New System.AddIn Features in March's Orcas CTP [Jesse Kaplan]

  • Article

Some of you may have noticed already but for those who haven't I'd like to announce one of the major new System.AddIn features that made it into March's Orcas CTP. We've now made it possible for hosts to activate add-ins in a seperate process with the same ease as in a seperate AppDomain. We're very excited about this feature because we weren't sure we could get it into Orcas and now that it's here and you can activate add-ins in their own processes you can use existing OS features to gain better reliability in the face of misbehaving add-ins: you can ensure that the host never crashes when the add-in does, limit the amount of memory available to each add-in process, and even lower the priority of these process to protect against CPU hogs.

 

If you go back to our very first blog post we showed you the few lines of code needed to activate each add-in in its own AppDomain:

AddInStore.Update(addinPath);

IList<AddInToken> tokens =

AddInStore.FindAddIns(typeof(AddInType), addinPath);

foreach (AddInToken token in tokens)

{

token.Activate<AddInType>(AddInSecurityLevel.Internet);

}

 

 

Well, to activate each add-in in its own process you don't even need to add a line of code:

 

AddInStore.Update(addinPath);

IList<AddInToken> tokens =

AddInStore.FindAddIns(typeof(AddInType), addinPath);

foreach (AddInToken token in tokens)

{

token.Activate<AddInType>(new AddInProcess(), AddInSecurityLevel.FullTrust);

}

It's also very easy to group add-ins in the same external process with different AppDomains:

AddInStore.Update(addinPath);

IList<AddInToken> tokens =

AddInStore.FindAddIns(typeof(AddInType), addinPath);

AddInProcess sharedProcess = new AddInProcess();

foreach (AddInToken token in tokens)

{

token.Activate<AddInType>(sharedProcess , AddInSecurityLevel.FullTrust);

}

One downside with running add-ins out-of-process is that there are a few security demands that come out of remoting and serialization that require that both the host and the add-in run in FullTrust domains. Sandboxing of AppDomain isolated add-ins is still fully supported, but process isolated ones will need full trust.

As part of this work we also refactored the System.AddIn namespace out of System.Core and into it's own assembly. If you've been playing with this you'll need change your projects a bit and add references to System.AddIn v3.5.

We'll be going into more detail on what happens when you activate both in and out of AppDomain and how we manage the lifetime of these AppDomains and processes later, but for now please play with the bits and let us know what you think.