Saturday, March 3, 2012

SharePoint 2010 Sandboxed limitation

SharePoint 2010 define a way of packaging called sandbox because old way of packaging is not suitable for shared environment. If there is a problem of package it will effect the environment. But new packaging technique will effect only sandbox's modules was deployed in this site collection.
Components of the sandbox:
  • User Code Service (SPUCHostService.exe). This is responsible for creating the sandbox worker processes that execute individual sandboxed solutions and for allocating requests to these processes.
  • Sandbox Worker Process (SPUCWorkerProcess.exe). This is the process in which any custom code in your sandboxed solution executes.
  • Sandbox Worker Process Proxy (SPUCWorkerProcessProxy.exe). This provides a full-trust environment that hosts the SharePoint API. This enables sandboxed solutions to make calls into the subset of the SharePoint object model that is accessible to sandboxed solutions.

But Sandbox has many limitations:

  1. You can use most of SharePoint API but you can only use current site collection. All you information must be saved in current site.
  2. No Security Elevation (You cannot impersonate). You can only run with current logged in user. You must give a user actual permission to access SharePoint item.
  3. No Email Support (You cannot send email). Only workaround start workflow with activity to send the mail but take care of needed permission to start workflow.
  4. You cannot use SharePoint Web Controls.(You can use asp net controls instead of it).
  5. You cannot do WebRequest connections,(http, web services, wcf, and etc). To access those use through javascript or silverlight.
  6. No GAC Deployment (Sandbox solutions are not stored in File System, they are stored in the database) C:\ProgramData\Microsoft\SharePoint\UCCache temporary for global assembly cache.
  7. Enterprise features (Search, BCS, etc.) are not allowed.
  8. CAS does not allow you to access database. All data storage in SharePoint List.
  9. CAS does not allow you access IO:
    • Global folders like “_layout” & “resources” are not authorized. To use resource file embed it in the dlls.
    • No Visual Webparts
    • No Custom workflow
    • Allow features depend on physical files are not allowed.
  10. No Threading.
  11. No P-Invoke
  12. Sandbox work in separate domain and initialize new page serialize some information to communicate with w3wp.exe.
    Serialized Information which can use in sandbox:
    • ID's of Form, Web Part Manager, Zone, Toolpane
    • Web Part properties
    • Options and properties of the Web Part and zone, such as chrome, zone customization, width, height...
    • View state
    • Control state
    • Server Variables (except APPL_PHYSICAL_PATH and PATH_TRANSLATED)
    • Request Headers
    • Input Stream
    • Current context (List Id, Item Id)
    • Query String

    Serialized Information which can use in sandbox:
    • The Cache object
    • Cookie
    • The ScriptManager or callback
    • The ClientScriptManager
    • The HttpRequest.Files collection (work with limited size to 128KB
    • The Master Page
    • Embedded resources (these are requested by the WebResource.axd and they cannot resolve the Sandboxed assemblies from the W3WP.exe process)
    • You cannot use redirection (Response.Redirect, Server.Transfer or SPUtility.Redirect)
    • You cannot export a Sandboxed Web Part (it will just export the SPUserCodeWebPart)
      • Also you cannot access page object (you cannot control hide or show controls in page like HideCustomAction and CustomActionGroup)
  13. PropertyBags of SharePoint Object model are not accessible
  14. ASP.NET 2.0 web controls are not fully working (those that are using “WebResource.axd” for internal binaries resources, as .axd extension is not allowed). Instead of embed them upload to SharePoint and refer to them as external resources.
  15. Also Sandbox limited number of resources used and deactivate sandbox solution if they reached limited number of resources. limitation depend in number of point limitation by administrator and calculated as this table:


    Metric Name
    Description
    Units
    Resources Per Point
    Hard Limit

    AbnormalProcessTerminationCount
    Process gets abnormally terminated
    Count
    1
    1

    CPUExecutionTime
    CPU exception time
    Seconds
    200
    60

    CriticalExceptionCount
    Critical exception fired
    Number
    10
    3

    InvocationCount
    Number of times solution


    has been invoked
    Count
    N/A
    N/A

    PercentProcessorTime
    Note: # of cores not factored in
    Percentage Units of Overall Processor Consumed
    85
    100

    ProcessCPUCycles


    CPU Cycles
    1E+11
    1E+11

    ProcessHandleCount


    Windows Handles
    10,000
    5,000

    ProcessIOBytes
    (Hard Limit Only) Bytes written


    to IO
    Bytes
    1E+07
    1E+08

    ProcessThreadCount
    Number of Threads


    in Overall Process
    Threads
    10,000
    200

    ProcessVirtualBytes
    (Hard Limit Only)


    Memory consumed
    Bytes
    1E+09
    4E+09

    SharePointDatabaseQueryCount
    SharePoint DB Queries Invoked
    Number
    400
    100

    SharePointDatabaseQueryTime
    Amount of time spent waiting


    for a query to be performed
    Seconds
    20
    60

    UnhandledExceptionCount
    Unhanded Exceptions


    50
    3

    UnresponsiveprocessCount
    We have to kill the process because it has become unresponsive
    Number
    2
    1

    For more details check URL:
    http://msn.microsoft.com/en-us/library/ff798382.aspx


Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)