Out of the Box, Microsoft Office SharePoint Server provides you with the ability to read data using Business Data Catalog. At BDC Metaman we have been working on a solution that will allow you to update the data in your backend systems as well as read it. BDC Metaman will help you create your Application Definition Files without writing a line of code, and now allows you to generate and deploy web parts to SharePoint that updates your backend data as well, still without writing any code.
If you are new to BDC, then have a read of my white paper introducing BDC which is available for free download from our Lightning Tools home page or on my other blog.
Previously we have looked at how to setup Code Access Security properly for our Web Parts. This process obviously requires access to the SharePoint Server. So what if, we don't have access to the Server? What if, the Web Part is a commercial web part? Do we do what most vendors do and ask customers to put the DLL of our Web Part in the GAC? Or do we ask them to set the Web.Config Trust Level to WSS_Medium or even worse Full? Or do we give them complicated instructions on how to setup Code Access Security? Well, none of these need apply! What we can do is use the manifest.xml inside our WSP to specify any additional Permission Sets we require, and we can create a Union Code group in there.
When we deploy the Web Part Solution, A Copy of the currently set CAS policy file is made, renamed, amended, and added to the Web.Config.
So here is how to do it:
- Create a WSP solution for your web part. See this link on how to create a WSP. http://msdn2.microsoft.com/EN-US/library/aa543741.aspx
- Type the following code to setup a new Permission Set in the WSP. (The following example gives our web part the same permissions as SPRestricted, but also adds the SharePointPermission with Object Model access).
<>
class="NamedPermissionSet"
version="1"
Name="LightningTools">
<>
class="System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Level="Minimal"
/>
<>
class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Execution"
/>
<>
version="1"
Connections="True"
/>
<>
version="1"
ObjectModel="True"
/>
- Create the Union Code Group in order to ensure that code signed with our Public Key Blob gets the new Permission Set:
<>
Name = "LightningTools.KPIBDC"
PublicKeyBlob = "002400000480000094000000060200000024000052534131000400000100010055E1CAF1A2C193A4B6822A726B33FF2E197ACAB70E9BB7F7C03E7D9243EA82A2E67735C91F8E8E5290703C05DA6826F7186A640B42551259042F27CE55053442877B248123BA91F423E852A10F1BB625CEDD9EE43B7233780180FFB1941C8BE96D1CC22CD3E71C88C8E1DC2C93F9E6CAFE2B9DA07105A25362D8E085A33657AD"
Version = "1.0.0.0">
- Your completed manifest.xml should look like this:
< xmlns="http://schemas.microsoft.com/sharepoint/">
SolutionId="D5BF6893-8024-45c6-91A1-E35758013A03">
< Location="LightningTools.KPIBDC.dll">
DeploymentTarget="WebApplication">
< Namespace="LightningTools.KPIBDC">
TypeName="*" />
<>
class="NamedPermissionSet"
version="1"
Name="LightningTools">
<>
class="System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Level="Minimal"
/>
<>
class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Execution"
/>
<>
version="1"
Connections="True"
/>
<>
version="1"
ObjectModel="True"
/>
<>
Name = "LightningTools.KPIBDC"
PublicKeyBlob = "002400000480000094000000060200000024000052534131000400000100010055E1CAF1A2C193A4B6822A726B33FF2E197ACAB70E9BB7F7C03E7D9243EA82A2E67735C91F8E8E5290703C05DA6826F7186A640B42551259042F27CE55053442877B248123BA91F423E852A10F1BB625CEDD9EE43B7233780180FFB1941C8BE96D1CC22CD3E71C88C8E1DC2C93F9E6CAFE2B9DA07105A25362D8E085A33657AD"
Version = "1.0.0.0">
Last year I created a white paper on CAS for Administrators which has proved very popular. As a follow up, please see my other blog site for CAS for SharePoint Developers. http://www.brettlonsdale.com/spblog/Lists/Posts/Post.aspx?ID=4
Brett
Thank you to everyone who attended my presentation today at Internet World. Tomorrow my presentation is on Content Types at 12:30pm, for those of you who attended today, this presentation will expand nicely on what I did today. Thursday I am doing a talk on Site Definitions, so if you want an insight into that, come along. Details can be found here: http://www.internetworld.co.uk/content-management.html
If you happen to be at Internet World over the next two days, please pop over to our stand to meet us. We are on the Microsoft stand next to Bamboo Solutions, Sword, and 'Content & Code'.