SharePoint 2010 Sandboxed Solution Considerations

The sandbox solution is a feature included in Microsoft SharePoint 2010 that enables site collection users to upload their own custom code solutions. A common sandbox solution is for users to upload their own Web parts.

sandboxed SharePoint applications run in a secure, monitored process that can access only a limited portion of the Web farm. Microsoft SharePoint 2010 enables sandboxed solutions with a combination of features, solution libraries, solution monitoring, and validation frameworks.

Specify the project trust level

Visual Studio supports sandboxed solutions with a Boolean project property named Sandboxed Solution. You can set this property at any time in your project, or you can specify this property when you create a project in the SharePoint Customization wizard.

If you set the Sandboxed Solution property to False, or if you select the Deploy as Farm solution option, the solution will be treated as a field-scoped solution. However, if you set the Sandboxed Solution property to True, or if you select the Deploy as sandboxed option in the wizard, the solution will not be treated as a farm solution.

SharePoint Site Hierarchy

To understand how sandboxed solutions work, it can be useful to know that the scope of a SharePoint site is layered. The top element is called a Web farm, and the other elements are subordinate to the top element:

Web Farm
    WEB Application A
        Site Collection A1
            Website A1A
    WEB Application B
        Site Collection B1
            Website B1a
            Website B1b
        Site Collection B2
            Website B2A

As you can see, a Web farm may contain one or more Web applications, and a Web application can contain one or more site collections, and a site collection can contain subsites, and so on. Changes made to a site collection affect only the site collection, not other site collections. However, changes made at the Web farm level affect all site collections in that farm.

Windows SharePoint Services (WSS) 3 only allows you to deploy the solution to the presence level, while Microsoft SharePoint Foundation 2010 Allows you to deploy the solution to the presence level (farm solution) or site collection level (sandboxed solution).

Why use a sandbox solution?

In WSS 3.0, only the solution can be deployed to the presence level. This means that potentially harmful or unstable solutions can be deployed to affect the entire Web farm and all other site collections and applications running in the field. However, by using a sandboxed solution, you can deploy the solution to the subregion of the presence (a specific site collection). In order to provide additional protection, the assembly of the solution is not loaded into the primary IIS process (w3wp.exe) but is loaded into a separate process (SPUCWorkerProcess.exe). This process is monitored and quotas and throttling are implemented to prevent sandboxed solutions that perform harmful activities, such as a compact cycle that consumes CPU cycles, in the farm.

Site Collection Solution Gallery

Windows SharePoint Services 2010 contains a feature called the site Collection Solution Gallery, by clicking the site actions, the site settings, the libraries, and the on the SharePoint 2010 Central Administration page in turn Solution, you can access this feature. Solution libraries are repositories of solutions that site collection administrators can use to manage solutions in their site collections.

The solution gallery is a document library that is stored in the root web directory of the SharePoint site. The solution library replaces the site template and supports the solution package. When you upload a SharePoint solution package (. wsp) file, the file is processed as a sandboxed solution.

Sandbox Solution Limitations

When you deploy a sandbox solution, the SharePoint feature set available for sandboxed Solutions is limited, which helps reduce any security vulnerabilities that it may have. Some of these limitations include:

A sandboxed solution can only deploy solution elements with a limited portion. SharePoint project templates, such as site definitions and workflows, that may be vulnerable to attack will not be available.

SharePoint runs sandboxed solution code in a process that is independent of the main IIS application pool (w3wp.exe) process (SPUCWorkerProcess.exe).

You cannot add a mapped folder to your project.

You cannot use types from Microsoft SharePoint Server 2010 Assembly Microsoft.Office.Server in a sandboxed solution. Instead, you can use types in the Microsoft SharePoint Foundation 2010 Assembly Microsoft.SharePoint only in a sandboxed solution.

It is important to note that specifying a SharePoint solution as a sandbox solution has no effect on SharePoint Server; This only determines how the SharePoint project is deployed from Visual Studio to SharePoint and the The assembly to which the mesh will be bound. This does not affect the generated. wsp file, and the. wsp file does not contain data that is directly associated with the Sandboxed Solution property.

Features and elements in a sandbox solution

Sandboxed solutions support the following features and elements:

List definition

List Instances

ONET.xml

Webtemplate feature Element (not webtemp.xml)

Content Type/Field

Navigation

Module/File

Feature Callout

Web Parts-web Parts

Support for all WEB parts that derive from System.Web.UI.WebControls.WebParts.WebPart

Event Receiver

Spitemeventreceiver

Splisteventreceiver

Spwebeventreceiver

Custom Actions

Declarative Workflows

Sandboxed solutions do not support the following features and elements:

Visual Web part

Application Page

Custom Action Group

hidecustomaction element

Content Type Bindings

Functionality within the scope of a WEB application

Functions within a field scope

Workflows that contain code