Designing for SharePoint Provider Hosted Apps

Download Designing for SharePoint Provider Hosted Apps

Post on 16-Apr-2017

358 views

Category:

Technology

0 download

Embed Size (px)

TRANSCRIPT

<p>Build BestBuy.com in 60 minutes</p> <p>Roy KimJuly 12, 2014Designing for SharePoint Provider Hosted Apps On-premise</p> <p>Key TopicsTraditional On Premises Design</p> <p>Provider Hosted App DesignUsage ScenariosApplication Development</p> <p>AgendaTypical On Premises DesignProvider Hosted App Value PropositionsProvider Hosted App SolutionsProvider Hosted App ArchitectureApplication LayersSecurity AspectsSolution Packaging OptionsQ&amp;A</p> <p>UIChrome controlBusiness logicJavaScriptC#/VBRemote Event ReceiverSP data accessREST API.NET CSOMJSOMCustom Data storeSecuritySP App AuthenticationRemote app authentication</p> <p>Typical On Premises App Design</p> <p>Full Trust solutionsASP .NET web formsSandbox solution has its limitationsProduct Upgrade challengesStore relational data in lists</p> <p>Build customizations off of SharePoint Server</p> <p>SharePoint</p> <p>Remote ApplicationCustomizationsBuild on different platformsHigh workloadsSharePoint is more robustSharePoint is upgradableTypical On Premises App DesignMore scalableCloud Ready</p> <p>Consists of both an app for SharePoint that is deployed directly to a SharePoint 2013 site; and a separately deployed web application.Can have its own SQL databaseNo automatic list or library provisioning in the SP host web.Remote app Manifested for use in a SharePoint siteProvider Hosted App Overview</p> <p>Only App Web</p> <p>Hosted in its own web serverBrowser</p> <p>Provider hosted App Architecture</p> <p>Data StoreLists and LibrariesBusiness LayerData Access LayerPresentation LayerBrowser</p> <p>Business LayerData Access LayerPresentation LayerServer Side Approach (e.g ASP .NET)Client Side Approach (HTML, css, JavaScript)</p> <p>SharePoint vs Remote Application</p> <p>User profiles and socialContent and collaborationList based data structuresSharePoint</p> <p>Highly transactionalRelational data structuresHigh workloadHigh capacityRemote ApplicationComparison by Design</p> <p>SharePoint vs Remote Application</p> <p>Team SitesPortalContent ManagementSharePoint</p> <p>CRMSupply ChainEcommerceHuman ResourcesRemote ApplicationComplimentary Solution Examples</p> <p>Provider hosted App Architecture</p> <p>SQL ServerBrowser</p> <p>App PartsFull Immersive Chrome ControlJquery, Angular, BootstrapEntity FrameworkCSOM, RESTWCF.NET, Java, PHP</p> <p>Site column and Content typesLists &amp; LibrariesMaster Pages Web PartsCustom Web ServicesAPIsThemes and stylesRemote AppApp Part, Full Immersive Page (Chrome Control), UI custom actionApplication Layer Breakdown</p> <p>PresentationRenderingUI WidgetsControlsUI LogicClient API librariesHTML 5 / CSSBootstrapJQuery UIModernizrAngularJSKnockoutJSBackboneSharePoint REST APISharePoint JSOMSP Cross domain library</p> <p>BrowserIE, Chrome, FirefoxSafariClient Side Application Design</p> <p>Evaluate and ConsiderationsPerformanceCan we achieve adequate page loadBrowser same origin policyTo what extent we want to make http calls to other APIs in a different domain?iFrame limitations and impact JavaScript objects in isolation to parent window object.As a result, DOM objects can not be referenced across frames (via JS) user interface runs in isolation in iFrame.JSONP Browser supportCan we support all Deloitte browser standards? IE8 partial HTML5Ray follow up with IE upgrade to IE9/HTML5Do we care to support browsers for mobile? FLUID layout, device independence, BB HTML5 is trickymyDeloitte is wider platform + BYODWork out compatiblity list safari, chrome, Android is not supported by firmLeverage modernizr helps support IE8Feature detection, do polyfillsJavaScript/html development is generally much more time consuming than ASP.NET web forms development?Server Side code via ASP .NET web formsDo we see apps being built as web forms (e.g. c#)? Legacy appsDefine a standard for creating apps more with SPA styleIn client web part (iframe), explore limitations and impact with isolation between parent window and iframe window.13</p> <p>Expose Remote App in SharePoint SiteHave app do something to the SP itemDisplay and interact with App along side SP dataTake over experience with App with SP behind the scenes</p> <p>Which one do we care to support?Case by case</p> <p>Identify usability experience of each.</p> <p>How to portray a legacy app?How do we put a windows 8 app?App Catalog legacy app (iframe?), win8 app?</p> <p>14</p> <p>UI Custom Action</p> <p>Expose Remote App in SharePoint Site</p> <p>Application Programming InterfacesBrowser</p> <p>SharePointRESTWebServer</p> <p>JSOMREST.NETCSOMAPI</p> <p>Data Access Layer Service Interaction(AJAX)</p> <p>ServerObject ModelRemote App</p> <p>Sharepoint APIs</p> <p>SharePoint APIs</p> <p>How do we get data from another app?</p> <p>SharePoints JavaScript cross domain libraryS2S via web proxy</p> <p>teamsites.comapp-123.apps.com</p> <p>S2S JavaScript cross domain library</p> <p>Browser level security - Same origin policy</p> <p>Prerequisites for packaging and publishing high-trust appshttp://msdn.microsoft.com/en-us/library/jj860570.aspx</p> <p>Server to Server App authorization</p> <p>CertificatesA high-trust app is a provider-hosted app for SharePoint for use on-premises, which uses the server-to-server protocol.A high-trust app must still request app permissions.A high-trust app uses a certificate instead of a context token to establish trust.Not OAuthhttp://msdn.microsoft.com/en-us/library/fp179901.aspxConsider certificate management on expiry</p> <p>OAuthAccess Control Services can be leveraged for in the cloudIs there ACS on premise yet? (I dont think so) or any OAuth server for download and useWhat is the advantage over certificates?</p> <p>18</p> <p>S2S Security</p> <p>Server-To-Server SecurityReference:http://blogs.msdn.com/b/scicoria/archive/2013/05/03/using-s2s-for-on-premises-access-with-forms-based-access-fba-in-sharepoint-2013.aspx</p> <p>App PermissionsApp Only</p> <p>App + User</p> <p>User</p> <p>SharePoint Deployment ArtifactsSolution Packaging</p> <p>Deploying Branding Solutions for SharePoint 2010 Sites using Sandboxed Solutions http://msdn.microsoft.com/en-us/library/gg447066(v=office.14).aspx</p> <p>Deploying modules require associating them manually or programmatically through a feature event receiver. For example, MasterUrl and CustomMasterUrl and AlternateCssUrl</p> <p>StructureWeb TemplateSite Column and Content TypesLists and LibrariesGroups and permissionsBrandingMasterpageCSS, images, JSPagesFunctionalWebPartsApplication pagesUser controlsEvent receiversWorkflowsProvisioning logic</p> <p>21</p> <p>Farm solutions vs. No code solutions vs. App</p> <p>Farm SolutionNo Code/ Declarative SolutionSharePointAppAdministration servicesPlatform servicesEnd-user solutionsMake it an app where possibleSolution Packaging</p> <p>No Code/ Declarative SolutionSharePointAppFarm Solution</p> <p>Solution Packaging</p> <p>Deploying Branding Solutions for SharePoint 2010 Sites using Sandboxed Solutions http://msdn.microsoft.com/en-us/library/gg447066(v=office.14).aspx</p> <p>Deploying modules require associating them manually or programmatically through a feature event receiver. For example, MasterUrl and CustomMasterUrl and AlternateCssUrl</p> <p>StructureWeb TemplateSite Column and Content TypesLists and LibrariesGroups and permissionsBrandingMasterpageCSS, images, JSPagesFunctionalWebPartsApplication pagesUser controlsEvent receiversWorkflowsProvisioning logic</p> <p>23</p> <p>Q&amp;A</p> <p>Thanks to our sponsors!</p> <p>Connect. Collaborate. Share.</p> <p>Toronto SharePoint Users Grouphttp://www.meetup.com/TorontoSPUG/</p> <p>Toronto SharePoint Business Users Grouphttp://www.meetup.com/TSPBUG/</p> <p>SharePoint Saturday Torontohttp://spbuzz.it/spstoyam </p> <p>SharePintDrake and Firkin aka The Drake6982 Financial Drive, Unit B101</p> <p>Dont Miss the PrizesXbox One with KinectYour favorite SharePoint booksTraining vouchersOffice 365 Swag (tweet #ShareSelfie #spstoronto to win)Vendor gifts and raffle</p> <p>Security</p> <p>Options for accessing SharePoint data from your remote app or inbound scenariosOptions for accessing data on your remote app from SharePoint or outbound scenarios</p> <p>From ServerFrom Browser</p> <p>Data access options for apps in SharePoint 2013http://msdn.microsoft.com/en-us/library/fp179897.aspx29</p>

Recommended

View more >