SharePoint 2010 define a way of packaging called sandbox because old way of packaging is not suitable for shared environment. If there is a problem of package it will effect the environment. But new packaging technique will effect only sandbox's modules was deployed in this site collection.
Components of the sandbox:
- User Code Service (SPUCHostService.exe). This is responsible for creating the sandbox worker processes that execute individual sandboxed solutions and for allocating requests to these processes.
- Sandbox Worker Process (SPUCWorkerProcess.exe). This is the process in which any custom code in your sandboxed solution executes.
- Sandbox Worker Process Proxy (SPUCWorkerProcessProxy.exe). This provides a full-trust environment that hosts the SharePoint API. This enables sandboxed solutions to make calls into the subset of the SharePoint object model that is accessible to sandboxed solutions.
But Sandbox has many limitations:
- You can use most of SharePoint API but you can only use current site collection. All you information must be saved in current site.
- No Security Elevation (You cannot impersonate). You can only run with current logged in user. You must give a user actual permission to access SharePoint item.
- No Email Support (You cannot send email). Only workaround start workflow with activity to send the mail but take care of needed permission to start workflow.
- You cannot use SharePoint Web Controls.(You can use asp net controls instead of it).
- You cannot do WebRequest connections,(http, web services, wcf, and etc). To access those use through javascript or silverlight.
- No GAC Deployment (Sandbox solutions are not stored in File System, they are stored in the database) C:\ProgramData\Microsoft\SharePoint\UCCache temporary for global assembly cache.
- Enterprise features (Search, BCS, etc.) are not allowed.
- CAS does not allow you to access database. All data storage in SharePoint List.
- CAS does not allow you access IO:
- Global folders like “_layout” & “resources” are not authorized. To use resource file embed it in the dlls.
- No Visual Webparts
- No Custom workflow
- Allow features depend on physical files are not allowed.
- No Threading.
- No P-Invoke
- Sandbox work in separate domain and initialize new page serialize some information to communicate with w3wp.exe.
Serialized Information which can use in sandbox:- ID's of Form, Web Part Manager, Zone, Toolpane
- Web Part properties
- Options and properties of the Web Part and zone, such as chrome, zone customization, width, height...
- View state
- Control state
- Server Variables (except APPL_PHYSICAL_PATH and PATH_TRANSLATED)
- Request Headers
- Input Stream
- Current context (List Id, Item Id)
- Query String
Serialized Information which can use in sandbox: - The Cache object
- Cookie
- The ScriptManager or callback
- The ClientScriptManager
- The HttpRequest.Files collection (work with limited size to 128KB
- The Master Page
- Embedded resources (these are requested by the WebResource.axd and they cannot resolve the Sandboxed assemblies from the W3WP.exe process)
- You cannot use redirection (Response.Redirect, Server.Transfer or SPUtility.Redirect)
- You cannot export a Sandboxed Web Part (it will just export the SPUserCodeWebPart)
Also you cannot access page object (you cannot control hide or show controls in page like HideCustomAction and CustomActionGroup)
- PropertyBags of SharePoint Object model are not accessible
- ASP.NET 2.0 web controls are not fully working (those that are using “WebResource.axd” for internal binaries resources, as .axd extension is not allowed). Instead of embed them upload to SharePoint and refer to them as external resources.
- Also Sandbox limited number of resources used and deactivate sandbox solution if they reached limited number of resources. limitation depend in number of point limitation by administrator and calculated as this table:
Metric Name | Description | Units | Resources Per Point | Hard Limit |
AbnormalProcessTerminationCount | Process gets abnormally terminated | Count | 1 | 1 |
CPUExecutionTime | CPU exception time | Seconds | 200 | 60 |
CriticalExceptionCount | Critical exception fired | Number | 10 | 3 |
InvocationCount | Number of times solution
has been invoked | Count | N/A | N/A |
PercentProcessorTime | Note: # of cores not factored in | Percentage Units of Overall Processor Consumed | 85 | 100 |
ProcessCPUCycles | | CPU Cycles | 1E+11 | 1E+11 |
ProcessHandleCount | | Windows Handles | 10,000 | 5,000 |
ProcessIOBytes | (Hard Limit Only) Bytes written
to IO | Bytes | 1E+07 | 1E+08 |
ProcessThreadCount | Number of Threads
in Overall Process | Threads | 10,000 | 200 |
ProcessVirtualBytes | (Hard Limit Only)
Memory consumed | Bytes | 1E+09 | 4E+09 |
SharePointDatabaseQueryCount | SharePoint DB Queries Invoked | Number | 400 | 100 |
SharePointDatabaseQueryTime | Amount of time spent waiting
for a query to be performed | Seconds | 20 | 60 |
UnhandledExceptionCount | Unhanded Exceptions | | 50 | 3 |
UnresponsiveprocessCount | We have to kill the process because it has become unresponsive | Number | 2 | 1 |
For more details check URL:
http://msn.microsoft.com/en-us/library/ff798382.aspx