Sunday 21 August 2011

Change trust level with custom policy file in Sharepoint


To give access to an assembly

1. Copy the wss_minimaltrust.config file.
2. Rename the file new_file_name.config.
3. Using a text editor such as NotePad, open new_file_name.config
4. Under the element, add a reference to the SharePointPermission class as follows:

5. Search for the tag where the name attribute equals ASP.Net.
6. Copy this entire tag and all of its children, and paste a copy of it immediately below the one you copied.
7. Change the name of the new PermissionSet element from ASP.Net to New_File_Name:
something like -

8. Add the following node to the element where the name attribute equals New_File_Name:

Therefore, the resulting customized will look as follows:

Once you define the customized element, you must create a code group to specify when the CLR should apply the permission set. By default, the AllCode code group is a FirstMatchCodeGroup in ASP.NET policy files. Therefore, the CLR stops assigning permissions to an assembly after the first match to a specific code group. To apply the custom permissions, you must declare the specific code group assigning the custom permissions to your assembly as the first code group within the AllCode group. This ensures that the CLR assigns the MyCustomPermissions permission set and stops without proceeding to the default $AppDirUrl$/* code group that is used to assign permissions based on whether the assembly is located in BIN directory.
In the following example, the membership condition for the new code group is based on strong name membership:


To retrieve the public key blob for an assembly, use the secutil.exe tool as follows:
secutil.exe -hex -s MyAssemblyName.dll
10. Save and close the file. The policy file is ready to use.
11. Open the web.config file for the virtual server extended with Windows SharePoint Services and add the following tag to the SecurityPolicy element:

In the web.config file, change the tag so that it refers to the newly defined trust level.

12. Save and close the web.config file.
13. Reset IIS, such as by using iisreset, to apply the custom policy to the specified virtual server.


Ads by Google

No comments:

Post a Comment