Contents
- Introduction to Code Access Security and SharePoint
- What Is Identity Security?
- What Is Code Access Security?
- Link Demands and Allowing Partially Trusted Callers
- Understanding the Components of CAS in ASP.NET
- Why CAS Is Important to SharePoint Administrators
- Why CAS Is Important to SharePoint Developers
- Working with CAS in SharePoint
- Best Practices for Managing CAS in SharePoint
- Real-World SharePoint and CAS Walkthrough
Code access security (CAS) was introduced in the first version of the Microsoft .NET Framework. However, many developers using the .NET Framework have not needed to address the details of how CAS worked in most custom applications and so could simply ignore CAS. The story is different for SharePoint developers. Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 make significant use of CAS for protection from malicious or dangerous code. All SharePoint developers should have a working knowledge of CAS so that they can identify and resolve security issues. All SharePoint administrators should have a working knowledge of CAS so that they can secure and manage their SharePoint servers and understand the implications of changing a Web application’s trust level for third-party components.
This article provides a brief introduction to CAS, and explains why CAS is important to both SharePoint administrators and developers. It also explains how SharePoint uses CAS, describes the different options available to developers and administrators to manage CAS, and walks through the process of identifying and modifying CAS for a sample application.