, Silverlight • List Definitions • Non-visual web parts • Site Pages • SharePoint OnLine

  9. Key Limitations • Sandboxed Solution runs in sandbox. Other artifacts like lists and declarative workflows run with full trust because they have no code. • User identity is lost when running in the sandbox • Business Connectivity Services requires Secure Store Service if identity is required • Must run worker process as managed account to use SSS • Script Manager, Page-level variables, web-part connections unavailable because solution doesn’t really run on the page.

  10. The Sandbox • A separate process where the solution runs • Exposes a subset of Microsoft.SharePoint • Code Access Security policy limits functionality • Site Collection Solution Gallery for deployment • Central Administration for managing and monitoring solutions

  11. A Separate Process • User Code Service(SPUCHostService.exe) • Sandbox Worker Process(SPUCWorkerProcess.exe) • Sandbox Worker Process Proxy(SPUCWorkerProcessProxy.exe)

  12. A Subset of Microsoft.SharePoint • Microsoft.SharePointExcept • SPSite constructor • SPSecurity object • SPWorkItem and SPWorkItemCollection objects • SPAlertCollection.Addmethod • SPAlertTemplateCollection.Add method • SPUserSolution and SPUserSolutionCollection objects • SPTransformUtilities • Microsoft.SharePoint.Navigation • Microsoft.SharePoint.UtilitiesExcept • SPUtility.SendEmail method • SPUtility.GetNTFullNameandEmailFromLogin method • Microsoft.SharePoint.Workflow • Microsoft.SharePoint.WebPartPagesExcept • SPWebPartManager object • SPWebPartConnection object • WebPartZone object • WebPartPage object • ToolPane object • ToolPart object

  13. Code Access Security Policy • SharePointPermission.ObjectModel • SecurityPermission.Execution • AspNetHostingPermission.Level = Minimal Note: Several approaches can be used to “break out” of the Sandbox

  14. Solution Gallery • Site Collection Library • Located at _catalogs/solutions • Upload, activate, deactivate

  15. Central Administration • Solution Administration • Block Solutions • Quota Templates • Resource Monitoring

  16. Basics Creating Sandboxed Solutions DEMO

  17. Sandbox Architecture FRONT END HOST SERVER Execution Manager(Inside Application Pool) Host Services (SPUCHostService.exe) Worker Service (SPUCWorkerProcess.exe) IIS(WPW3.EXE) Untrusted Code Subset Object Model Proxy Microsoft.SharePoint.dll

  18. Sandbox Architecture FRONT END HOST SERVER Execution Manager(Inside Application Pool) Host Services (SPUCHostService.exe) Worker Service (SPUCWorkerProcess.exe) IIS(W3WP.EXE) Untrusted Code Subset Object Model Proxy Subset-Model Request Microsoft.SharePoint.dll

  19. Sandbox Architecture FRONT END HOST SERVER Execution Manager(Inside Application Pool) Host Services (SPUCHostService.exe) Worker Service (SPUCWorkerProcess.exe) IIS(W3WP.EXE) Untrusted Code Subset Object Model Proxy Full-Model Request Microsoft.SharePoint.dll

  20. Sandbox Architecture FRONT END HOST SERVER Execution Manager(Inside Application Pool) Host Services (SPUCHostService.exe) Worker Service (SPUCWorkerProcess.exe) IIS(W3WP.EXE) • while(true) • { • //Do a Bad Bad Thing! • } Run for 30sec Untrusted Code Subset Object Model Proxy Resource Wasting Call Microsoft.SharePoint.dll

  21. Full-Trust Proxy Worker Service (SPUCWorkerProcess.exe) GAC SPProxyOperationsArgs SPProxyOperationsArgs SPProxyOperation SPUtility SecuredResource

  22. Client-Side Solutions Worker Service (SPUCWorkerProcess.exe) Silverlight App Silverlight Web Part Host Uncustomized Page JavaScript Web Service (or Client OM) SecuredResource

  23. Breaking-Out of the Sandbox Full-trust and Client-Side Solutions DEMO

  24. Administration

  25. Load Balancing Partial Trust can be run in two modes • Local Mode • Execute code on WFE • Low administration overhead • Lower scalability • Remote mode • Execute on back-end farm machine • Load balanced distribution of code execution requests • Create custom Load balancers

  26. Solution Monitoring • Farm Administrators • Set absolute limits • Site Administrators • Identify expensive solutions Server Resources: CPU, Memory, SQL, Exceptions, Critical Errors, Handles, Threads, …

  27. Resource Quotas Central Admin Solution Gallery Measured in ‘Resource Points’

  28. Administration DEMO

  29. Summary • Sandboxed Solutions greatly improve farm stability • The Sandbox is a separate process where our applications run • The Sandbox has OM and CAS restrictions • Many solution types are supported • Full-Trust Proxies and client-side solutions allow access to resources • Developers create, Site Collection admins install, Farm admins manage

  30. Play the Microsoft Office & SharePoint Track Tag Contest Download the Microsoft Tag Reader Open the internet browser on your mobile phone and visit http://gettag.mobi Grand Prize (1) Xbox 360 Prize Package and Microsoft® Office 2010 Daily Prizes 40 copies of Microsoft® Office 2010 Come to the Expo Hall – Yellow Section OSP Info Desk for Official Rules & Collect Additional Tags from all OSP Track Sessions, Speakers and Expo Hall!

  31. Required Slide Track PMs will supply the content for this slide, which will be inserted during the final scrub. Track Resources • For More Information – http://sharepoint.microsoft.com • SharePoint Developer Center – http://msdn.microsoft.com/sharepoint • SharePoint Tech Center – http://technet.microsoft.com/sharepoint • Official SharePoint Team Blog – http://blogs.msdn.com/sharepoint

  32. Required Slide Speakers, please list the Breakout Sessions, Interactive Sessions, Labs and Demo Stations that are related to your session. Related Content • Breakout Sessions – See Conference Guide for full list of OSP Track Sessions • Interactive Sessions – OSP Track has 10 Interactive Sessions – OSP01-INT – OSP10-INT • Hands-on Labs – OSP01-HOL – OSP20-HOL • Product Demo Stations – Yellow Section, OSP • Office 2010, SharePoint 2010, Project Server 2010, Visio 2010 have kiosks and demos

  33. Required Slide Resources Learning • Sessions On-Demand & Community • Microsoft Certification & Training Resources www.microsoft.com/teched www.microsoft.com/learning • Resources for IT Professionals • Resources for Developers • http://microsoft.com/technet • http://microsoft.com/msdn

  34. Required Slide Complete an evaluation on CommNet and enter to win!

  35. Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st http://northamerica.msteched.com/registration You can also register at the North America 2011 kiosk located at registrationJoin us in Atlanta next year

  36. © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

  37. Required Slide

More Related