This is a really cool concept that’s new in SharePoint 2010. I was going to take a stab at describing it… but the presentation is already starting and I think the abstract is more than adequate:

Partial Abstract

”SharePoint 2010 adds a new deployment model for SharePoint called Sandboxed Solutions. It is a controlled solution packaging format that offers SharePoint Server Farm owners a way to easily mitigate risk that custom code will cause issues for them. It does this by restricting the API’s that can be called and governing resources that can be used…”

Scott Hillier


  • Creates a balance of stability (for IT admins) and agility (for developers) when developing, implementing, and testing solutions.
  • IT admins can control which servers in the farm will be allowed to run Sandbox Solutions
  • Only access to a Certain Subset through the proxy
    • No access to enterprise class objects
  • Code Access Security Limits
    • SharePointPermission.ObjectModel
    • SecurityPermission.Execution
    • AspNetHostingPermission.Level = Minimal
  • Can create a “fully-trusted proxy” that will allow us to reach outside the boundaries
  • Sandbox solutions deployed at the Site Collection Level
    • Site Collection Admins determine which Sandbox solutions run in their site
  • From Central Admin Can
    • Block Solutions
    • Quota Templates
    • Resource Monitoring
  • When deploying from Visual Studio 2010 will have to options to deploy solutions
    • Deploy as Sandbox Solution (selected by default… hint hint.. this is the way they want us to go)
    • Deploy as Farm Solution
  • VS adds and removes the Partially Trusted Callers based on Boolean value of the project properties which specifies if this is a Sandbox solution or not.


  • Full Trust Proxy
    • Create a class that inherits from SPProxyOperationArgs
      • Class only passes arguments (Get and Set)
    • Create another class that inherits from SPProxyOperations
      • Override Execute Method
        • Your logic goes here
      • Takes in the SPProxyOperationsArgs class
    • The Full Trust Proxys must be registered on the farm via code (at least that is what he demoed… not sure if there is another way.)
    • Can execute the the full trust proxy code by calling SPUtility.ExecuteRegisteredProxyOperation from the Sand Box solution class.
  • Supports Load Balancing across specific servers on the farm
  • Can monitor and set limits on:
    • CPU, Memory, SQL, Exceptions, Critical Errors, Handles, Threads, etc..
    • Can allocate “Resource Points” to solutions that if consumed by a specific resource will not allow that solution to run for the rest of the day. (I’m sure there will be plenty of arguments over this)
Technorati Tags: , Tags: ,
digg_url = “”;digg_title = “Developing with SharePoint 2010 Sandboxed Solutions – SPC 2009 Presentation Highlights”;digg_bgcolor = “#FFFFFF”;digg_skin = “compact”;digg_url = undefined;digg_title = undefined;digg_bgcolor = undefined;digg_skin = undefined;