Configuring URLMembershipCondition for individual assemblies and the $AppDirUrl$/bin/ path for WSS solution.
In a previous post I described how to configure CAS within WSS solution. At the time I used a membership condition based on the key blob. This works fine for signed assemblies and allows us to create one permission set for a group of assemblies. In our deployment however we decided to remove the assembly signatures, since this interferes with other projects. Trying to find out what other conditions we can define I used the name of the assembly only, so that the CAS section in the manifest.xml file looked like this:
<PermissionSet class="NamedPermissionSet" Name="MyPermissions" version="1">
This works and in the custom configuration file it translates to:
<CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="solution.wsp-1c4cffbe-f1ed-428e-afde-c82d59516da7-1">
<IMembershipCondition version="1" Name="myassembly" class="UrlMembershipCondition" Url="$AppDirUrl$/bin/myassembly.dll" />
This is great, but there is still a lot of typing to create and maintain permission set for each assembly. I wish there was an option to define UrlMembershipCondition for group of assemblies in the $AppDirUrl$/bin/* path. So I created the permission set for the assembly "*" and the result was this membership condition:
<IMembershipCondition version="1" Name="*" class="UrlMembershipCondition" Url="$AppDirUrl$/bin/*.dll" />
Looks like it will work fine? Unfortunately the config file parser complains about the *.dll part of the URL attribute, so no luck here either.
I guess, I am going back to defining individual permission sets for each assembly.