zoukankan      html  css  js  c++  java
  • Understand Code Access Security of SPS

    Code access security is implemented by a series of configuration files.

    1. The first configuratin file of concern is machine.config located in C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG. This file specifies master settings that will be inherited by all SharePoint Services sites that run on the server.
        The following code shows the <securityPolicy> section of machine.config file associated with an installation of SPS.
        <securityPolicy>
            <trustLevel name="Full" policyFile="internal" />
            <trustLevel name="High" policyFile="web_hightrust.config" />
            <trustLevel name="Medium" policyFile="web_mediumtrust.config" />
            <trustLevel name="Low"  policyFile="web_lowtrust.config" />
            <trustLevel name="Minimal" policyFile="web_minimaltrust.config" />
        </securityPolicy>
       
    2. In addition, web.config file has a <securityPolicy> section that defines two additional levels of trust known as WSS_Medium and WSS_Minimal. The following code shows a default settings.
        <securityPolicy>
          <trustLevel name="WSS_Medium" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\config\wss_mediumtrust.config" />
          <trustLevel name="WSS_Minimal" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\config\wss_minimaltrust.config" />
        </securityPolicy>
       
    Web parts running under WSS_Minimal can not access any database server nor can they access the objects contained in the SharePoint object model.

    3. Customize Policy Files
    (1) Raise the trust level for all SharePoint Services sites by modifying the web.config file. Change the default settings of web.config from <trust level="WSS_Minimal" originUrl="" /> to
    <trust level="WSS_Medium" orginUrl="" />
     Now you set the trust level to WSS_Medium.

    (2) The GAC grants the Full level of trust to web parts. So the second option is to deploy all of web parts into the GAC.
    As a side note, you'll also have to restart IIS each time you recompile a web part into the GAC.
      gacutil -i [assembly.dll], this command line is used to deploy a web part into the GAC.
     
    (3) To Create your own custom policy file is the recommended best practice for production environments. However, this approach requires the most effort. You can refer to other documents if you are insterested in this method.

  • 相关阅读:
    程序员年后离职跳槽指南
    程序员年后离职跳槽指南
    程序员为什么会有职业瓶颈?
    程序员为什么会有职业瓶颈?
    年过35岁的程序员都去哪了?一张图道尽老程序员们的花样出路
    年过35岁的程序员都去哪了?一张图道尽老程序员们的花样出路
    对于Ping的过程,你真的了解吗?
    对于Ping的过程,你真的了解吗?
    shell解析命令行的过程以及eval命令
    shell的命令替换和命令组合
  • 原文地址:https://www.cnblogs.com/rickie/p/25732.html
Copyright © 2011-2022 走看看