两极人生,八度空间

Fight for my CISSP and PMP
首页 新随笔 联系 聚合 管理
  156 Posts :: 22 Stories :: 67 Comments :: 0 Trackbacks
MOSS webpart permission configuration details

The easiest way to allow Web Parts that access the SharePoint object model to work is to change the trust level from Minimal to Medium by changing this line in the web.config at the application root of your virtual server usually c:\inetpub\wwwroot

Original line 
 <trust level="WSS_Minimal" originUrl=""/>
New Line 
 <trust level="WSS_Medium" originUrl=""/>

This actual permission required is the permission

<SecurityClass Name="SharePointPermission" Description="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=11.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"/>

One other way to grant the permissions is to create a custom config file based on the WSS_Minimal.config file.

  •   Copy the WSS_Minimal.config to a new file say WSS_Custom.config.
  •   Add this entry just after the FirstMatchCodeGroup 
    <CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="FullTrust"
            Name="FlexnetConsult_Strong_Name"
            Description="This code group grants code signed with the Flexnet Consultants strong name full trust.">
            <IMembershipCondition
            class="StrongNameMembershipCondition"
            version="1"
            PublicKeyBlob="0024000004800000940000000602000000240000525341310004000001000100C1025338517698CFB3FA72D28A417CC414B65928CBB67318A55A49CC6156CEC7A54880E92394E75C9BEC62FF9FC664D7FD49A307181D60EDE92A6336FE85674A87F082949326A703615D7A036D079A70CD68C19342ED929D3AA77749271158B62B4BF4BE5E7F21AE315539A2159F43A06810E84B350104B8A9404535C46A6FB8"
            />
    </CodeGroup>

    it should look like this. 

    <CodeGroup class="FirstMatchCodeGroup" version="1" PermissionSetName="Nothing">
            <IMembershipCondition class="AllMembershipCondition"  version="1" />
            <CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="FullTrust"
            Name="FlexnetConsult_Strong_Name"
            Description="This code group grants code signed with the Flexnet Consultants strong name full trust.">
            <IMembershipCondition
            class="StrongNameMembershipCondition"
            version="1"
            PublicKeyBlob="0024000004800000940000000602000000240000525341310004000001000100C1025338517698CFB3FA72D28A417CC414B65928CBB67318A55A49CC6156CEC7A54880E92394E75C9BEC62FF9FC664D7FD49A307181D60EDE92A6336FE85674A87F082949326A703615D7A036D079A70CD68C19342ED929D3AA77749271158B62B4BF4BE5E7F21AE315539A2159F43A06810E84B350104B8A9404535C46A6FB8"
            />
           </CodeGroup>
    </CodeGroup>
  •   Modify the web.config trust level line to this

    <trust level="WSS_Custom" originUrl="" />

  •   and under < system.web><securityPolicy> entry modify the trustLevel node to point to your new file

    <trustLevel name="WSS_Custom" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\config\wss_custom.config" />

    Do an IISReset and the Flexnet Web Parts should now have the permissions to access the SharePoint object model.


posted on 2008-01-17 15:36 Jerome 阅读(539) 评论(0)  编辑 收藏 引用 所属分类: Website Technology
只有注册用户登录后才能发表评论。