It is important to understand the architecture of how sandbox solutions work before we can talk about restrictions and Proxies.
The word "sandbox" in computers is generally used to refer to a safe area where you can play, without damaging the outside hosting environment. The sandbox in SharePoint is implemented as a separate process where your sandbox solution code will run. In fact, there are three processes.
SPUCHostService.exe
Also known as the User Code Service. This service runs on each server on the farm that we are going to allow to work in the sandbox.
This is an important consideration, because this constitutes an important part around the administration of sandbox solution infrastructure, namely the load balancing aspects. Which you will be deciding while enabling the service.
How to enable it?
Central Admin --> System Settings --> Manage Services on Server
SPUCWorkerProcess.exe
The sandbox worker process is where your actual code runs! This is in contrast to having the code run inside of w3wp.exe. This is why you don't have to restart the application pool every time your redeploy an sandbox solution.
If you wish to debug a sandbox solution, and for any reason why F5 debugging is not working, you will need to attach your visual studio debugger to the SPUCWorkerprocess.exe process.
It is important to note however that the sandbox solution management infrastructure of SharePoint 2010 can choose to destroy the SPUCWorkerProcess.exe anytime your code tries doing something naughty, such as an infinite resource crunching loop! So, during debugging, don't be too surprised if SharePoint kills your process without asking first.
SPUCWorkerProcessProxy.exe
Inside the SPUCWorkerProcess.exe sandbox, you have the ability to run only a subset of the Microsoft.SharePoint namespace. What does that subset include? In sandbox solutions, you are free to use the following:
All we need to do are:
The word "sandbox" in computers is generally used to refer to a safe area where you can play, without damaging the outside hosting environment. The sandbox in SharePoint is implemented as a separate process where your sandbox solution code will run. In fact, there are three processes.
SPUCHostService.exe
Also known as the User Code Service. This service runs on each server on the farm that we are going to allow to work in the sandbox.
This is an important consideration, because this constitutes an important part around the administration of sandbox solution infrastructure, namely the load balancing aspects. Which you will be deciding while enabling the service.
How to enable it?
Central Admin --> System Settings --> Manage Services on Server
CAD |
Enabling Service |
Selecting the Load Balancing Strategy |
SPUCWorkerProcess.exe
The sandbox worker process is where your actual code runs! This is in contrast to having the code run inside of w3wp.exe. This is why you don't have to restart the application pool every time your redeploy an sandbox solution.
If you wish to debug a sandbox solution, and for any reason why F5 debugging is not working, you will need to attach your visual studio debugger to the SPUCWorkerprocess.exe process.
It is important to note however that the sandbox solution management infrastructure of SharePoint 2010 can choose to destroy the SPUCWorkerProcess.exe anytime your code tries doing something naughty, such as an infinite resource crunching loop! So, during debugging, don't be too surprised if SharePoint kills your process without asking first.
SPUCWorkerProcessProxy.exe
Inside the SPUCWorkerProcess.exe sandbox, you have the ability to run only a subset of the Microsoft.SharePoint namespace. What does that subset include? In sandbox solutions, you are free to use the following:
- All of Microsoft.SharePoint, except
- SPSite constructor
- SPSecurity
- SPWorkItem and SPWorkItemCollection
- SPAlertCollection.Add
- SPAlertTemplateCollection.Add
- SPUserSolution and SPUserSolutionCollection
- SPTransformUtilities
- Microsoft.SharePoint.Navigation
- Microsoft.SharePoint.Utilities, except
- SPUtility.SendEmail
- SPUtility.GetNTFullNameandEmailFromLogin
- Microsoft.SharePoint.Workflow
- Microsoft.SharePoint.WebPartPages, except
- SPWebPartManager
- SPWebPartConnection
- WebPartZone
- WebPartPage
- ToolPane
- ToolPart
All we need to do are:
- Decide on what task you wish to perform in the full trust proxy, and implement it as a class that inherits from Microsoft.SharePoint.Usercode.SPProxyOperation
- Decide on what arguments need to be passed to the SPProxyOperation that you just created, this is a serializable class you implement that inherits from Microsoft.SharePoint.Usercode.SPProxyOperationArgs
- Compile the above to classes in a DLL, strong name the DLL, put it in the GAC.
- The above steps would create a full trust proxy, which you will then need to register for use with SharePoint.
- Finally, you consume the proxy in a sandbox solution using the SPUtility.ExecuteRegisteredProxyOperation method.
No comments:
Post a Comment