jim wilt chief software architect metrics reporting, inc. arc402
TRANSCRIPT
A SharePoint Pattern Language
Jim WiltChief Software ArchitectMetrics Reporting, Inc. ARC402
ObjectivesAnswer the question, “What is an architectural pattern and pattern language?”
Define a SharePoint specific pattern language in support of repeatable solutions
Demonstrate how a SharePoint pattern language is actionable
Objectives (special)
Your feedback on:Q1: Does this special type of pattern language add value to your solution design efforts?
Q2: Who do you say the target audience of this material should be?
(please write answers to these special objectives in the comments section of your evaluation)
Why Single Out SharePoint?
Because it is a premier platform for web applications both in the enterprise and in the cloud!
What? Need Proof?
It’s already happening…
Why Patterns?
“Each pattern describes a problem which occurs over and over again in our environment, and then describes the core of the solution to that problem, in such a way that you can use this solution a million times over and over, without ever doing it the same way twice”
-- Christopher Alexander
For example, an Arch
A Universal Pattern LanguageYou might also like…
All good, but all require time to digest
So, why a SharePoint pattern language?
( why not use an existing pattern language? )
Other Universal Languages
Music
Math
Code
1 + 2 = 3
Universal Languages are often Specific
Music
Math
Code
1 + 2 = 3
A SharePoint pattern language does make sense!
Hasn’t P&P already done this?Yes, and it’s great… You might also like…
Also all good, but all focus on execution
Gang-of-Four and P&P each effectively addresses specific audiences…
Theoretical Applied
…but are at opposite ends of the spectrum
A SharePoint pattern language can bridge the gap
Best Architecture
Best Implementation
It pulls from the best standard patterns and pushes to the best implementation patterns
Best Solution Design
A SharePoint pattern language can bridge the gap
Adding field experience will further enhance the patterns
Experience
Best Architecture
Best Implementation
Best Solution Design
Defining a Pattern Language
“Each pattern is a three-part rule which expresses a relation between a certain context, a problem, and a solution.”
-- Christopher Alexander
Pattern languages are composed of 4 elements:
The pattern name is a handle used to describe the problem
The problem describes when to apply the pattern
The solution describes the elements that make up the design and their relationships
The consequences are the results and trade-offs when applying the pattern
SharePoint Additions
The Solution Scope dimension
The Implementation Approach dimension
SharePoint Platform
Solution Scope Dimension
Micro-feature: Single web part, field, content type, etc.
Contained application: Centralized, single instance
Organic Application: Templates, reusable features, configurability.
Solution Scope DimensionMicro feature
Very specific component or other feature asset that can be used in a SharePoint solutionExamples:
Accessible text editing web partWorkflow activity that connect to your application’s services
Contained applicationA full featured application that uses SharePoint capabilities to solve a set of needs in a centralized wayExamples:
HR systemPublic web presence
Organic applicationThe combination of a full feature set that a business can use as foundation for creating additional applications Examples:
Project management Collaboration centersGenerally, only one solution scope dimension applies
Implementation Approach Dimension
•Search scopes•Site structure•BDC configuration•List structuring•Native web part configurations
•CSS & chrome•Master page layout and customization•Workflow composition•Meta-data and document types•List definitions and form customization
•Custom web parts•Site and list template creation and packaging•Feature packaging•Custom workflow activities•Event receivers
No code
SharePoint Designer
Visual Studio
One to many implementation approaches may apply
A note on Solution Complexity & CostM
icro
Featu
reC
onta
ined
App
Org
an
ic A
pp
Feat
ures
Architecture & Development
Deployment, M
anagement, Gove
rnance, S
upport
SharePoint DesignerNo Code Visual Studio
Hosted/Cloud Friendly
Local/Enterprise
Hosted
Less Costly
$
More Costly$$$$$
The approach…
A SharePoint Pattern Language
SharePoint Pattern Language Sections
Pattern NameIntentDesign ScenarioStructure/ConceptConsequences & Trade-OffsScope ConsiderationsRelated Patterns & Anti-PatternsReference Links
Pattern Name
“It's not about elitism--it's about efficiency. It's not about impressing others--it's about a shared understanding of specific concepts. It's about being able to talk about ideas or processes or even parts with fewer words and (potentially) greater meaning.“
--Kathy Sierra
Intent
What does the design pattern do?
What is its rationale and intent?
What particular design issue or problem does it address?
Design Scenario
A scenario that illustrates a design problem and how the pattern solves the problem
The scenario helps clarify the more abstract description of the pattern that follows
Structure/Concept
A representation of the components in the pattern
Can be anything from logical diagrams to mock-up screens
Consequences & Trade-Offs
How does the pattern support its objectives?
What are the trade-offs and results of using the pattern?
Scope Considerations
Micro-featureContained ApplicationOrganic Application
Generally, only one of these applies
Implementation Considerations
No CodeSharePoint DesignerVisual Studio
One or more of these may apply and they are then rated as:
Less recommendedRecommendedBest choice
Related Patterns & Anti-Patterns
What design patterns are closely related to this one? What are the important differences?
Are there anti-patterns which exemplify what to not do?
Reference Links
Push to the P&P content to further direct configuration, optimization, and implementation
Link to any documentation, online references, webinars, etc. that promote further understanding and direction to implementation
example
Pattern Name
Secured Anonymous Input
IntentWhat does the design pattern do? This pattern is for acquiring private information from an anonymous source that remains secure from other public access.
What is its rationale and intent?There are times when from a public site you may wish to acquire information (e.g., contact data like address, phone, etc.) from a non-authenticated user where you must assure the data you collect remains private. This is the pattern for getting information from an anonymous source in a secure, private manner.
What particular design issue or problem does it address?Securely acquiring information from a pubic facing site's anonymous users.
Design ScenarioA scenario that illustrates a design problem and how the pattern solves the problem
This pattern is for a public facing site that would like to acquire information from a non-logged in user. It might be contact information, a survey where they can securely issue a complaint, or perhaps, financial or other sensitive information to be gathered. For a membership-site, this pattern would be used by the public facing side to present an application for membership to public users. What anonymous users see:
Information may be collected: Access to that information is guarded through obfuscation:
Design Scenario (continued)A scenario that illustrates a design problem and how the pattern solves the problem (continued)
Only Administration has access to the collected data through a web part view only they can access. What administrators see:
Structure/ConceptA representation of the components in the pattern
This feature is implemented using a Custom List: The custom list is created as any normal list with the addition of a calculated field, Thank You, that will contain a message displayed after the private input form is submitted. The field is calculated so that it is not displayed in the input form and so the text displayed can easily be modified by authorized designers only.
The list is made private & secure by deleting the All Items view, replacing it with a Thank-You view (w/no toolbar) that displays only one record (filter ID=1) which is seeded in the list.
Administrative access to the list contents is made through the creation of a Web-Part document library that uses the list's web-part with full toolbar and filter ID≠1.
Further security is obtained by obfuscating the DispForm.aspx for the list (requires SharePoint Designer)
Consequences & Trade-OffsHow does the pattern support its objectives?This pattern is easy to implement and requires little SharePoint Designer involvement to result in an effective, pleasant/clean, and highly functional interface to anonymous users that behaves close to most Web 2.0 systems currently in the public domain.
Not having to deploy custom DLLs is a real plus, especially when working in a Software Plus Services environment where SharePoint is hosted and adding custom DLLs is generally prohibited.
What are the trade-offs and results of using the pattern?Security through obscurity is not as solid as protecting anonymous data through custom code.
Scope ConsiderationsThis is a Micro-feature
Implementation ConsiderationsNo Code: Recommended• Create a Custom List and set up the input fields for the data to be captured.• Create an additional Thank-You field
as a calculated field with the desired post-submit message.
A calculated field is never displayed on the input form. Because the message is displayed both when the form is submitted and cancelled, it must be generic enough to represent both actions.
Implementation Considerations (continued)No Code (continued): Recommended• Modify the default List View a Thank You
view which only presents the calculated Thank-You field, has no toolbar, and only displays the first (seeded) list item.
• A document library (e.g., PrivateContent) is created to host Web-Part Pages with permission set to only allow access to administrators . A Web-Part Page is created in the document library with a web-part to the custom list content. The web-part is configured to display the content as desired (Edit the current view) and a Full Toolbar is used to allow modifications to the custom list settings.
• An SSL link to the SharePoint site is highly recommended when collecting sensitive information.
Implementation Considerations (continued)SharePoint Designer: Best choiceDo the following in addition to the No Code option:• Obfuscate the DispForm.aspx to mitigate
SharePoint-aware hacking.
• Check-Out the associated Thank-You List View (e.g., ThankYou.aspx) and add custom style sheets to format the list display more prominently.
Using a GUID is a good idea.
Implementation Considerations (continued)Visual Studio: Less recommendedThere currently is no value advantage when using Visual Studio in this approach.
Related Patterns & Anti-PatternsWhat design patterns are closely related to this one? What are the important differences?
Initially, one might think that using a Survey with anonymous access would be easier, but this is a completely different approach. Collecting, manipulating, and formatting information out of a custom list is much easier and more flexible when compared to surveys. Further, there is greater control over the response to submitted information in a custom list.
Using a Discussion is similar to a survey, but it renders all input public.
Are there anti-patterns which exemplify what to not do?It is less desirable to collect private or secured information from an anonymous user in any form of an open format.
Any attempt to control anonymous input information with workflow will fail. Forcing impersonation to allow workflow from anonymous accounts is a serious breach of security in that it compromises the entire server greatly.
Reference LinksA complete webinar demonstrating this pattern can be found here:
geekSpeak: Security from a Public, Anonymous Windows SharePoint Services 3.0
demo
SharePoint Pattern Delivery Options
Word
OneNote
InfoPath
Which do you prefer?
More to come with SharePoint 2010!
To be continued…
ReferencesMatt Hessinger, Hessinger Consulting: [email protected] Wilt, Metrics Reporting, Inc: [email protected] 1007 public websites delivered on SharePoint: http://www.wssdemo.com/Pages/websites.aspxAlexander, Ishikawa, Silverstein, "A Pattern Language", New York, Oxford University Press, 1977Gamma, Helm, Johnson, Vlissides, "Design Patterns: Elements of Reusable Object-Oriented Software", Addison-Wesley, 1995Microsoft Patterns & Practices SharePoint Guidance-August 2009: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=91f3c22c-8be7-4721-9449-84f699337d55#tm Kathy Sierra, "Why Web 2.0 is more than a buzzword", 2006, http://headrush.typepad.com/creating_passionate_users/2006/11/why_web_20_is_m.htmlMetrics Reporting SharePoint Learning Center: https://www.mriwm.com/ProjectSites/Learn%20SharePoint/default.aspx
question & answer
Objectives (special)
Your feedback on:Q1: Does this special level of pattern add valve to your solution design efforts?
Q2: Who do you say the target audience of this material should be?
(please write answers to these special objectives in the comments section of your evaluation)
www.microsoft.com/teched
Sessions On-Demand & Community
http://microsoft.com/technet
Resources for IT Professionals
http://microsoft.com/msdn
Resources for Developers
www.microsoft.com/learningMicrosoft Certification and Training Resources
www.microsoft.com/learning
Microsoft Certification & Training Resources
Resources
Complete an evaluation on CommNet and enter to win an Xbox 360 Elite!
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.