Friday, May 10, 2013

Sandboxed solutions in SharePoint 2010

  • A sandboxed solution, in contrast to a farm solution, enables site collection administrators to install custom solutions in SharePoint Foundation without the involvement of a higher-level administrator.

The following are important aspects of the sandboxed solution system.
·         Like a farm solution, a sandboxed solution is packaged for installation in a solution package (.wsp) file.
  • Each site collection has a solution gallery that is used to store all sandboxed solutions.
  • The sandboxed solutions run in an environment that has access to a subset of the SharePoint Foundation server object model and a subset of the Microsoft .NET Framework 3.5 assemblies. Code in a sandboxed solution must also run under a significantly restricted Code Access Security (CAS) policy.
  • The server farm administrator can set resource usage limits to protect the server from malicious or inefficient code. Facilities are provided to help server farm administrators monitor solutions that are uploaded to these galleries. Performance can be monitored by using multiple types of measures, including CPU execution time, memory consumption, and database query time.
  •  Farm administrators can impose additional restrictions by using custom solution validators that validate each new sandboxed solution when it is activated on a site collection.
·         There are techniques that enable a sandboxed solution to escape some restrictions. The two most important techniques are as follows:
o    A farm administrator can install, as a farm solution, a full trust proxy that provides, to sandboxed solutions, some operations that sandboxed solutions cannot perform directly.
o    Pages, Web Parts, and controls that are deployed in sandboxed solutions can include code that runs against one of the SharePoint Foundation client-side object models (for .NET Framework, for Microsoft Silverlight, or for JavaScript). Code that runs on the client computer is not subject to any of the code execution or resource usage restrictions.
·         Techniques for localizing sandboxed solutions are different from the most commonly used techniques for localizing farm solutions.
  • When a farm administrator believes that a sandboxed solution has proved itself safe and responsible in resource usage, it can be redeployed as a farm solution without modification or developer involvement.
  • Windows SharePoint Services (WSS) 3.0 allows you to deploy solutions only to the farm level, but Microsoft SharePoint Foundation 2010 allows you to deploy to either the farm level (farm solution) or the site collection level (sandboxed solution).

The term user is sometimes used in place of sandboxed, especially in the object model for the sandboxed solutions system. For example, the namespace with the primary APIs for the system is Microsoft.SharePoint.UserCode, and the service that governs sandboxed solution execution is called SharePoint 2010 User Code Host in the Windows Services dialog box on front-end web servers. (In the Central Administration application, it is called Microsoft SharePoint Foundation Sandboxed Code Service.) This reflects an earlier name for what are now called sandboxed solutions.

Sandboxed Solution Limitations:

When a sandboxed solution is deployed, the array of SharePoint functionality available to it is limited to help reduce any security vulnerabilities it may have. Some of these limitations include the following:
·         Potentially vulnerable SharePoint project templates, such as site definitions and workflows, are not available.
·         SharePoint runs sandboxed solution code in a process (SPUCWorkerProcess.exe) separate from the main IIS application pool (w3wp.exe) process.
·         Mapped folders cannot be added to the project.
·         Types in the Microsoft SharePoint Server 2010 assembly Microsoft.Office.Server cannot be used in sandboxed solutions. Also, only types in the Microsoft SharePoint Foundation 2010 assembly Microsoft.SharePoint can be used in sandboxed solutions.
It is important to note that specifying a SharePoint solution as a sandboxed solution has no effect on SharePoint server; it only determines how the SharePoint project is deployed to SharePoint from Visual Studio and what assemblies it binds to. It does not affect the generated .wsp file, and the .wsp file has no data that directly correlates to the Sandboxed Solution property.

Capabilities and Elements in Sandboxed Solutions:

Sandboxed solutions support the following capabilities and elements:
·         Content Types/Fields
·         Custom actions
·         Declarative workflows
·         Event receivers
·         Feature callouts
·         List Definitions
·         List Instances
·         Module/files
·         Navigation
·         Onet.xml
·         SPItemEventReceiver
·         SPListEventReceiver
·         SPWebEventReceiver
·         Support for all Web Parts that derive from System.Web.UI.WebControls.WebParts.WebPart
·         Web Parts
·         WebTemplate feature elements (instead of Webtemp.xml)
·         Visual Web Parts

Sandboxed solutions do not support the following capabilities and elements:

·         Application Pages
·         Custom Action Group
·         Farm-scoped features
·         HideCustomAction element
·         Web Application-scoped features
·         Workflows with code

No comments:

Post a Comment

SharePoint Deployment Error : The specified path, file name, or both are too long.

Hi, Sometimes we get surprised with below error while deploying wsp file... Solution : To overcome with this issue, we just ne...