Download
1 / 25
250 likes | 378 Vues
Join Scott Jamison, Managing Partner at Jornata LLC, to explore the importance of Sandboxed Solutions in SharePoint 2010. In this session, we delve into why Sandboxed Solutions enhance security and stability while enabling business agility. Learn how to build, deploy, and manage these solutions effectively, with insights on iterative development processes, limited API access, and best practices. Discover how centralized administration and resource monitoring can ensure optimal performance and security in your SharePoint environment.
E N D
Building Sandbox Solutions for SharePoint 2010 • Scott Jamison • Managing Partner, Jornata LLC • scott.jamison@jornata.com
Session Info • Part 1: Why Sandboxed Solutions? • Part 2: Building and Deploying a Sandboxed Solution • Part 3: Managing Sandboxed Solutions
Issues With SharePoint Solutions • Non-code solutions (SPD, Lists) are easy to deploy but are limited • Code-based solutions require either: • Lengthy deployment process (not agile), or • Developer access to production (not safe)
Sandboxed Solutions – Why? Security & Stability BusinessAgility Totally Agile Business • Simple deployment model • Limited restrictions on developer access to farm • All resources are available to solutions • Iterative development process
Sandboxed Solutions – Why? Security & Stability BusinessAgility Totally Stable & Secure • ‘Clean Room’ Datacenter • 3 week change control process • Formal code review • Severe restrictions on resource access
Sandboxed Solutions – Why? Security & Stability BusinessAgility Essential Agility Essential Stability • Easy deployment • Iterative development • Safe • Limited API Access • Monitored
Farm Solutions vs User Soluitons • Farm Solution: Code is deployed in the solution store via stsadm –o addsolution, just like in MOSS 2007 • User Solution: Code is uploaded via the solutions gallery directly by the user/developer • a.k.a. ‘Sandboxed Solutions’
What is a ‘Sandbox’? • A separate process for the Sandboxed solutions • Limited functionality: • Subset of Microsoft.SharePoint API • Code Access Security policy • Gallery for deployment • Site Collection Solution Gallery • Administration for managing/monitoring solutions • Central administration
A Separate Process • User Code Service(SPUCHostService.exe) • Sandbox Worker Process(SPUCWorkerProcess.exe) • Sandbox Worker Process Proxy(SPUCWorkerProcessProxy.exe)
A Subset of Microsoft.SharePoint API In concept: From the site collection down • Microsoft.SharePointExcept • SPSite constructor • SPSecurity object • SPWorkItem and SPWorkItemCollection objects • SPAlertCollection.Addmethod • SPAlertTemplateCollection.Add method • SPUserSolution and SPUserSolutionCollection objects • SPTransformUtilities • Microsoft.SharePoint.Navigation • Microsoft.SharePoint.UtilitiesExcept • SPUtility.SendEmail method • SPUtility.GetNTFullNameandEmailFromLogin method • Microsoft.SharePoint.Workflow • Microsoft.SharePoint.WebPartPagesExcept • SPWebPartManager object • SPWebPartConnection object • WebPartZone object • WebPartPage object • ToolPane object • ToolPart object
Code Access Security Policy • SharePointPermission.ObjectModel • SecurityPermission.Execution • AspNetHostingPermission.Level = Minimal Note: A fully-trusted “proxy class” can be created to gain access to additional resources
Solution Gallery • Site Collection library located at /_catalogs/solutions • Upload, delete, activate, deactivate, upgrade solutions
DEMO Building and Deploying a Sandboxed Solution
Supported Solution Types • Content Types, Site Columns • Custom Actions • Declarative Workflows • Event Receivers, Feature Receivers • InfoPath Forms Services (not admin-appr)JavaScript, AJAX, jQuery, Silverlight • List Definitions • Non-visual web parts • Site Pages • SharePoint OnLine
Central Administration • Farm ManagementManage User Solutions • Block Solutions • Configure Load Balancing
Central Administration • Farm ManagementSite Collection Quotas • Quotas • Locks
Load Balancing Partial Trust can run in one of two modes • Local Mode • Execute code on WFE • Low administration overhead • Lower scalability • Remote mode • Execute on back-end farm machine • Load balanced distribution of code execution requests • Create custom Load balancers
Solution Monitoring • Farm Administrators • Set absolute limits • Site Administrators • Identify expensive solutions SharePoint Tracks Server Resources: CPU, Memory, SQL, Exceptions, Critical Errors, Handles, Threads, …
Resource ‘Quota’ Points • AbnormalProcessTerminationCount • CPUExecutionTime • CriticalExceptionCount • InvocationCount • PercentProcessorTime • ProcessCPUCycles • ProcessHandleCount • ProcessIOBytes • ProcessThreadCount • ProcessVirtualBytes • SharePointDatabaseQueryCount • SharePointDatabaseQueryTime • UnhandledExceptionCount • UnresponsiveprocessCount
Resource Quotas Central Admin Solution Gallery Measured in ‘Resource Points’
DEMO Managing Sandboxed Solutions
Summary • Sandbox Solutions… • Balance agility and stability • Run in a separate process • Are built using Visual Studio 2010 • Use a subset of the SharePoint API • Are now the preferred solution type • Contact Info: • Scott Jamison • scott.jamison@jornata.com
