Sharepoint:是否可以自动部署自定义CAS策略?

时间:2010-05-04 08:42:37

标签: sharepoint file policy cas

我正在寻找一种在SharePoint中自动部署自定义CAS策略的方法。

我想要实现的目标如下:

由我们的构建服务器构建和签名的所有程序集(使用密钥)应在“高于正常”信任级别的SharePoint中运行。

现在我可以手动编辑cas策略文件,包含以下内容:

        <CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="MyPermissionSet" Name="[My Company public key]" Description="Grants all ">
          <IMembershipCondition class="StrongNameMembershipCondition" version="1" PublicKeyBlob="[public key goes here]" />
        </CodeGroup>

这很有效。但是,我们有几个巨大的sharepoint服务器场,其上运行着许多应用程序。我想避免手动编辑所有策略文件以包含此xml片段。

有没有办法实现自动化?例如,从功能?

亲切的问候, Erwin van der Valk

2 个答案:

答案 0 :(得分:1)

希望您熟悉.wsp文件。这是将任何内容部署到服务器场的标准方法。您还可以通过wsp文件部署CAS策略条目。 (也许你只想为你的cas策略创建一个wsp文件)。 wsp文件与cab文件相同,只是重命名。在wsp文件中存在manifest.xml,您可以在其中定义要应用的CAS文件的更改。以这种方式做到这一点的好处是它可以通过卸载WSP来实现可逆性。我已经看到了几种不同的方法来部署CAS策略,包括将自定义策略文件作为wsp的一部分,并像其他任何文件一样进行部署。

你应该google wsp cas policy manifest.xml以获得进一步的教程。

希望这会有所帮助..

答案 1 :(得分:1)

这是我为自动部署WebPart的CAS策略所做的工作:

在我的 .wsp 文件中,我有一个包含此内容的 Manifest.xml 文件:

<?xml version="1.0" encoding="utf-8" ?>
<Solution SolutionId="0C006FE3-919D-4a2a-9CF0-FEA66A0A91E4" xmlns="http://schemas.microsoft.com/sharepoint/" >
    <Assemblies>
        <Assembly Location="MyWebPart.dll" DeploymentTarget="WebApplication">
            <ClassResources>
                <ClassResource Location="MyWebpart_log.config" />
                <ClassResource Location="combo.css" />
                <ClassResource Location="combo.js" />
                <ClassResource Location="img/arrow.png" />
                <ClassResource Location="img/coordination.gif" />
                <ClassResource Location="img/dt-arrow-dn.png" />
                <ClassResource Location="img/dt-arrow-up.png" />
                <ClassResource Location="img/loading.gif" />
                <ClassResource Location="img/menu-button-arrow.png" />
                <ClassResource Location="img/spinner.gif" />
                <ClassResource Location="img/split-button-arrow.png" />
                <ClassResource Location="img/sprite.png" />
            </ClassResources>
            <SafeControls>
                <SafeControl Assembly="MyWebPart, Version=1.0.0.0, Culture=neutral, PublicKeyToken=017e953639e07a31"
                             Namespace="MyWebPart" TypeName="*" Safe="True" />
            </SafeControls>
        </Assembly>
        <Assembly Location="log4net.dll" DeploymentTarget="WebApplication">
            <SafeControls>
                <SafeControl Assembly="log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821"
                             Namespace="MyWebPart" TypeName="*" Safe="True" />
            </SafeControls>
        </Assembly>
    </Assemblies>
    <CodeAccessSecurity>
        <PolicyItem>
            <PermissionSet class="NamedPermissionSet" version="1" Name="MyWebPartPermissionSet"
                           Description="Permission set for My Web Part">
                <IPermission class="AspNetHostingPermission" version="1" Level="Medium" />
                <IPermission class="System.Net.DnsPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
                             version="1" Unrestricted="true" />
                <IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                      version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
                <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
                    version="1" 
                    Flags="Execution" />
                <IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True" />
                <IPermission class="Microsoft.SharePoint.Security.WebPartPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 
                             version="1" Connections="True" />
                <IPermission class="System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
                             version="1">
                    <ConnectAccess>
                        <URI uri=".*"/>
                    </ConnectAccess>
                </IPermission>
            </PermissionSet>
            <Assemblies>
                <Assembly Name="MyWebPart" />
            </Assemblies>
        </PolicyItem>
        <PolicyItem>
            <PermissionSet class="NamedPermissionSet" version="1" Name="Log4NetForMyWebPart"
                           Description="Permission set for Log4Net (logging library used by the My Web Part">
                <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="Execution" />
                <IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                        version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
            </PermissionSet>
            <Assemblies>
                <Assembly Name="log4net" />
            </Assemblies>
        </PolicyItem>
    </CodeAccessSecurity>
</Solution>

您将需要深入了解MS文档中所需的权限,因为我需要一段时间才能找出我需要的权限。

.wsp 文件是使用以下命令创建的:

cabarc -r -p N ..\MyWebPart-1.0.0.wsp *

(我从微软网站下载 cabarc ,但我不记得到底在哪里)

要将Web部件解决方案部署到SharePoint,我使用以下命令:

cd C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\bin

stsadm.exe -o addsolution -filename MyWebPart-1.0.0.wsp

stsadm.exe -o deploysolution -name MyWebPart-1.0.0.wsp -immediate -allcontenturls -allowCasPolicies

stsadm.exe -o execadmsvcjobs

allowCasPolicies参数是必需的,因为解决方案包含CAS策略。没有它,它们将不会添加到SharePoint的web.config文件中。