(Almost) All About Apps for SharePoint 2013


Published on

This slide deck is presented on Microsoft TechNet Day 2012, organized in Bosnia and Herzegovina. Main goal of this presentation is to introduce new SharePoint Apps to end users, developers and administrators.

Published in: Technology
1 Comment
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

(Almost) All About Apps for SharePoint 2013

  2. 2. about me• Dragan Panjkov • Working with SharePoint since 2007 • www.dragan-panjkov.com • www.twitter.com/panjkov • BAM Converter – available on Marketplace and CodePlex• PlanB. d.o.o. • www.planb.ba• SharePoint user group • www.1sug.com
  3. 3. apps basicstypes, basic concepts, developmentdistribution, upgrade, on-prem config
  4. 4. apps?
  5. 5. introducing apps• In SharePoint 2013 everything is an app …• In strict sense: “Apps are self-contained pieces of functionality that extend the capabilities of a SharePoint site.”
  6. 6. why apps• Isolated (safe!)• Multi-tenant• Multiple development possibilities (even non-MS stack)• Easier to deploy (no SharePointisms by deployment)• Easier to maintain (lifecycle – versioning, upgrades)• Manageable (Office Store, Corporate Catalog)• Cloud ready!
  7. 7. get app to site collection• All site content provides functionality to add apps• Both Office Store and corporate catalog visible from single place• Users can add Apps to be available• Apps can request permissions, depending on implementation
  9. 9. app types, basic concepts, development
  10. 10. what is an app?• Web application registered with SharePoint, configured using XML (app.manifest)<?xml version="1.0" encoding="utf-8" ?><!--Created:cb85b80c-f585-40ff-8bfc-12ff4d0e34a9--><App xmlns="http://schemas.microsoft.com/sharepoint/2012/app/manifest" Name="SharePointAppSPCADemo" ProductID="{9b33c5b6-bc7c-4905-8b02-e2e24f404fea}" Version="" SharePointMinVersion=""> <Properties> <Title>SharePointApp SPCA Demo</Title> <StartPage>~appWebUrl/Pages/Default.aspx?{StandardTokens}</StartPage> </Properties> <AppPrincipal> <Internal /> </AppPrincipal> <AppPermissionRequests> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read" /> <AppPermissionRequest Scope="http://sharepoint/search" Right="QueryAsUserIgnoreAppPrincipal" /> </AppPermissionRequests></App>
  11. 11. sp app design - a choice of three approaches Developer-Hosted App SharePoint “Bring your own server hosting infrastructure” Your Hosted SiteCloud-based Apps Web Developers will need to isolate tenantsGet remote events fromSharePointUse CSOM/REST + Azure Auto-Provisioned AppOAuth to work with SP Azure Windows Azure + SQL Azure provisioned SharePoint Web (from WebDeploy, invisibly as apps are installed DacPac) SharePoint-hosted App Parent Provision an isolated sub web on a parent Web web • Reuse web elements App Web (lists, files, out-of-box web parts) • No server code allowed; use client (from WSP) JavaScript for logic, UX animated
  12. 12. when to use cloud-hosted apps?Cloud Hosted Apps SharePoint Hosted AppsPreferred hosting model for almost all Good for smaller apps & resource storagetypes of appsFull power of web – choose your SharePoint-based; no server-side codeinfrastructure & technologyMay require your own hosting Automatically hosted in SharePointMay require you own handling of Inherent multitenancy & isolationmultitenancy & permission management
  13. 13. technology comparison SharePoint Hosted Cloud HostedApp Scope SharePoint Site Site or TenancyArchitecture Web Site Multi-Tenant AppDeveloper Skillset SharePoint + HTML/JS Full StackUI Technologies SharePoint + HTML/JS Any Web StackServer Code None AnyStorage Lists and Doc Libs AnyKey Limitations No Server Code Hosting Expertise Required
  14. 14. common app architecture APP CSOM CSOM REST
  15. 15. use cases for autohosted apps• Team apps• Resource tracking• Team processes• Event receivers• Individual productivity• Document assembly, etc.
  16. 16. user experience integration Full page Implement complete app experiences to satisfy business scenarios Parts Create app parts that can interact with the SharePoint experience UI Command extensions Add new commands to the ribbon and item menus
  17. 17. developing apps
  19. 19. app identity• Challenge with SPS2010 • Farm solutions – too much privileges - risk of RunWithElevatedPrivileges • Sandbox solutions – no RunWithElevatedPrivileges – always under user context• In SharePoint 2013 apps have their own identity and specific permissions • Installing user either grants or denies permissions to host web • Permission is explicitly given for a specific scope • App identity is passed around using oAuth tokens
  20. 20. app permissions• Default rights : Read, Write, Manage and Full Control• Not possible to customize• Apps are granted permissions to a scope and all children of the scope• Defined in declarative XML
  21. 21. app scopes• SPSite – site collection• SPWeb – site• SPList• Tenancy• Other scopes (and rights) for performing search queries, accessing taxonomy data, user profiles, etc...
  22. 22. sharepoint apps: establishing trust
  23. 23. azure access control service (ACS)• ACS is used as authorization server• required with oAuth implementation in SharePoint 2013• How is the ACS server configured? • Automatically done for sites in Office 365 Preview • On-premise farms, a trust to ACS must be configured. • Possible to avoid when using Server-to-server (S2S) trust
  24. 24. sharepoint 2013 remote api _api is new alias for _vti_bin/client.svc Server Client REST CSOM OData JSON JavaScript Silverlight .Net CLR Library Library Library Custom Client Code
  25. 25. deployment, upgrade, configuration
  26. 26. from developer to end user Office and SharePoint Dev center Integrated Office Store TRIAL/ submission PURCHASE Office Store End users TRIAL/ PURCHASEDeveloper Vendor/ SharePoint Direct IT projects App Catalog IT admin
  27. 27. apps upgrade process animated
  28. 28. Infrastructure configuration for SP Apps1) Wild card DNS entry for app domain2) Apps service application and subscription service created in environment hosting SP apps3) SharePoint application for routing the incoming requests to app DNS entry4) App catalog created for SharePoint applications to enable end users to utilize apps SharePoint farm http://*.apps 192.168.x.x
  29. 29. dns configuration on-premises• Define wildcard DNS entry for apps • *.apps.contoso.com or something similar• Configure app address in SP side using Central Admin or PowerShell • One address per farm
  30. 30. app configuration for on-premises farm • Ensure that App service application and subscription service are created and running in farm • Subscription service is used to provide unique Site Collection ID for App Urlsmain SharePoint site app1 SharePoint site tenant- http://sp/sites/web http:// /sites/web/appguid apphash1.contosoapps.com http://apps-87e90ada14c175.contosoapps.com/sites/web/014c9c59-5d9c-4a59-a5ce-2116a4c90296 • Apps will be hosted on own domain, within their own frame • Leverages web browser same-origin policy for script isolation • URL naming – each app has unique URL – one app – one = URL • http://default-appUID.apps.contoso.com • appUID – combination of site collection ID and particular SPWeb where app is installed
  31. 31. apps…• …are not executed in SharePoint App pool• …are in most of the cases not even running on SP Server• …can have full trust, with user’s approval (OAuth)• …can access SharePoint Data• …can access outer world non-SharePoint Data• …can use any external resources• …can be executed in it’s own chrome, as app parts, or as SharePoint extensions
  32. 32. resources• dev.office.com• blogs.msdn.com/b/officeapps• blog.tedpattison.net• http://www.andrewconnell.com/blog/archive/2012/10/02/fully- scripted-solution-for-creating-and-registering-self-signed- certs.aspx• http://www.binarywave.com/blogs/eshupps/Lists/Posts/Post.aspx? ID=267
  34. 34. thank you.
  35. 35. Provider Hosted – S2S• High trust applications used on-premise• Can assert any user’s identity• Requires configuration to establish trust between SharePoint farm and S2S app• Needs to be done for every S2S app
  36. 36. Configure S2S• App Isolation is configured• Disable App Principal check• Generate Public/Private certificate pair• Generate Client Id• Set up Security Token Issuer• Register App Principal• Update Web.config and ensure user profiles exist• http://www.binarywave.com/blogs/eshupps/Lists/Posts/Post.aspx? ID=267