SHAREPOINT AND PROJECT CONFERENCE ADRIATICS ZAGREB, 11/28/2012
The SharePoint 2013 App ModelDRAGAN PANJKOV, PLANB.
sponsors
why apps
types, basic concepts, development
distribution, upgrade, on-prem config
App
why apps?
4 questions for architects• How will the users be using the solution?• How will the solution be deployed into production and
managed?• What are the quality attribute requirements for the
solution (security, performance, concurrency, localization, and configuration)• How can the solution be designed to be flexible and
maintainable over time?
SharePoint2007
SharePoint2010
SharePoint W15
Services (IIS, Apache, Other, …)
Services (Azure, IIS, Apache, Other…)
Services(Azure, IIS, Apache,Other, etc…)
SP2007 SP2010 SP2013
Declar. App & Workflow Events
Custom Code
Custom Code
CSOM
_vti_bin_vti_bin
_api
_api
evolution of customizations in SharePoint
apps…• …are not executed in SharePoint App pool• …are in most of the cases not even running on SP
Server• …can have full trust, with user’s approval (OAuth)• …can access SharePoint Data• …can access outer world non-SharePoint Data• …can use any external resources• …can be executed in it’s own chrome, as app parts, or
as SharePoint extensions
why apps• Isolated (safe!)• Multi-tenant• Multiple development possibilities (even non-MS stack)• Easier to deploy (no SharePointisms by deployment)• Easier to maintain (lifecycle – versioning, upgrades)• Manageable (Office Store, Corporate Catalog)
• Cloud ready!
USER PERSPECTIVE
App types, basic concepts, development
common app architectureBrowser
Office JSOM
SharePoint JSOM
Web Server
Other Devices
Client-side CodeHTML / CSS / JavaScript
APP
Server-side CodeAny language
SharePoint
CSOM CSOMREST
Autohosted Provider-hosted
Other
E.g. LAM
P
IIS / ASP.N
et
Windows AzureWeb Sites
Workflow
SQL
Cloud Services
sp app design - a choice of three approaches
App Web (from WSP)
Parent Web
SharePoint-hosted App
Provision an isolated sub web on a parent web• Reuse web elements
(lists, files, out-of-box web parts)• No server code allowed; use
client JavaScript for logic, UX
Azure Auto-Provisioned App
Windows Azure + SQL Azure provisioned invisibly as apps are installed
Azure (from
WebDeploy, DacPac)
SharePoint Web
Get remote events from SharePoint Use CSOM/REST + OAuth to work with SP
Cloud-based Apps
Developer-Hosted App
“Bring your own server hosting infrastructure”Developers will need to isolate tenants
SharePoint Web
Your Hosted Site
animated
Comparing SharePoint Hosted vs. Cloud Hosted Apps
SharePoint Hosted Cloud Hosted
App Scope SharePoint Site Site or Tenancy
Architecture Web Site Multi-Tenant App
Developer Skillset SharePoint + HTML/JS Full Stack
UI Technologies SharePoint + HTML/JS Any Web Stack
Server Code None Any
Storage Lists and Doc Libs Any
Key Limitations No Server Code Hosting Expertise Required
Choosing between Cloud-Hosted and SharePoint-Hosted.
Cloud Hosted Apps SharePoint Hosted Apps
Preferred hosting model for almost all types of apps
Good for smaller apps & resource storage
Full power of web – choose your infrastructure & technology
SharePoint-based; no server-side code
May require your own hosting Automatically hosted in SharePoint
May require you own handling of multitenancy & permission management
Inherent multitenancy & isolation
App Shapes for SharePoint
Full page
Implement complete app experiences to satisfy business scenarios
PartsCreate app parts that can interact with the SharePoint experience
UI Command extensionsAdd new commands to the ribbon and item menus
App identity• Challenge with SPS2010• Farm solutions – too much privileges - risk of
RunWithElevatedPrivileges• Sandbox solutions – no RunWithElevatedPrivileges – always
under user context
• In SharePoint 2013 apps have their own identity and specific permissions• Installing user either grants or denies permissions to host web• Permission is explicitly given for a specific scope• App identity is passed around using oAuth tokens
App rights• Default rights : Read, Write, Manage and Full Control• Not possible to customize• Apps are granted permissions to a scope and all
children of the scope• Defined in declarative XML
App scopes• SPSite – site collection• SPWeb – site• SPList • Tenancy• Other scopes (and rights) for performing search queries,
accessing taxonomy data, user profiles, etc...
sharepoint apps: authentication and trust
http://intranet.contoso.com
http:// /sites/web/appguidtenant-apphash1.contosoapps.com
main SharePoint site app1 SharePoint site
http://apps-87e90ada14c175.contosoapps.com/sites/web/014c9c59-5d9c-4a59-a5ce-2116a4c90296
Azure Access Control Service (ACS)• ACS required with oAuth implementation in SharePoint
2013• How is the ACS server configured as the authentication
server?• Automatically done for sites in Office 365 Preview• On-premise farms, a trust to ACS must be configured. Possible
to avoid when using Server-to-server (S2S) trust
JavaScript Library
Silverlight Library
.Net CLR Library
Custom Client Code
Client
Server
_api is new alias for _vti_bin/client.svc
SharePoint 2013 Remote API
RESTODataJSON
CSOM
REST URLs in SharePoint 2013• CSOM URLs can go through _api folder• Replace
• http://sharepoint/_vti_bin/client.svc/web
• With• http://sharepoint/_api/web
• Example REST URLs targeting SharePoint sites• _api/web/lists• _api/web/lists/List1• _api/web/?$select=title,id• /_api/web/lists/getByTitle('Consultants')/Items• ....
Provider Hosted – S2S• High trust applications used on-premise• Can assert any user’s identity• Requires configuration to establish trust between
SharePoint farm and S2S app• Needs to be done for every S2S app
Configure S2S• App Isolation is configured• Disable App Principal check• Generate Public/Private certificate pair• Generate Client Id• Set up Security Token Issuer• Register App Principal• Update Web.config and ensure user profiles exist• http://www.binarywave.com/blogs/eshupps/Lists/Posts/P
ost.aspx?ID=267
APP DEVELOPMENT INTRO
azure autohosted apps
REST, CSOM
APP
SQL AZURE
SERVICES
DATA
provider hosted apps
REST, CSOM
APP
DATABASES
SERVICES
DATA
Autohosting is for team apps• Team apps• Resource tracking• Team processes• Event receivers• Individual productivity• Document assembly, etc.
Autohosted appsProvider-hosted apps
Number of users
Apps
deployment, upgrade, configuration
From Developer to End User
Dev center
submission
Office Store
Integrated
Office Store
DirectVendor/
IT projects
SharePointApp
Catalog
TRIAL/ PURCHASE
TRIAL/PURCHASE
Office and SharePoint
Developer
End users
IT admin
Marketplace
apps upgrade process
animated
New Version Available
1.0.0.01.0.1.0
what to use and when?
Infrastructure configuration for SP Apps1) Wild card DNS entry for app domain2) Apps service application and subscription service
created in environment hosting SP apps3) SharePoint application for routing the incoming
requests to app DNS entry4) App catalog created for SharePoint applications to
enable end users to utilize appsSharePoint farm
http://*.apps192.168.x.x
DNS configuration on-premises• Define wildcard DNS entry for
apps• *.apps.contoso.com or something
similar
• Configure app address in SP side using Central Admin or PowerShell • One address per farm
App configuration for on-premises farm• Ensure that App service application and subscription service are
created and running in farm• Subscription service is used to provide unique Site Collection ID for
App Urls
• Apps will be hosted on own domain, within their own frame• Leverages web browser same-origin policy for script isolation
• URL naming – each app has unique URL – one app – one = URL• http://default-appUID.apps.contoso.com • appUID – combination of site collection ID and particular SPWeb where app is
installed
http://sp/sites/webhttp:// /sites/web/appguid
tenant-apphash1.contosoapps.com
main SharePoint site app1 SharePoint site
http://apps-87e90ada14c175.contosoapps.com/sites/web/014c9c59-5d9c-4a59-a5ce-2116a4c90296
get app to site collection• All site content provides
functionality to add apps• Both market place and corporate
catalog visible from single place• Users can add Apps to be
available• Apps can request permissions,
depending on implementation
resources• dev.office.com• blogs.msdn.com/b/officeapps• blog.tedpattison.net• http://
www.andrewconnell.com/blog/archive/2012/10/02/fully-scripted-solution-for-creating-and-registering-self-signed-certs.aspx• http://
www.binarywave.com/blogs/eshupps/Lists/Posts/Post.aspx?ID=267
questions?
WWW.DRAGAN-PANJKOV.COM
@PANJKOV
thank you.
SHAREPOINT AND PROJECT CONFERENCE ADRIATICS ZAGREB, 11/28/2012
Top Related