in

Dot Net Mafia

Group site for developer blogs dealing with (usually) Ionic, .NET, SharePoint, Office 365, Mobile Development, and other Microsoft products, as well as some discussion of general programming related concepts.

This Blog

Syndication

Archives

Corey Roth [MVP]

A SharePoint MVP bringing you the latest time saving tips for Ionic, SharePoint, and Office 365.

New level of trust in SharePoint 2013 Preview

When it comes to development, the introduction of the application model overshadows many of the other new things happening in SharePoint 2013 development.  I noticed one particular change as I was working on a new slide deck regarding the change to the default trust level of a web application.  In SharePoint 2007 and SharePoint 2010, the Trust element was set to a value of WSS_Minimal.  Effectively what this did was it meant that any DLL deployed to the web application bin folder was untrusted.  This meant your code had to either run in the GAC (giving it full trust) or you had to specify Code Access Security (CAS) policies to enable partial trust.  CAS policies were quite complicated and most SharePoint developers did not know how to implement them.  However, in the 2007 days I was a big fan of them and got many developers started with this blog post and later with this post for SharePoint 2010.

In SharePoint 2013 Preview, this changes.  The trust level is now set to Full. 

  </providers>

</siteMap>

<trust level="Full" originUrl="" legacyCasModel="true" />

<webParts>

  <transformers>

According to the very little information I have found on the topic this is due to the fact that .NET 4.0 has a new CAS model.  The legacyCasModel attribute is set to true to enable previously written code with CAS policies to still function.  What this means is that code can now be deployed to the bin folder (which is faster) and it will have the same permissions as if deployed to the GAC.  Now what this means from a security stand point is up for debate I am sure.  However when Visual Studio 2010 came out everyone started deploying to the GAC any ways since it was just so much easier.  In reality, it probably doesn’t affect things much in the scheme of things.  Of course if you are developing sandboxed solutions or for the new app model this makes little difference to you.  I still thought it was an interesting change.

Comments

 

SpharePoint 2013 Bin Deployment Trust Level « Sladescross's Blog said:

Pingback from  SpharePoint 2013 Bin Deployment Trust Level &laquo; Sladescross&#039;s Blog

August 13, 2012 5:44 AM
 

SharePoint Daily » Blog Archive » SharePoint Upgrade Headache; Transitioning to Cloud Computing; Microsoft Building 3 Million Surface Tablets said:

Pingback from  SharePoint Daily  &raquo; Blog Archive   &raquo; SharePoint Upgrade Headache; Transitioning to Cloud Computing; Microsoft Building 3 Million Surface Tablets

August 20, 2012 7:39 AM
 

SharePoint Daily said:

As it turns out, 5 days last week wasn&#39;t enough. - Dooley Top News Stories The SharePoint Upgrade

August 20, 2012 7:48 AM
 

Bob said:

I have noticed that because of this change any MVC 4 applications that are hosted as a sub applications under the SharePoint 2013 iis application now throw an error:  “Dynamic operations can only be performed in homogenous AppDomain” when trying to access the ViewBag.  Is there any way to fix this?

August 29, 2012 7:48 PM
 

Integrating Facebook into SharePoint « SPMatt said:

Pingback from  Integrating Facebook into SharePoint &laquo; SPMatt

February 1, 2013 6:22 AM
 

SharePoint Upgrade Headache; Transitioning to Cloud Computing; Microsoft Building 3 Million Surface Tablets – Bamboo Solutions said:

Pingback from  SharePoint Upgrade Headache; Transitioning to Cloud Computing; Microsoft Building 3 Million Surface Tablets &#8211; Bamboo Solutions

June 6, 2016 2:45 AM

Leave a Comment

(required)  
(optional)
(required)  
Add

About CoreyRoth

Corey Roth is an independent SharePoint consultant specializing in ECM, Apps, and Search.
2018 dotnetmafia.
Powered by Community Server (Non-Commercial Edition), by Telligent Systems