PROFILE 27 - SharePoint Web Part 'partially trusted' error
- Date: 6 November 2006
- Version(s) affected: Ants Profiler 2.6+ when used with
- Microsoft SharePoint Services 2.0
- Microsoft ASP .NET 2.0
- Windows Server 2003 (SP1 and R2)
Microsoft SharePoint Services is an ASP .NET based collaboration system for teams in an enterprise working on various projects. The functionality of SharePoint can be extended by developing custom Web Parts in Visual Studio. A Web Part is a code-based, re-usable module that can be published on a SharePoint server and made available to users of the SharePoint web site. In Visual Studio 2005, SharePoint Web Parts are classes that derive from Microsoft.SharePoint.WebPartPages.WebPart, unlike previous versions of Visual Studio, in which Web Part classes inherit System.Web.UI.WebControls.WebParts.
There are two ways to deploy web parts to a SharePoint server. The first and easiest way is to copy the compiled Web Part assemblies to the bin subfolder of the website's root folder, then editing the Web.Config file to add the Web Part as a 'SafeControl'. The web part can then be added to the gallery of web parts using the SharePoint 'Site Settings' pages so that a user can 'drag and drop' the web part onto a SharePoint page.
The second method is more or less the same as above, but rather than deploying the assembly to the bin folder, the assembly is deployed into the Global Assembly Cache. This would be the method least-preferred by administrators because it is less secure. Furthermore, it requires the code to be digitally-signed with a strong-named key.
Profiling the Web Part
In order to profile web parts using ANTS Profiler, the Web Part must be run. This is normally as easy as clicking Modify shared page and browsing for the web part in the gallery, and dropping it onto the page. If the Web Part has been deployed as a debug build, the corresponding .pdb file is present in the same directory, and the source code remains in the original build location for the web part, ANTS Profiler will analyze the performance or memory profile when ANTS is running and configured to profile an ASP .NET Web Application.
The exception message and workaround
The above method works falwlessly on SharePoint sites running on ASP .NET 1.1, however, upgrading the SharePoint site to ASP .NET 2.0 causes additional security to take effect that affect the operation of ANTS Profiler. If the Web Part assembly is deployed into the bin folder, the web application will now log That assembly does not allow partially trusted callers. in the application event log while profiling. This does not happen on the SharePoint website normally. In order to bypass this security restriction, the Web Part assembly needs to be placed into the Global Assembly Cache.
Deploying the Web Part to the GAC
First, open the GAC by going to Start->Run and typing in %systemroot%\Assembly. Open a second instance of Windows Explorer and navigate to the bin folder of the default website (c:\inetpub\wwwroot\bin). Drag and drop your assembly into the assembly folder from the Bin folder. This will automatically register the assembly into the GAC. There is also a command-line utility called GACUTIL.exe for this purpose.
In order for ANTS Profiler to work correctly (provide line-level timings, filter methods), the .pdb file needs to be deployed into the GAC as well. This job is not as straightforward as dropping the file into the assembly folder: the file needs to be copied manually using the command prompt. To do this, follow these steps:
- Right-click your assembly in the assembly folder and select properties.
- Make a note of the Version and the Public Key Token
- Open a command prompt
- (provided you are on the system drive) cd \
- cd %systemroot%\Assembly\GAC_MSIL\<your assembly name without '.dll'>
- cd <version__public key token>
- copy c:\inetpub\wwwroot\bin\<your assembly file name>.pdb