Intro Apps
News

joris.poelmans@biwug.be
About me
Voting System
Apps, what is the difference... a story
> Speaker: Andy Van Steenbergen

The Consumerization of the Intranet...
Trends impacting the way we work
i

1 billion

For the first time in
modern history, workplace
demographics now span

50%
...
Requirements
i

Mobile

An intuitive service that
doesn’t require extensive
training or adoption.

A solution designed wit...
Voting steps
Take your mobile
phone out of your
pockets.

1

Turn the screen
of you mobile
phone on.

2

Face the screen
t...
BaseLine: Are you ready?
Take your mobile
phone out of your
pockets.

1

Turn the screen
of you mobile
phone on.

2

Face ...
Agenda
Agenda
Agenda
Agenda
Question: App Shapes (screen or noscreen)
Take your mobile
phone out of your
pockets.

1

Turn the screen
of you mobile
ph...
App UI components
App UI components
App UI components
App UI components
App UI components
App UI components
Client APIs

Server APIs

SharePoint
& Exchange

Office

Client

Server

3rd Party Services

Browser Host

APP

Web Server...
The isolated domain
http://intranet.contoso.com/sites/Biwug /Poll

http://app-bdf2016ea7dacb.contosoapps.com/sites/Biwug/P...
Infrastructure configuration
Determine App domain
• http://app-bdf2016ea7dacb.contosoapps.com/sites/SPC/Scheduler

Configu...
SharePoint farm configuration
Service applications

SharePoint App
settings

• Subscription Settings
• App Management

•
•...
Additional Considerations (on prem)
Apps do not support Kerberos (ntml instead)
Special requirements for SAML authenticati...
Routing Web application
https://app-bdf2016ea7dacb.contosoapps.com/sites/Biwug/Poll

NLB
192.168.1.2

*.contosoapps.com
= ...
The new cloud app model
Build a new class of apps that extend and personalize the way we create
and consume information ri...
App Hosting
SharePoint
Web

Your Hosted
Site

SharePoint
Web

Azure

Host
web
App Web
(from WSP)
Client side technologies ...
Agenda
Agenda
Anatomy of a SharePoint Hosted app
Manifest
Code
JS CSS HTML ASPX
Reasons to use SharePoint hosted
apps

SYMMETRIC
IN OFFICE 365
AND ON-PREM

AUTHENTICATION
IS AUTOMATIC

INHERENT
MULTI-TE...
SharePoint component isolation
1 app installation = 1 “app web”
App webs are isolated in their own domain:
Host
https://co...
Available app web components

• Lists
• Libraries
• WebProxy
• App scoped BDC
models
• App scoped ECTs

• JavaScript
• Wor...
App Hosting
SharePoint
Web

Your Hosted
Site

SharePoint
Web

Azure

Host
web
App Web
(from WSP)
Client side technologies ...
Anatomy of a Provider Hosted app
Manifest
App Hosting
SharePoint
Web

Your Hosted
Site

SharePoint
Web

Azure

Host
web
App Web
(from WSP)
Client side technologies ...
Anatomy of an Autohosted app
Manifest
Artifacts
SharePoint Pages

App Web Pages
App Lifecycle (autohosted)
Tenant A

Tenant B
App Lifecycle (Provider)
From Developer to End User
Office and SharePoint

Dev center
submission

Office Store

TRIAL/
PURCHASE

Integrated
Office
...
Recap: Anatomy of an app for SharePoint
Manifest
Code
App Content

SharePoint
Hosted
SharePoint Hosted Package
Recap: Anatomy of an app for SharePoint
Manifest
Artifacts
SharePoint Pages

App Web Pages
Provider-Hosted Package
Recap: Anatomy of an app for SharePoint
Manifest
Artifacts
SharePoint Pages

Auto-Hosted

App Web Pages
Auto Hosted Package
Granting SharePoint App Permissions
Permissions are granted when an App for SharePoint is
installed on a SharePoint server...
App permissions
App permission
request scopes
•
•
•
•
•
•
•
•

Tenancy
SPSite
SPWeb
SPList
BCS
Search
Workflow
Taxonomy

A...
App Authorization Policy flow
Full security list
• SharePoint (full control)
•
•
•
•

Site collection
Website
List
tenancy

• Other SP Features
• BCS (r...
Question
<AppPermissionRequest
Scope="http://sharepoint/content/sitecollection/web/list"
Right="Manage"
/>
Question: App Shapes (screen or noscreen)
Take your mobile
phone out of your
pockets.

1

Turn the screen
of you mobile
ph...
Answer
<AppPermissionRequest
Scope="http://sharepoint/content/sitecollection/web/list"
Right="Manage" >
<!-- add filter pr...
Configure Apps authentication trust
Autohosted Apps
ACS

Provider-hosted Apps
ACS
S2S Trust
OAuth enables users to approve an
application to act on their behalf
without sharing their user name and
password.
Understanding where Oauth fits
• Oauth is primarily used for external app authentication in

the Office 365 environment.
•...
OAuth for cloud-hosted Apps
7 – Access token

2 – Request
context token

3 – Signed
context token

6 – Access
token
reques...
OAuth Flow

ACS
Server

SharePoint
Server

Hosting
Server

Web Browser
ACS
Server

Hosting
Server

Web Browser

SharePoint
Server
ACS
Server
https://mySPSite.sharepo

1
Hosting
Server

Web Browser

SharePoint
Server

1) User browses to a
SharePoint pag...
ACS
Server
https://mySPSite.sharepo

2
1
Hosting
Server

Web Browser

SharePoint
Server

2) SharePoint asks ACS to
create ...
ACS
Server
https://mySPSite.sharepo

3

2
1

Hosting
Server

Web Browser

SharePoint
Server

3) ACS returns the signed
con...
ACS
Server
https://mySPSite.sharepo

Developer Site

3

2
1

4

Hosting
Server

Web Browser

SharePoint
Server

POST https...
ACS
Server
https://mySPSite.sharepo

Developer Site

3

2
1

4

Hosting
Server

Web Browser

5
SharePoint
Server

5) The I...
ACS
Server
https://mySPSite.sharepo

Developer Site

6
3

2
1

4

Hosting
Server

Web Browser

5
SharePoint
Server

6) Clo...
ACS
Server
https://mySPSite.sharepo

Developer Site

7
6
3

2
1

4

Hosting
Server

Web Browser

5
SharePoint
Server

7) A...
ACS
Server
https://mySPSite.sharepo

Developer Site

7
6
3

2
1

8

4
Web Browser

Hosting
Server

5
SharePoint
Server

8)...
ACS
Server
https://mySPSite.sharepo

Developer Site

7
6
3

2
1

8

4

9

Web Browser

Hosting
Server

5
SharePoint
Server...
ACS
Server
https://mySPSite.sharepo

Developer Site

7
6
3

2
1

8

4

9

Web Browser

Hosting
Server

5
SharePoint
Server...
App lifecycle management
Installing an App

Manage licensing

Upgrading an App

Backup and restore

Uninstalling an App
App lifecycle management
Installing an App

Manage licensing

Upgrading an App

Backup and restore

Uninstalling an App
App lifecycle management
Installing an App

Manage licensing

Upgrading an App

Backup and restore

Uninstalling an App
App lifecycle management
Installing an App

Manage licensing

Upgrading an App

Backup and restore

Uninstalling an App
App lifecycle management
Installing an App

Manage licensing

Upgrading an App

Backup and restore

Uninstalling an App
App lifecycle management
Installing an App

Manage licensing

Upgrading an App

Backup and restore

Uninstalling an App
Monitoring and logging
Monitoring in Central
Admin

• App usage/Error details
• Timer Jobs

Monitoring in Site
Collections...
Napa and Visual Studio
• Napa is complementary to Visual Studio
• Get started in Napa, continue in Visual Studio

• Made i...
Napa is an app for SharePoint

JS CSS HTML ASPX

App for Office
JSOM & REST (example)
JavaScript object model
var ctx = new SP.ClientContext("http://contosoappUID.spo.com/site/app");
ctx...
Agenda
Agenda
In SharePoint 2013… Improvement++
Take Away
• Javascript / Jquery , CSOM & REST are getting important
• Clientside (high trust) vs Serverside (full trust)
•...
References
• SPC Slide decks:
•

Understanding and Maintaining SharePoint Apps for IT Pros
•

•

SharePoint hosted apps
•
...
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Intro apps
Upcoming SlideShare
Loading in...5
×

Intro apps

609

Published on

Biwug slideDesk first session 26/11/2013
This session is about an intro into the Apps model. There is much more to think about than just select what kind of type of app that you want to create.

Published in: Technology, Design
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
609
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
29
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • If you have slides that you want to share =&gt; let us know!
  • 101 likes = we made it
  • Twitter
  • In the sessions tonight, we will introduce a new voting system.
  • We required a voting system inline with the trend that impact the way we work.
  • The requirements: mobile, easy, and hybrid.&gt;Investment:32.000€ (average of 400€ per participant of this session)
  • Thanks to all our sponsors - namely “you” - we’ve managed to pull it off!Thevoting procedure is quite simple: 3 steps.&gt; The unstructured results will be published on Twitter.
  • In order to test the new system, we will perform a baseline vote…Our baseline question: “Are you ready?”&lt;Andy gebruikdeze slide voor je vragen. Ikzounietmeerals 3 vragenstellen in je sessie.&gt;
  • In order to test the new system, we will perform a baseline vote…Our baseline question: “Are you ready?”&lt;Andy gebruikdeze slide voor je vragen. Ikzounietmeerals 3 vragenstellen in je sessie.&gt;
  • No subwebbut isolated domainAzure / Provider hosted is different url , this is for SP hosted appsIsolation = same origin policy = JS cannot execute outside of the domain it’s running in. other domain = browser will throw access denied error Javascript can only execute within the app web App prefix = can be changed but only 1 Host web =
  • Service principle names for Kerberos need to be configured, this needs to be done per app webNtml is used in steadSAML – requirement , Identity provider must support wildcard return url registration. ADFS 2.0 doesn’t support thisMultiple urls needed? Host header site collections , uses only the default zone
  • ECT = external content types
  • In order to test the new system, we will perform a baseline vote…Our baseline question: “Are you ready?”&lt;Andy gebruikdeze slide voor je vragen. Ikzounietmeerals 3 vragenstellen in je sessie.&gt;
  • Provider hosted – ACS – an O365 subscription is needed to use Azure to broker the request
  • STS = sign token service
  • Intro apps

    1. 1. Intro Apps
    2. 2. News joris.poelmans@biwug.be
    3. 3. About me
    4. 4. Voting System Apps, what is the difference... a story > Speaker: Andy Van Steenbergen The Consumerization of the Intranet… > Speaker: Peter van Hees
    5. 5. Trends impacting the way we work i 1 billion For the first time in modern history, workplace demographics now span 50% smartphones, 4 years ahead of predictions 3 of enterprise customers are “on the road” to cloud generations
    6. 6. Requirements i Mobile An intuitive service that doesn’t require extensive training or adoption. A solution designed with a mobile first mindset. Easy Hybri d A solution with a physical on premise component combined with a cloud service.
    7. 7. Voting steps Take your mobile phone out of your pockets. 1 Turn the screen of you mobile phone on. 2 Face the screen towards the presenter. 3 * The unstructured results will be posted tonight on Twitter.
    8. 8. BaseLine: Are you ready? Take your mobile phone out of your pockets. 1 Turn the screen of you mobile phone on. 2 Face the screen towards the Presenter. 3
    9. 9. Agenda
    10. 10. Agenda
    11. 11. Agenda
    12. 12. Agenda
    13. 13. Question: App Shapes (screen or noscreen) Take your mobile phone out of your pockets. 1 Turn the screen of you mobile phone on. 2 Face the screen towards the Presenter. 3
    14. 14. App UI components
    15. 15. App UI components
    16. 16. App UI components
    17. 17. App UI components
    18. 18. App UI components
    19. 19. App UI components
    20. 20. Client APIs Server APIs SharePoint & Exchange Office Client Server 3rd Party Services Browser Host APP Web Server Host Other Devices & Clients Common App Architecture
    21. 21. The isolated domain http://intranet.contoso.com/sites/Biwug /Poll http://app-bdf2016ea7dacb.contosoapps.com/sites/Biwug/Poll App prefix (tenant) App domain App ID App name Host web
    22. 22. Infrastructure configuration Determine App domain • http://app-bdf2016ea7dacb.contosoapps.com/sites/SPC/Scheduler Configure domain names in DNS • http://app-bdf2016ea7dacb.contosoapps.com/sites/SPC/Scheduler • *.contosoapps.com (wildcard is preferred) Create a new wildcard SSL certificate (access token is transmitted in plaintext)
    23. 23. SharePoint farm configuration Service applications SharePoint App settings • Subscription Settings • App Management • • • • App URLs (App prefix and App domain) App Catalog Store Settings App Denied endpoints
    24. 24. Additional Considerations (on prem) Apps do not support Kerberos (ntml instead) Special requirements for SAML authentication Apps do not support multiple zones A routing Web application may be needed
    25. 25. Routing Web application https://app-bdf2016ea7dacb.contosoapps.com/sites/Biwug/Poll NLB 192.168.1.2 *.contosoapps.com = 192.168.1.2 DNS Farm
    26. 26. The new cloud app model Build a new class of apps that extend and personalize the way we create and consume information right from within Office and SharePoint New Apps A new class of apps enabling new scenarios and new user experiences Familiar Toolsets Embracing Web standards to provide developers choice and flexibility Flexible Lifecycle Deploy and maintain your apps publically on the new Office Store, or internally with Flexibility and control
    27. 27. App Hosting SharePoint Web Your Hosted Site SharePoint Web Azure Host web App Web (from WSP) Client side technologies and declarative workflows
    28. 28. Agenda
    29. 29. Agenda
    30. 30. Anatomy of a SharePoint Hosted app Manifest Code JS CSS HTML ASPX
    31. 31. Reasons to use SharePoint hosted apps SYMMETRIC IN OFFICE 365 AND ON-PREM AUTHENTICATION IS AUTOMATIC INHERENT MULTI-TENANCY & ISOLATION NO ADDITIONAL COST NO NEED FOR ADDITIONAL INFRASTRUCTURE
    32. 32. SharePoint component isolation 1 app installation = 1 “app web” App webs are isolated in their own domain: Host https://contoso.sharepoint.com/site web / App web https://contosoappUID.sharepoint.com/site/app/ Leverages web browser same-origin policy for script isolation
    33. 33. Available app web components • Lists • Libraries • WebProxy • App scoped BDC models • App scoped ECTs • JavaScript • Workflows • Custom Actions • Declarative Pages • CSS files • Custom Actions • OOB Web Parts
    34. 34. App Hosting SharePoint Web Your Hosted Site SharePoint Web Azure Host web App Web (from WSP) Client side technologies and declarative workflows
    35. 35. Anatomy of a Provider Hosted app Manifest
    36. 36. App Hosting SharePoint Web Your Hosted Site SharePoint Web Azure Host web App Web (from WSP) Client side technologies and declarative workflows
    37. 37. Anatomy of an Autohosted app Manifest Artifacts SharePoint Pages App Web Pages
    38. 38. App Lifecycle (autohosted) Tenant A Tenant B
    39. 39. App Lifecycle (Provider)
    40. 40. From Developer to End User Office and SharePoint Dev center submission Office Store TRIAL/ PURCHASE Integrated Office Store TRIAL/ PURCHASE Developer Direct SharePoint App Catalog Vendor/ IT projects IT admin End users
    41. 41. Recap: Anatomy of an app for SharePoint Manifest Code App Content SharePoint Hosted
    42. 42. SharePoint Hosted Package
    43. 43. Recap: Anatomy of an app for SharePoint Manifest Artifacts SharePoint Pages App Web Pages
    44. 44. Provider-Hosted Package
    45. 45. Recap: Anatomy of an app for SharePoint Manifest Artifacts SharePoint Pages Auto-Hosted App Web Pages
    46. 46. Auto Hosted Package
    47. 47. Granting SharePoint App Permissions Permissions are granted when an App for SharePoint is installed on a SharePoint server. App permission name SharePoint permission name Read Reader Write Contributor Manage Designer FullControl Full Control All or nothing
    48. 48. App permissions App permission request scopes • • • • • • • • Tenancy SPSite SPWeb SPList BCS Search Workflow Taxonomy App permission rights • • • • Read Write Manage Full control App authorization policies • User and app policy • App-only policy • User-only policy
    49. 49. App Authorization Policy flow
    50. 50. Full security list • SharePoint (full control) • • • • Site collection Website List tenancy • Other SP Features • BCS (read) • Search (QueryAsUserIgnoreAppPrinciple) • Taxonomy (R/W) • Other SP Features – Social (full control) • Tenant • Core • MicroFeed • Project (full control) • • • • • • • Project server (manage) Projects (R/W) Project (R/W) EnterpriseResources (R/W) Statusing (submitstatus) Reporting (R) Workflow (elevate)
    51. 51. Question <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web/list" Right="Manage" />
    52. 52. Question: App Shapes (screen or noscreen) Take your mobile phone out of your pockets. 1 Turn the screen of you mobile phone on. 2 Face the screen towards the Presenter. 3
    53. 53. Answer <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web/list" Right="Manage" > <!-- add filter property to permission request --> <Property Name="BaseTemplateId" Value="101" /> </AppPermissionRequest>
    54. 54. Configure Apps authentication trust Autohosted Apps ACS Provider-hosted Apps ACS S2S Trust
    55. 55. OAuth enables users to approve an application to act on their behalf without sharing their user name and password.
    56. 56. Understanding where Oauth fits • Oauth is primarily used for external app authentication in the Office 365 environment. • Server2Server authentication is used for external app authentication in on-premises farms.
    57. 57. OAuth for cloud-hosted Apps 7 – Access token 2 – Request context token 3 – Signed context token 6 – Access token request 8 – Request + access token 1 - Request 4 – Page + IFRAME 9 – SharePoint data 5 – Request page + include context token 10 – IFRAME contents
    58. 58. OAuth Flow ACS Server SharePoint Server Hosting Server Web Browser
    59. 59. ACS Server Hosting Server Web Browser SharePoint Server
    60. 60. ACS Server https://mySPSite.sharepo 1 Hosting Server Web Browser SharePoint Server 1) User browses to a SharePoint page with an app from a Cloud hosted app on it
    61. 61. ACS Server https://mySPSite.sharepo 2 1 Hosting Server Web Browser SharePoint Server 2) SharePoint asks ACS to create and sign a token which contains context information and an auth code
    62. 62. ACS Server https://mySPSite.sharepo 3 2 1 Hosting Server Web Browser SharePoint Server 3) ACS returns the signed context token
    63. 63. ACS Server https://mySPSite.sharepo Developer Site 3 2 1 4 Hosting Server Web Browser SharePoint Server POST https://hosting server/ … SPAppToken=tbAgAiOiJKV1 QiLCJhbGciOiJIUzI1NiJ9.e… 4) SharePoint renders the page including an IFRAME, which will POST the context token to the Cloud hosted app
    64. 64. ACS Server https://mySPSite.sharepo Developer Site 3 2 1 4 Hosting Server Web Browser 5 SharePoint Server 5) The IFRAME causes the browser to request a page from the Cloud hosted app including the context token
    65. 65. ACS Server https://mySPSite.sharepo Developer Site 6 3 2 1 4 Hosting Server Web Browser 5 SharePoint Server 6) Cloud hosted app validates the signature on the context token, extracts the auth code, and uses its credentials to request an access token from ACS
    66. 66. ACS Server https://mySPSite.sharepo Developer Site 7 6 3 2 1 4 Hosting Server Web Browser 5 SharePoint Server 7) ACS returns an access token
    67. 67. ACS Server https://mySPSite.sharepo Developer Site 7 6 3 2 1 8 4 Web Browser Hosting Server 5 SharePoint Server 8) Cloud-hosted app makes a web service request to SharePoint, passing the access token
    68. 68. ACS Server https://mySPSite.sharepo Developer Site 7 6 3 2 1 8 4 9 Web Browser Hosting Server 5 SharePoint Server 9) SharePoint returns information to the Cloud hosted app
    69. 69. ACS Server https://mySPSite.sharepo Developer Site 7 6 3 2 1 8 4 9 Web Browser Hosting Server 5 SharePoint Server Print Report Email Report Refresh 10) The Cloud hosted app renders the IFRAME contents 10
    70. 70. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    71. 71. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    72. 72. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    73. 73. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    74. 74. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    75. 75. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    76. 76. Monitoring and logging Monitoring in Central Admin • App usage/Error details • Timer Jobs Monitoring in Site Collections • App usage/Error details Logging Categories • App Management, App Monitoring, Azure Access Control, App Marketplace, Marketplace Web Service
    77. 77. Napa and Visual Studio • Napa is complementary to Visual Studio • Get started in Napa, continue in Visual Studio • Made it very easy to move to Visual Studio when you want to. For example: • • • • • Debugger Support for composing apps for Office & SharePoint Support additional deployment topologies (i.e. server code) ALM tools (SCC, Work Items, Profiler, etc.) Additional SharePoint items (BCS, Workflow, etc.)
    78. 78. Napa is an app for SharePoint JS CSS HTML ASPX App for Office
    79. 79. JSOM & REST (example) JavaScript object model var ctx = new SP.ClientContext("http://contosoappUID.spo.com/site/app"); ctx.load(ctx.get_web().get_title()); ctx.executeQueryAsync(); REST/OData http://contoso-appUID.spo.com/site/app/_api/web/Title _api/web/lists _api/web/lists/getByTitle('Documents') _api/social.feed/my/news _api/SP.UserProfiles.PeopleManager/getMyProperties() _api/search/query?Querytext='Marketing'
    80. 80. Agenda
    81. 81. Agenda
    82. 82. In SharePoint 2013… Improvement++
    83. 83. Take Away • Javascript / Jquery , CSOM & REST are getting important • Clientside (high trust) vs Serverside (full trust) • Recommended read: SP 2013 App development • Scott hillier & ted pattison
    84. 84. References • SPC Slide decks: • Understanding and Maintaining SharePoint Apps for IT Pros • • SharePoint hosted apps • • Chris Whitehead & Sam Hassani Yina Arenas Building Autohosted Apps for SharePoint 2013 • Richard diZerega Nathan Miller
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×