torontoug.net event on SharePoint development at the Mississauga Conv. Ctr. on 17th June, 2008

Search: Go

Home

About

User Group Events

Other Events

News

Downloads

Discussions

General Discussions

Event Discussions

Job Board

ASP.NET

VB.NET

CSharp

Study Group

Do you want to sponsor an Event?
Contact the .NET User Group at sponsors@torontoug.net

Online:

There are currently:
64 Guests.

0 of 6,455 Members.

Hosting
provided by

Home > Discussions > Event Discussions

Notify me of new comments

Author

Thread: torontoug.net event on SharePoint development at the Mississauga Conv. Ctr. on 17th June, 2008

jibey

torontoug.net event on SharePoint development at the Mississauga Conv. Ctr. on 17th June, 2008
Posted: Wednesday, June 18, 2008 2:32 PM (EST)

I was at this event yesterday.

My first question/comment during this event was that SharePoint fully trusts everything deployed to the GAC. And Ed says its possible to lock that down. Well, the point is if you use CAS to lock down your DLLs deployed to the GAC, you'll have to develop a lot of CAS functionality. I doubt if its possible to get that right, since there's all kinds of combinations. There's a principle called “running with least privileges”. You should deploy your DLLs to your Web Application's bin directory, and use CAS to grant it just the privileges it needs to execute. You should also grant the least minimun trust level in your web.config. But before I could argue any of these points, Ed cut off all questions. Ted Pattison recommends this kind of a security architecture for SharePoint applications in his book.

I used a technique developed by someone named Andrew Cornell in his blog on the Web to use code behind with my SharePoint page templates for a project to build a MOSS 2007 publishing portal back in Dec, 2007/Jan, 2008. So, the code behind technique with DDFs, building CABs using the CAB SDK, etc. were nothing new to me. I found the revelation about the existence of STSDEV valuable, though.

About WebParts: I still think the code behind technique is more convenient over bundling code in Web Parts to get anything to execute in SharePoint. Most of the time, you don't need a Web Part. When you do use them, you have to build multilane connections between them to get them to talk to each other. With code behind, you're just using the familiar ASP.NET programming model.

I archtect and develop MOSS 2007 solutions. If you pay me, and give me enough privileges on your network, I can build your Active Directory OUs, build Windows Servers and plug them into those OUs, roll out MOSS 2007/WSS and SQL Server on those Windows Servers, and build SharePoint applications that run on those Windows Servers. I prefer Windows Server 2008. If your implementation is large and need to scale, I can even distribute the SharePoint content databases by partitioning them and deploying them over a SQL Server federated cluster. I would also need a hardware person to run all the wires, a CSS developer to develop the Web UI artifacts and a business analyst that knows the logic of the application I'm expected to build.

Thanks.