I'm looking for a way to automate the deployment of a custom CAS policy in SharePoint.
What i would like to achieve is the following:
All assemblies that have been built and signed by our build server (with a secret key) should run in SharePoint under the 'higher than normal' trust level.
Now I can manually edit the cas policy files to include something like this:
<CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="MyPermissionSet" Name="[My Company public key]" Description="Grants all ">
<IMembershipCondition class="StrongNameMembershipCondition" version="1" PublicKeyBlob="[public key goes here]" />
</CodeGroup>
And that works great. However, we have several huge sharepoint f开发者_StackOverflowarms, with many applications running on it. I'd like to avoid having to manually edit all policy files to include this xml snippet.
Is there a way to automate this? For example, from a feature?
With kind regards, Erwin van der Valk
Hope you're familiar with .wsp files. This is a standard way to deploying anything to the farm. You can also deploy CAS policy entries though a wsp file. (Maybe you'll want to create a wsp file just for your cas policy). wsp files are the same as cab files, just renamed. Inside a wsp file lives manifest.xml in which you can define what changes to the CAS file you want to apply. The great thing about doing it this way that its reversible by uninstallaing the WSP. I've seen several different approaches to deploying CAS policies including having your custom policy file as part of your wsp and it gets deployed just like any other file.
You should google wsp cas policy manifest.xml for further tutorials.
Hope this helps..
This is what I have done to automate the deployment of CAS policies of my WebPart:
Inside my .wsp file, I have a Manifest.xml file with this content:
<?xml version="1.0" encoding="utf-8" ?>
<Solution SolutionId="0C006FE3-919D-4a2a-9CF0-FEA66A0A91E4" xmlns="http://schemas.microsoft.com/sharepoint/" >
<Assemblies>
<Assembly Location="MyWebPart.dll" DeploymentTarget="WebApplication">
<ClassResources>
<ClassResource Location="MyWebpart_log.config" />
<ClassResource Location="combo.css" />
<ClassResource Location="combo.js" />
<ClassResource Location="img/arrow.png" />
<ClassResource Location="img/coordination.gif" />
<ClassResource Location="img/dt-arrow-dn.png" />
<ClassResource Location="img/dt-arrow-up.png" />
<ClassResource Location="img/loading.gif" />
<ClassResource Location="img/menu-button-arrow.png" />
<ClassResource Location="img/spinner.gif" />
<ClassResource Location="img/split-button-arrow.png" />
<ClassResource Location="img/sprite.png" />
</ClassResources>
<SafeControls>
<SafeControl Assembly="MyWebPart, Version=1.0.0.0, Culture=neutral, PublicKeyToken=017e953639e07a31"
Namespace="MyWebPart" TypeName="*" Safe="True" />
</SafeControls>
</Assembly>
<Assembly Location="log4net.dll" DeploymentTarget="WebApplication">
<SafeControls>
<SafeControl Assembly="log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821"
Namespace="MyWebPart" TypeName="*" Safe="True" />
</SafeControls>
</Assembly>
</Assemblies>
<CodeAccessSecurity>
<PolicyItem>
<PermissionSet class="NamedPermissionSet" version="1" Name="MyWebPartPermissionSet"
Description="Permission set for My Web Part">
<IPermission class="AspNetHostingPermission" version="1" Level="Medium" />
<IPermission class="System.Net.DnsPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1" Unrestricted="true" />
<IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Execution" />
<IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True" />
<IPermission class="Microsoft.SharePoint.Security.WebPartPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
version="1" Connections="True" />
<IPermission class="System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1">
<ConnectAccess>
<URI uri=".*"/>
</ConnectAccess>
</IPermission>
</PermissionSet>
<Assemblies>
<Assembly Name="MyWebPart" />
</Assemblies>
</PolicyItem>
<PolicyItem>
<PermissionSet class="NamedPermissionSet" version="1" Name="Log4NetForMyWebPart"
Description="Permission set for Log4Net (logging library used by the My Web Part">
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="Execution" />
<IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
</PermissionSet>
<Assemblies>
<Assembly Name="log4net" />
</Assemblies>
</PolicyItem>
</CodeAccessSecurity>
</Solution>
You will have to dig into the MS documentation for the Permissions you need because it took me a while to figure out which ones I need.
The .wsp file was created with the command:
cabarc -r -p N ..\MyWebPart-1.0.0.wsp *
(I downloaded cabarc from the Microsoft website, but I don't remember exactly where)
To deploy the Web Part solution into SharePoint I use these commands:
cd C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\bin
stsadm.exe -o addsolution -filename MyWebPart-1.0.0.wsp
stsadm.exe -o deploysolution -name MyWebPart-1.0.0.wsp -immediate -allcontenturls -allowCasPolicies
stsadm.exe -o execadmsvcjobs
The allowCasPolicies parameter is necessary because the solution contains CAS policies. Without it, they will not be added to the web.config file of SharePoint.
精彩评论