Configuration of Web Parts

You can read the connection from your web pat by using the WebConfigutationManager object available in the System.web.Configuration.

To add connection string to web.config you can use the SPWebConfigModification class ina feature event.

Code Access Security (CAS)

Code Access Security provides a security model that restricts operations that can be performed or resources that can be accessed by code. In the case of web parts it restricts or allows operations performed by the web part assembly.

We can use code access security to strike a middle ground between full trust farm solutions and very low trust sandboxed solutions.

Trust level

The defaul settings in web.cinfig of a Sharepoint web app give minimal trust to any webpart that is not in GAC. The cusotm trust levels that Sharepoint defines and runs under are wss_minimaltrust and wss_mediumtrust. The definitions of those levels are stored in files that can be found under {SharePointRoot}\Config.

In Package Designer, click the Manifest button

You can edit/merge the file to add CAS policy in it. Common permissions:

AspNetHostingPermissions – permission ot access ASP.NET Controls
SecurityPermissions – defines permissions, such as ControlThread, Assertion
SharepointSecurityPermission – access the object model and impersonation.
SystemSecurityPermission– access the environment.

<Assemblies>
<Assembly>MyWebPart</Assembly>
</Assemblies>

Means to ask Sharepoint to apply the security to this web part.

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: