通过自定义策略级别不起作用,为程序集提供对sharepoint的完全信任

时间:2009-05-07 07:09:03

标签: security sharepoint assemblies policy cas

我正在建造几个ucercontrols。这些用户控件将托管在return of the smartpart中。我面临的问题是我的装配与他们一起,没有适当的权利。

为了达到这个目的,你(基本上)有三个选择;
1.将网站设置为完全信任级别(显然不要这样,也不适合我。组装不受信任) 2.将组件放在gac中(也试过,也没用) 3.安全方面我想要的是给予我的议会一套特殊的权利。

这可以通过自定义信任文件来完成。这是我到目前为止所提出的,但它无法正常工作。有人能指出我正确的方向吗?

在安全类元素中添加了这两个子句; 

<SecurityClass Name="AssemblyOne" Description="MyAssemblies.AssemblyOne, Version=1.0.0.0, Culture=neutral, PublicKeyToken=132bddbb4f2e45f2"/>
<SecurityClass Name="AssemblyTwo" Description="MyAssemblies.AssemblyTwo, Version=1.2.0.0, Culture=neutral, PublicKeyToken=e5141be41498e913" />

在命名权限集

中添加了此子句 
        <PermissionSet
                class="NamedPermissionSet"
                version="1"
                Name="SPFULL"
                Unrestricted="true">
          <IPermission
                  class="AspNetHostingPermission"
                  version="1"
                  Level="Minimal"
                        />
          <IPermission
                  class="SecurityPermission"
                  version="1"
                  Flags="Execution"
                        />
          <IPermission class="WebPartPermission"
                  version="1"
                  Connections="True"
                        />
          <Assemblies>
            <Assembly Name="MyAssemblies.AssemblyOne" Version="1.0.0.0" PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010015fd63eb99fee087978556fcf698fae059d75307d1ee8e44486a349ea87843344440af9051d4434bac1d219b3a219d5f0ff50e8c0ed9eb7c07eab19d9ff0494ecaafc5ce1cb65d59ddd153b0f09790d6641af0325aaceb81c2e55c4610a1c18ae9f5a476de2282918a293726bce20aa932e06666b4e8b6885775b919a93a91a9" />
            <Assembly Name="MyAssemblies.AssemblyTwo" Version="1.2.0.0" PublicKeyBlob="00240000048000009400000006020000002400005253413100040000010001007da2bfd8e8ec53bd9caa8a5e3af2408cabd60b04c1df80bf8cbad447addaa8a7854818c77ea4f1ada3b73f33836b716999a5aac2475b22c676cedb3fe42cb2ebfba9dc20c04b1baab5a75ead6169b45d1dbef0bcbe82d5f862f954739ed100eaf41425eddd559aee883c055da038d0d8c2e998db799d6e1995ddea95a48eb0b4" />
          </Assemblies>
        </PermissionSet>

然后我在现有的“默认”代码组上面添加了这个子句; 

<CodeGroup
        class="UnionCodeGroup"
        version="1"
        PermissionSetName="SPFULL"
        Name="My first Web Part"
        Description="This code group grants the my first web part full permissions.">
        <IMembershipCondition
          class="StrongNameMembershipCondition"
          version="1"              PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010015fd63eb99fee087978556fcf698fae059d75307d1ee8e44486a349ea87843344440af9051d4434bac1d219b3a219d5f0ff50e8c0ed9eb7c07eab19d9ff0494ecaafc5ce1cb65d59ddd153b0f09790d6641af0325aaceb81c2e55c4610a1c18ae9f5a476de2282918a293726bce20aa932e06666b4e8b6885775b919a93a91a9" />
        <IMembershcipCondition
          Class="StrongNameMembershipCondition"
          version="1"
          PublicKeyBlob="00240000048000009400000006020000002400005253413100040000010001007da2bfd8e8ec53bd9caa8a5e3af2408cabd60b04c1df80bf8cbad447addaa8a7854818c77ea4f1ada3b73f33836b716999a5aac2475b22c676cedb3fe42cb2ebfba9dc20c04b1baab5a75ead6169b45d1dbef0bcbe82d5f862f954739ed100eaf41425eddd559aee883c055da038d0d8c2e998db799d6e1995ddea95a48eb0b4"/>
      </CodeGroup>

有人能指出我如何做到这一点吗?

1 个答案:

答案 0 :(得分:0)

我没有看到如何将两个dll放入GAC或将web.config设置更改为FullTrust不起作用。你不能给它更多的权限。您确定您遇到的问题与安全性有关吗?如果您只在GAC中放置一个dll,您是否有[assembly:AllowPartiallyTrustedCallers()] - 属性?

只是旁注: 您应该将您的权限集放在WSP:manifest.xml中,以确保在部署功能时SharePoint为所有前端网站上的dll设置正确的权限。这将使管理更容易。

http://msdn.microsoft.com/en-us/library/aa543901.aspx

相关问题
最新问题