Building Sandbox Solutions for SharePoint 2010 Scott Jamison Managing Partner, Jornata LLC

Session Info Part 1: Why Sandboxed Solutions? Part 2: Building and Deploying a Sandboxed Solution Part 3: Managing Sandboxed Solutions

Part 1: Why Sandboxed Solutions?

Issues With SharePoint Solutions Non-code solutions (SPD, Lists) are easy to deploy but are limited Code-based solutions require either: ▫Lengthy deployment process (not agile), or ▫Developer access to production (not safe)

Sandboxed Solutions – Why?

Farm Solutions vs User Soluitons Farm Solution: Code is deployed in the solution store via stsadm –o addsolution, just like in MOSS 2007 User Solution: Code is uploaded via the solutions gallery directly by the user/developer ▫a.k.a. ‘Sandboxed Solutions’

Part 2: Building and Deploying a Sandboxed Solution

What is a ‘Sandbox’? A separate process for the Sandboxed solutions Limited functionality: ▫Subset of Microsoft.SharePoint API ▫Code Access Security policy Gallery for deployment ▫Site Collection Solution Gallery Administration for managing/monitoring solutions ▫Central administration

A Separate Process User Code Service (SPUCHostService.exe) Sandbox Worker Process (SPUCWorkerProcess.exe) Sandbox Worker Process Proxy (SPUCWorkerProcessProxy.exe)

A Subset of Microsoft.SharePoint API Microsoft.SharePoint Except SPSite constructor SPSecurity object SPWorkItem and SPWorkItemCollection objects SPAlertCollection.Add method SPAlertTemplateCollection.Add method SPUserSolution and SPUserSolutionCollection objects SPTransformUtilities Microsoft.SharePoint.Navigation Microsoft.SharePoint.Utilities Except SPUtility.Send method SPUtility.GetNTFullNameand FromLogin method Microsoft.SharePoint.Workflow Microsoft.SharePoint.WebPartPages Except SPWebPartManager object SPWebPartConnection object WebPartZone object WebPartPage object ToolPane object ToolPart object In concept: From the site collection down

Code Access Security Policy SharePointPermission.ObjectModel SecurityPermission.Execution AspNetHostingPermission.Level = Minimal Note: A fully-trusted “proxy class” can be created to gain access to additional resources

Solution Gallery Site Collection library located at /_catalogs/solutions Upload, delete, activate, deactivate, upgrade solutions

DEMO Building and Deploying a Sandboxed Solution

Supported Solution Types Content Types, Site Columns Custom Actions Declarative Workflows Event Receivers, Feature Receivers InfoPath Forms Services (not admin-appr) JavaScript, AJAX, jQuery, Silverlight List Definitions Non-visual web parts Site Pages SharePoint OnLine

Part 3: Managing Sandboxed Solutions

Central Administration Farm Management  Manage User Solutions Block Solutions Configure Load Balancing

Central Administration Farm Management  Site Collection Quotas Quotas Locks

Load Balancing Partial Trust can run in one of two modes Local Mode ▫Execute code on WFE ▫Low administration overhead ▫Lower scalability Remote mode ▫Execute on back-end farm machine ▫Load balanced distribution of code execution requests  Create custom Load balancers

Solution Monitoring Farm Administrators ▫Set absolute limits Site Administrators ▫Identify expensive solutions SharePoint Tracks Server Resources: CPU, Memory, SQL, Exceptions, Critical Errors, Handles, Threads, …

Resource ‘Quota’ Points AbnormalProcessTerminationCount CPUExecutionTime CriticalExceptionCount InvocationCount PercentProcessorTime ProcessCPUCycles ProcessHandleCount ProcessIOBytes ProcessThreadCount ProcessVirtualBytes SharePointDatabaseQueryCount SharePointDatabaseQueryTime UnhandledExceptionCount UnresponsiveprocessCount

Resource Quotas Central Admin Solution Gallery Measured in ‘Resource Points’

DEMO Managing Sandboxed Solutions

Summary Sandbox Solutions… ▫Balance agility and stability ▫Run in a separate process ▫Are built using Visual Studio 2010 ▫Use a subset of the SharePoint API ▫Are now the preferred solution type Contact Info: Scott Jamison