Intro apps

995 views

Published on

Biwug slideDesk first session 26/11/2013
This session is about an intro into the Apps model. There is much more to think about than just select what kind of type of app that you want to create.

Published in: Technology, Design
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
995
On SlideShare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
30
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • If you have slides that you want to share => let us know!
  • 101 likes = we made it
  • Twitter
  • In the sessions tonight, we will introduce a new voting system.
  • We required a voting system inline with the trend that impact the way we work.
  • The requirements: mobile, easy, and hybrid.>Investment:32.000€ (average of 400€ per participant of this session)
  • Thanks to all our sponsors - namely “you” - we’ve managed to pull it off!Thevoting procedure is quite simple: 3 steps.> The unstructured results will be published on Twitter.
  • In order to test the new system, we will perform a baseline vote…Our baseline question: “Are you ready?”<Andy gebruikdeze slide voor je vragen. Ikzounietmeerals 3 vragenstellen in je sessie.>
  • In order to test the new system, we will perform a baseline vote…Our baseline question: “Are you ready?”<Andy gebruikdeze slide voor je vragen. Ikzounietmeerals 3 vragenstellen in je sessie.>
  • No subwebbut isolated domainAzure / Provider hosted is different url , this is for SP hosted appsIsolation = same origin policy = JS cannot execute outside of the domain it’s running in. other domain = browser will throw access denied error Javascript can only execute within the app web App prefix = can be changed but only 1 Host web =
  • Service principle names for Kerberos need to be configured, this needs to be done per app webNtml is used in steadSAML – requirement , Identity provider must support wildcard return url registration. ADFS 2.0 doesn’t support thisMultiple urls needed? Host header site collections , uses only the default zone
  • ECT = external content types
  • In order to test the new system, we will perform a baseline vote…Our baseline question: “Are you ready?”<Andy gebruikdeze slide voor je vragen. Ikzounietmeerals 3 vragenstellen in je sessie.>
  • Provider hosted – ACS – an O365 subscription is needed to use Azure to broker the request
  • STS = sign token service
  • Intro apps

    1. 1. Intro Apps
    2. 2. News joris.poelmans@biwug.be
    3. 3. About me
    4. 4. Voting System Apps, what is the difference... a story > Speaker: Andy Van Steenbergen The Consumerization of the Intranet… > Speaker: Peter van Hees
    5. 5. Trends impacting the way we work i 1 billion For the first time in modern history, workplace demographics now span 50% smartphones, 4 years ahead of predictions 3 of enterprise customers are “on the road” to cloud generations
    6. 6. Requirements i Mobile An intuitive service that doesn’t require extensive training or adoption. A solution designed with a mobile first mindset. Easy Hybri d A solution with a physical on premise component combined with a cloud service.
    7. 7. Voting steps Take your mobile phone out of your pockets. 1 Turn the screen of you mobile phone on. 2 Face the screen towards the presenter. 3 * The unstructured results will be posted tonight on Twitter.
    8. 8. BaseLine: Are you ready? Take your mobile phone out of your pockets. 1 Turn the screen of you mobile phone on. 2 Face the screen towards the Presenter. 3
    9. 9. Agenda
    10. 10. Agenda
    11. 11. Agenda
    12. 12. Agenda
    13. 13. Question: App Shapes (screen or noscreen) Take your mobile phone out of your pockets. 1 Turn the screen of you mobile phone on. 2 Face the screen towards the Presenter. 3
    14. 14. App UI components
    15. 15. App UI components
    16. 16. App UI components
    17. 17. App UI components
    18. 18. App UI components
    19. 19. App UI components
    20. 20. Client APIs Server APIs SharePoint & Exchange Office Client Server 3rd Party Services Browser Host APP Web Server Host Other Devices & Clients Common App Architecture
    21. 21. The isolated domain http://intranet.contoso.com/sites/Biwug /Poll http://app-bdf2016ea7dacb.contosoapps.com/sites/Biwug/Poll App prefix (tenant) App domain App ID App name Host web
    22. 22. Infrastructure configuration Determine App domain • http://app-bdf2016ea7dacb.contosoapps.com/sites/SPC/Scheduler Configure domain names in DNS • http://app-bdf2016ea7dacb.contosoapps.com/sites/SPC/Scheduler • *.contosoapps.com (wildcard is preferred) Create a new wildcard SSL certificate (access token is transmitted in plaintext)
    23. 23. SharePoint farm configuration Service applications SharePoint App settings • Subscription Settings • App Management • • • • App URLs (App prefix and App domain) App Catalog Store Settings App Denied endpoints
    24. 24. Additional Considerations (on prem) Apps do not support Kerberos (ntml instead) Special requirements for SAML authentication Apps do not support multiple zones A routing Web application may be needed
    25. 25. Routing Web application https://app-bdf2016ea7dacb.contosoapps.com/sites/Biwug/Poll NLB 192.168.1.2 *.contosoapps.com = 192.168.1.2 DNS Farm
    26. 26. The new cloud app model Build a new class of apps that extend and personalize the way we create and consume information right from within Office and SharePoint New Apps A new class of apps enabling new scenarios and new user experiences Familiar Toolsets Embracing Web standards to provide developers choice and flexibility Flexible Lifecycle Deploy and maintain your apps publically on the new Office Store, or internally with Flexibility and control
    27. 27. App Hosting SharePoint Web Your Hosted Site SharePoint Web Azure Host web App Web (from WSP) Client side technologies and declarative workflows
    28. 28. Agenda
    29. 29. Agenda
    30. 30. Anatomy of a SharePoint Hosted app Manifest Code JS CSS HTML ASPX
    31. 31. Reasons to use SharePoint hosted apps SYMMETRIC IN OFFICE 365 AND ON-PREM AUTHENTICATION IS AUTOMATIC INHERENT MULTI-TENANCY & ISOLATION NO ADDITIONAL COST NO NEED FOR ADDITIONAL INFRASTRUCTURE
    32. 32. SharePoint component isolation 1 app installation = 1 “app web” App webs are isolated in their own domain: Host https://contoso.sharepoint.com/site web / App web https://contosoappUID.sharepoint.com/site/app/ Leverages web browser same-origin policy for script isolation
    33. 33. Available app web components • Lists • Libraries • WebProxy • App scoped BDC models • App scoped ECTs • JavaScript • Workflows • Custom Actions • Declarative Pages • CSS files • Custom Actions • OOB Web Parts
    34. 34. App Hosting SharePoint Web Your Hosted Site SharePoint Web Azure Host web App Web (from WSP) Client side technologies and declarative workflows
    35. 35. Anatomy of a Provider Hosted app Manifest
    36. 36. App Hosting SharePoint Web Your Hosted Site SharePoint Web Azure Host web App Web (from WSP) Client side technologies and declarative workflows
    37. 37. Anatomy of an Autohosted app Manifest Artifacts SharePoint Pages App Web Pages
    38. 38. App Lifecycle (autohosted) Tenant A Tenant B
    39. 39. App Lifecycle (Provider)
    40. 40. From Developer to End User Office and SharePoint Dev center submission Office Store TRIAL/ PURCHASE Integrated Office Store TRIAL/ PURCHASE Developer Direct SharePoint App Catalog Vendor/ IT projects IT admin End users
    41. 41. Recap: Anatomy of an app for SharePoint Manifest Code App Content SharePoint Hosted
    42. 42. SharePoint Hosted Package
    43. 43. Recap: Anatomy of an app for SharePoint Manifest Artifacts SharePoint Pages App Web Pages
    44. 44. Provider-Hosted Package
    45. 45. Recap: Anatomy of an app for SharePoint Manifest Artifacts SharePoint Pages Auto-Hosted App Web Pages
    46. 46. Auto Hosted Package
    47. 47. Granting SharePoint App Permissions Permissions are granted when an App for SharePoint is installed on a SharePoint server. App permission name SharePoint permission name Read Reader Write Contributor Manage Designer FullControl Full Control All or nothing
    48. 48. App permissions App permission request scopes • • • • • • • • Tenancy SPSite SPWeb SPList BCS Search Workflow Taxonomy App permission rights • • • • Read Write Manage Full control App authorization policies • User and app policy • App-only policy • User-only policy
    49. 49. App Authorization Policy flow
    50. 50. Full security list • SharePoint (full control) • • • • Site collection Website List tenancy • Other SP Features • BCS (read) • Search (QueryAsUserIgnoreAppPrinciple) • Taxonomy (R/W) • Other SP Features – Social (full control) • Tenant • Core • MicroFeed • Project (full control) • • • • • • • Project server (manage) Projects (R/W) Project (R/W) EnterpriseResources (R/W) Statusing (submitstatus) Reporting (R) Workflow (elevate)
    51. 51. Question <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web/list" Right="Manage" />
    52. 52. Question: App Shapes (screen or noscreen) Take your mobile phone out of your pockets. 1 Turn the screen of you mobile phone on. 2 Face the screen towards the Presenter. 3
    53. 53. Answer <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web/list" Right="Manage" > <!-- add filter property to permission request --> <Property Name="BaseTemplateId" Value="101" /> </AppPermissionRequest>
    54. 54. Configure Apps authentication trust Autohosted Apps ACS Provider-hosted Apps ACS S2S Trust
    55. 55. OAuth enables users to approve an application to act on their behalf without sharing their user name and password.
    56. 56. Understanding where Oauth fits • Oauth is primarily used for external app authentication in the Office 365 environment. • Server2Server authentication is used for external app authentication in on-premises farms.
    57. 57. OAuth for cloud-hosted Apps 7 – Access token 2 – Request context token 3 – Signed context token 6 – Access token request 8 – Request + access token 1 - Request 4 – Page + IFRAME 9 – SharePoint data 5 – Request page + include context token 10 – IFRAME contents
    58. 58. OAuth Flow ACS Server SharePoint Server Hosting Server Web Browser
    59. 59. ACS Server Hosting Server Web Browser SharePoint Server
    60. 60. ACS Server https://mySPSite.sharepo 1 Hosting Server Web Browser SharePoint Server 1) User browses to a SharePoint page with an app from a Cloud hosted app on it
    61. 61. ACS Server https://mySPSite.sharepo 2 1 Hosting Server Web Browser SharePoint Server 2) SharePoint asks ACS to create and sign a token which contains context information and an auth code
    62. 62. ACS Server https://mySPSite.sharepo 3 2 1 Hosting Server Web Browser SharePoint Server 3) ACS returns the signed context token
    63. 63. ACS Server https://mySPSite.sharepo Developer Site 3 2 1 4 Hosting Server Web Browser SharePoint Server POST https://hosting server/ … SPAppToken=tbAgAiOiJKV1 QiLCJhbGciOiJIUzI1NiJ9.e… 4) SharePoint renders the page including an IFRAME, which will POST the context token to the Cloud hosted app
    64. 64. ACS Server https://mySPSite.sharepo Developer Site 3 2 1 4 Hosting Server Web Browser 5 SharePoint Server 5) The IFRAME causes the browser to request a page from the Cloud hosted app including the context token
    65. 65. ACS Server https://mySPSite.sharepo Developer Site 6 3 2 1 4 Hosting Server Web Browser 5 SharePoint Server 6) Cloud hosted app validates the signature on the context token, extracts the auth code, and uses its credentials to request an access token from ACS
    66. 66. ACS Server https://mySPSite.sharepo Developer Site 7 6 3 2 1 4 Hosting Server Web Browser 5 SharePoint Server 7) ACS returns an access token
    67. 67. ACS Server https://mySPSite.sharepo Developer Site 7 6 3 2 1 8 4 Web Browser Hosting Server 5 SharePoint Server 8) Cloud-hosted app makes a web service request to SharePoint, passing the access token
    68. 68. ACS Server https://mySPSite.sharepo Developer Site 7 6 3 2 1 8 4 9 Web Browser Hosting Server 5 SharePoint Server 9) SharePoint returns information to the Cloud hosted app
    69. 69. ACS Server https://mySPSite.sharepo Developer Site 7 6 3 2 1 8 4 9 Web Browser Hosting Server 5 SharePoint Server Print Report Email Report Refresh 10) The Cloud hosted app renders the IFRAME contents 10
    70. 70. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    71. 71. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    72. 72. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    73. 73. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    74. 74. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    75. 75. App lifecycle management Installing an App Manage licensing Upgrading an App Backup and restore Uninstalling an App
    76. 76. Monitoring and logging Monitoring in Central Admin • App usage/Error details • Timer Jobs Monitoring in Site Collections • App usage/Error details Logging Categories • App Management, App Monitoring, Azure Access Control, App Marketplace, Marketplace Web Service
    77. 77. Napa and Visual Studio • Napa is complementary to Visual Studio • Get started in Napa, continue in Visual Studio • Made it very easy to move to Visual Studio when you want to. For example: • • • • • Debugger Support for composing apps for Office & SharePoint Support additional deployment topologies (i.e. server code) ALM tools (SCC, Work Items, Profiler, etc.) Additional SharePoint items (BCS, Workflow, etc.)
    78. 78. Napa is an app for SharePoint JS CSS HTML ASPX App for Office
    79. 79. JSOM & REST (example) JavaScript object model var ctx = new SP.ClientContext("http://contosoappUID.spo.com/site/app"); ctx.load(ctx.get_web().get_title()); ctx.executeQueryAsync(); REST/OData http://contoso-appUID.spo.com/site/app/_api/web/Title _api/web/lists _api/web/lists/getByTitle('Documents') _api/social.feed/my/news _api/SP.UserProfiles.PeopleManager/getMyProperties() _api/search/query?Querytext='Marketing'
    80. 80. Agenda
    81. 81. Agenda
    82. 82. In SharePoint 2013… Improvement++
    83. 83. Take Away • Javascript / Jquery , CSOM & REST are getting important • Clientside (high trust) vs Serverside (full trust) • Recommended read: SP 2013 App development • Scott hillier & ted pattison
    84. 84. References • SPC Slide decks: • Understanding and Maintaining SharePoint Apps for IT Pros • • SharePoint hosted apps • • Chris Whitehead & Sam Hassani Yina Arenas Building Autohosted Apps for SharePoint 2013 • Richard diZerega Nathan Miller

    ×