关于SharePoint代码安全访问的问题先阅读这篇文章,本文讲述如何为自己的Webpart程序集赋予完全信任级别的运行权限.
1 按照通常做法,将wss_mediumtrust.config另存为xqyi_full.config
2 在xqyi_full.config定位到NamedPermissionSets一节的最后加上以下子节:
<PermissionSet
class="NamedPermissionSet"
version="1"
Unrestricted="true"
Name="XqyiSPSPermission"
Description="Allows full access to Xqyi's assemblies "
/>
class="NamedPermissionSet"
version="1"
Unrestricted="true"
Name="XqyiSPSPermission"
Description="Allows full access to Xqyi's assemblies "
/>
3 在Xqyi_full.config文件中定位到class=FirstMatchCodeGroup的CodeGroup节点,紧跟其后添加以下节点:
<CodeGroup
class="UnionCodeGroup"
version="1"
PermissionSetName="XqyiSPSPermission">
<IMembershipCondition
class="UrlMembershipCondition"
version="1"
Url="$AppDirUrl$/bin/Xqyi.SharePoint.Webpart.dll"
/>
<IMembershipCondition
class="UrlMembershipCondition"
version="1"
Url="$AppDirUrl$/bin/Xqyi.SharePoint.Extend.dll"
/>
</CodeGroup>
class="UnionCodeGroup"
version="1"
PermissionSetName="XqyiSPSPermission">
<IMembershipCondition
class="UrlMembershipCondition"
version="1"
Url="$AppDirUrl$/bin/Xqyi.SharePoint.Webpart.dll"
/>
<IMembershipCondition
class="UrlMembershipCondition"
version="1"
Url="$AppDirUrl$/bin/Xqyi.SharePoint.Extend.dll"
/>
</CodeGroup>
注意此处我申明了两个DLL程序集,在实际运行环境中Webpart程序集牵涉到的程序集都需要在此申明
4 保存Xqyi_full.config文件
5 打开SPS站点下的Web.config,定位到securityPolicy节点,添加以下申明:
<securityPolicy>
<trustLevel name="Xqyi_full" policyFile="D:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\config\xqyi_full.config" />
</securityPolicy>
<trustLevel name="Xqyi_full" policyFile="D:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\config\xqyi_full.config" />
</securityPolicy>
6 定位到Web.config中的trust节点,将level属性设置为xqyi_full,如下:
<trust level="Xqyi_full" originUrl="" />
7 重新启动IIS以上修改生效
完成后自己编写的程序集在Web站点拥有完全信任级别,完整的权限策略文件示例这里下载