What are Sandbox Solutions in SharePoint?

The solutions that are developed for SharePoint can be directly deployed to the farm, but there runs a risk that incase there is any malicious code then the whole farm might be affected. In order to avert any such situation the concept of Sandbox has been developed.

Sandbox is a restricted area within the farm, with access to minimal resources, where the users can test their solutions without affecting the running of the farm. The solutions that are being deployed to the sandbox is known as Sandbox Solutions and can only access data from within the site collection where it has been deployed. Since Sandboxed solutions cannot affect the whole server farm, they do not have to be deployed by a farm administrator. Sandboxed solutions can be deployed by a site collection administrator or, in certain situations, by a user who has the Full Control permission level at the root of the site collection. However, only a farm administrator can configure Sandboxed solutions–related settings such as load balancing, tiers, quotas and resource points and only a farm administrator can promote a Sandboxed solution to run directly on the farm, outside the Sandboxed environment.

One major difference in the deployment is Farm solutions are installed and deployed. Sandboxed solutions are uploaded and activated.

The processes that are being used are as follows:
  • SPUCWorkerprocess.exe - responsible for the execution of the sandbox code
  • SPUCWorkerProcessProxy.exe - handles the calls to the SP objects
  • SPUCHostService.exe
The benefits are as follows:
  • Sandbox solutions can be added to the production environment without affecting the other processes running within the farm.
  • The sandbox solutions can be deployed by the site collection administrator thus freeing up the farm administrator.
  • Scalability and flexibility are increased because sandboxes run in a separate process that can be restricted by quotas, and their effect on the farm can be monitored.
  • A solution does not have to be modified or recompiled if it is moved from a sandbox to running directly on the farm.
The limitations that are there are as follows:
  • No Security Elevation - the code RunWithElevatedPriviledges are not allowed, no access to the SPSecurity namespace.
  • No Email Support - no access the SPUtility.SenMail class, one has to use the SMTP class to send out the mails.
  • No support/access to the Microsoft.SharePoint.WebPartPages namespace.
  • No support for external web services to ensure security.
  • No GAC deployment - the solutions are not stored in the physcial file path that is the 14 hive nor does it have access to the GAC. Sandbox soltuions can be found in C:\ProgramData\Microsoft\SharePoint\UCCache at runtime.
  • No Visual Web Parts are allowed in sandbox solutions only web parts, event receivers, designer workflows, feature receivers and infopath business logic is allowed.

Comments

Post a Comment

Popular posts from this blog

jQuery Basics

jQuery Introduction The files needed to run a jQuery function can be downloaded from the URL mentioned below: http://jquery.com/download/ There are actually two versions of the file that is available, the first one id the minified and compressed version, jquery-1.10.1.min.js , which is basically used for the production environment and the other is the full version, uncompressed and readable, which is used for the development environment. If somebody does not want to download the file, they can use it from the CDN (Content Delivery Network) provided both by Google and Microsoft, the details are here under: Google - http://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js Microsoft - http://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.1.min.js Note:  If you look at the Google URL above - the version of jQuery is specified in the URL (1.10.1). If you would like to use the latest version of jQuery, you can either remove a number from the end of the version st...
Read more

What is the difference between a Page Layout and Master Page in SharePoint?

A Page Layout is nothing but a template which when used in conjuncture with the Master Page gives the look and feel and contents of the page. Each page layout has an associated content type that determines the kind of content that can be stored on pages based on that page layout. Master Pages and Page Layouts dictate the overall look and feel of your SharePoint site. Master Pages contain controls that are shared across multiple page layouts, such as navigation, search, or language-preference for multilingual sites. Page layouts contain field controls and Web Parts. All page layouts reference a master page that is based on the CustomMasterUrl property of the SPWeb class. The top-level SharePoint Server site for a site collection hosted on SharePoint Server 2010 has a special document library called the Master Page and Page Layout Gallery. All Page Layouts and Master Pages are stored in this document library. Reference: http://blog.beckybertram.com/Lists/Posts/Post...
Read more

Accessing data from SharePoint 2010 to an ASP.NET application

Image
In order to access the SharePoint lists and document libraries data from a native ASP.NET application we need to make use of the web services that have been provided. The full list of the web services available from within SharePoint 2010 can be found here http://www.etechplanet.com/blog/sharepoint-web-services-7c-list-of-all-web-services-available-with-wss-30moss-2007.aspx The steps to access the web service are as follows: Create a native ASP.NET web application Add a reference of the web service Create an object of the web site Pass on to the web service object the credentials using which the access will be authorized Retrieve the results using the appropriate method
Read more