There are basically now three different ways to deploy custom assemblies:
•Full trust solutions - The assemblies are registered in the GAC and runs under full trust
•Partial trust solutions - The assemblies are deployed to the bin folder of a specific Web Application
•Sandboxed solutions - The assemblies (solutions) are deployed to the Site Collection gallery
Sandboxed Solutions
The Sandboxed Solutions runs inside the a special service, called Microsoft SharePoint Foundation Sandboxed Code Service, which is a completely and separate application domain than the SharePoint application pools. The Sandboxed solutions are monitored and if they consume to much resources or fails to many times SharePoint automatically shuts the solution down. The code running in a Sandboxed assembly does not have access to the full SharePoint API, basically it's just the classes from Site Collection level and below. The sandbox is also protected with a very minimal CAS policy which for example prohibits the user code solutions from calling web services, making database calls or accessing the file system.
Sandboxed solutions are deployed into the Solution gallery of a Site Collection and only access that Site Collection. They can be deployed without having any downtime of the farm or web application. Anyone within the Site Collection Administrators group can upload solutions to the gallery and activate them. Farm administrators controls how much resources each Sandbox can use and can also block specific solutions from running at all.
Pros Cons
Can easily be deployed by Site Collection Administrators Very limited CAS policy
Resource usage is monitored * Current uncertainty about the monitoring stability
Secure Hard to deploy in a farm
Great support in Visual Studio 2010
Only crashes the Sandbox if it blows
There is a timer job which is running every 15 minutes to check the resource usage. Based on this timer job it will block the solution from running.
Farm Solutions
The Farm solutions or full trust solutions adds the assembly to the Global Assembly Cache, GAC, which means that they can run without any CAS policies, i.e. under full trust. The assemblies can be accessed from any application in the farm. Full-trust solutions are the most common way to install solutions since it is easy and requires no knowledge of for instance CAS policies. The code running in a full trust solution has the same access as the application pool account to the local server and can do almost what it want with the server. Deploying Farm solutions should only be done with code that we really trust.
Only farm administrators can upload new farm solutions to the configuration database and most often an application pool recycle is needed, especially when updating solutions.
Pros Cons
Easy to implement Only Farm Administrators can add new solutions
Great support in Visual Studio 2010 Downtime when updating
Runs in full trust Have to much privileges
Can crash the whole server
Web Application Solutions
Solutions deployed to the web application bin directory was the way to go in SharePoint 2007 when we wanted/needed to secure our application using CAS. This partial trust option is still valid in SharePoint 2010. Web application deployed solutions by default only have a very minimal CAS policy applied. Using custom CAS policies it is easy to give more privileges to assembly. Installing these solutions also requires a Farm Administrator but they are only applied to specific Web Applications. Updating the assembly does not require an application pool recycle.
Visual Studio 2010 have support for Web Application deployment but not for custom CAS policies. We have to install the solution using PowerShell or create our own Visual Studio SharePoint Deployment Steps.
Pros Cons
Security policies can be configured and kept minimal Only Farm Administrators can add new solutions
Minimal downtime when upgrading No support OOB for custom CAS policies in Visual Studio 2010
Only crashes the web application
No comments:
Post a Comment