slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Creating Sandboxed Solutions with SharePoint 2010 PowerPoint Presentation
Download Presentation
Creating Sandboxed Solutions with SharePoint 2010

Loading in 2 Seconds...

play fullscreen
1 / 35

Creating Sandboxed Solutions with SharePoint 2010 - PowerPoint PPT Presentation

  • Uploaded on

Creating Sandboxed Solutions with SharePoint 2010. Name Title Company. Agenda. Introducing Sandboxed Solutions Executing Code in the Sandbox Building Sandbox Solutions Sandbox Resource Monitoring. Introducing Sandboxed Solutions. SharePoint 2007 Challenge.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Creating Sandboxed Solutions with SharePoint 2010' - patia

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
  • Introducing Sandboxed Solutions
  • Executing Code in the Sandbox
  • Building Sandbox Solutions
  • Sandbox Resource Monitoring
sharepoint 2007 challenge
SharePoint 2007 Challenge
  • Developers build custom solutions
  • Administrators can only secure solutions with CAS
    • Hard to control what is being done in custom code
  • Biggest cause of SharePoint support cases: custom code
sharepoint 2010 approach
SharePoint 2010 Approach
  • Developers build custom solutions
  • Site collection owners deploy, activate and implement the customizations
  • Administrators leverage resource monitors to check site collection usage
    • Automatic triggers “turn off” custom solutions in a site collection that are too expensive and taxing on the server
sandboxed solutions help enterprises
Sandboxed Solutions Help Enterprises
  • Sandboxed solutions are important because
    • Solve SharePoint hosting issues in corporate environments
    • Hosted environments much easier to manage
  • Reduces time to deploying custom solutions
    • Removing process of getting code approved and deployed by IT
  • Improves stability of SharePoint servers
    • Now badly performing code isolated to site collection rather than potentially bringing down an entire server
overview of the sandbox
Overview of the Sandbox
  • Allows a subset of the full capabilities in the SharePoint API
  • Secure – enforcing the sandbox
    • Execute in a partially trusted environment
    • Code executes in a special service process
    • Subject to CAS
    • Validation framework
      • Provides way to do custom farm wide validation for the deployed packages
    • Each solution is isolated to its site collection
site collection administration
Site Collection Administration
  • Solution Gallery -- _catalogs/solutions
  • Empower Site Collection administrators
defining the sandbox
Defining the Sandbox
  • Solution Administration - Quota/Blocked Solutions
  • Subset Object Model
  • External Process
  • Code Access Security (CAS Policies)
solution administration
Solution Administration
  • Central Administration
    • Block Solutions
    • Quota Templates
the subset object model
The Subset Object Model


  • In general
    • SPSite and below
  • No SPSecurity
  • No SPSite construction
  • Common namespaces not available
    • Microsoft.SharePoint.Administration
    • Microsoft.SharePoint.WebControls




a s eparate process
A Separate Process
  • User Code Service(SPUCHostService.exe)
  • Sandbox Worker Process(SPUCWorkerProcess.exe)
  • Sandbox Worker Process Proxy(SPUCWorkerProcessProxy.exe)

Sandbox and Code Access Security

AspNetHostingPermission, Level=Minimal

SharePointPermission, ObjectModel=true

SecurityPermission, Flags=Execution





System DLL

User Code

SharePoint DLL

Full Trust

Framework Code

SharePoint OM

Subset OM

sandboxing architecture
Sandboxing Architecture

Front end

Back end


Host Service

Worker Process

Untrusted Code

Subset Object Model

Full Object Model

sandboxed solutions process


  • 1
  • 5
  • 6
  • 7
  • 4
  • 3
Sandboxed Solutions Process

Per-WFE AssemblyCache

RootSPWeb of SPSite


Solution gallery

Web Part gallery

Sandboxed Worker Process


types of sandboxed solutions
Types of Sandboxed Solutions

Sandboxed Solutions Support

  • Sandboxed solutions offer developers a subset of the SharePoint API available fully trusted solutions
    • Site collection and site scoped Features
    • Many XML constructs available: Modules, Lists, ContentTypes, etc.
  • Client technologies to access external data – JavaScript, Silverlight etc.
    • Offloading resource usage and access handling to client
sandbox boundaries
Sandbox Boundaries
  • Off-box connections, http, web services, etc
  • Enterprise features (Search, BCS, etc.)
  • Threading
  • P-Invoke
  • IO
  • Other sites








compiling vs executing sandboxed solutions
Compiling vs. Executing Sandboxed Solutions
  • Visual Studio 2010uses IntelliSense tohide full-trust types
  • All code is compiled against the full API
  • Thus, no “sandbox” check at compile time… only at runtime
  • Workaround: change the Microsoft.SharePoint.dll project reference to reference the sandbox’s version
    • [..]\14\UserCode\Assemblies\Microsoft.SharePoint.dll
    • NOTE: Switch it back before deployment!
      • Use this as a temporary test - do not deploy code that references the sandbox’s assembly



Full Object Model

Subset Object Model


breaking out of the sandbox
Breaking out of the Sandbox
  • External Lists via SPList
  • Full-Trust Proxy
load balancing
Load Balancing
  • Sandboxed solutions can be run in two modes
    • Local Mode
      • Execute code on the SharePoint WFE
      • Low administration overhead
      • Lower scalability
    • Remote Mode
      • Execution on back-end farm machine
        • Via dedicated service applications
      • Load balanced distribution of code execution requests
solution validation
Solution Validation
  • [GuidAttribute("34805697-1FC4-4b66-AF09-AB48AC0F9D97")]
  • publicclassPublisherValidator:SPSolutionValidator{
  • publicoverridevoidValidateSolution(
  • SPSolutionValidationProperties properties){
  • properties.Valid = [true || false];
  • properties.ValidationErrorMessage = “no soup for you”;
  • }
  • publicoverridevoidValidateAssembly(
  • SPSolutionValidationPropertiesproperties,
  • SPSolutionFileassembly){
  • }
  • }
sandbox solution monitoring how it works
Sandbox Solution MonitoringHow it works
  • Site collection quotas specify the warning and hard limits for number of resources that can be used per day
  • Sum of resource measures are taken across solutions deployed to site collection
    • I.e., add up CPU Points for all solutions
  • Max of resource utilization measures checked against site collection quota to determine if it should be throttled/blocked
monitored resources
Monitored Resources

You can tweak these values to fit your need…

sandbox solution monitoring case study
Sandbox Solution MonitoringCase Study
  • A solution has executed 40 SQL queries (via the SharePoint OM)
  • One point for SQL is 400 queries
  • Means for SQL it’s consumed .1 resource points 
  • So the resource usage is for the day for that solution is .1 resource points + other counters
  • Introducing Sandboxed Solutions
  • Executing Code in the Sandbox
  • Building Sandbox Solutions
  • Sandbox Resource Monitoring

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.