1 / 22

Developing SharePoint Apps for Office 365

Developing SharePoint Apps for Office 365. Steve Wright Senior Manager Sogeti USA, LLC. Contact Info. Thank You!. For Sponsoring the Developer Track. About Me – Steve Wright. Senior Manager in Sogeti’s Business Information Management (BIM) Practice

gomer
Download Presentation

Developing SharePoint Apps for Office 365

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Developing SharePoint Apps for Office 365 Steve Wright Senior Manager Sogeti USA, LLC Contact Info

  2. Thank You! ForSponsoring the Developer Track

  3. About Me – Steve Wright • Senior Manager in Sogeti’s Business Information Management (BIM) Practice • SharePoint and .NET Consultant in Omaha for 17 years • Author of books on SQL Server, SharePoint Business Intelligence, SharePoint Governance and SharePoint Designer • New book on app development from Apress E-Mail - Steve.Wright@us.sogeti.com

  4. Agenda • Introduction to the Cloud App Model • Comparing SP 2010 and SP 2013 Development • Using SharePoint Apps in SharePoint • App Architecture and Patterns • UI Components of a SharePoint App • The Development Environment • Security in SharePoint Apps • Q&A

  5. Introduction to the Cloud App Model Cloud App Model was introduced in SharePoint 2013 as an alternative to Full Trust and Sandboxed solutions. • Similar to the development model introduced for Windows 8, the Windows Runtime (WinRT), Office 2013, and Windows Phone 8. • A SharePoint app is a single package of functionality that can be installed, used and uninstalled on a SharePoint site with very little overhead or footprint on the SharePoint server farm. • App files are managed entirely by SharePoint itself. There are no solution files scattered throughout the SharePoint "hive".

  6. Solutions for SharePoint 2010 Revisited • Applications built for SP 2010 were of two varieties. • Full Trust Solutions • Access to everything in the server farm. • Security dependent on the developer. • Poorly written solutions could cripple or crash the server farm. • Too much access. Too little control. • Sandboxed Solutions • Limited to accessing resources within their own site collection. • Restricted to a subset of the server-side model. • Ran in a separate Windows process to protect SharePoint. • Too limited. Too difficult. DEPRECATED!

  7. Apps Designed for the Cloud The Cloud App Model was designed to improve performance and stability of multi-tenant SharePoint deployments like SharePoint Online. • No client application can be allowed to produce an unmanageable load on the farm or crash server processes. • Apps cannot execute ANY CODE within the SharePoint server farm. • Apps use client-side technologies like JavaScript and web service calls for all custom logic. • SharePoint 2013 contains a vastly-improved Client-Side Object Model (CSOM) for use by apps. The Server-Side Object Model (SSOM) is not available to apps. • Apps use sophisticated web service call mechanisms like REST and OData to access SharePoint data and remote resources.

  8. Using Apps in SharePoint 2013 Using apps for SharePoint is very similar to using apps on mobile devices such as Android- or iOS-based phones. • A SharePoint app can be acquired from the SharePoint Store or from an App Catalog deployed by the organization. • The app is installed into a SharePoint site, not the server. • An authorized user installs the app on a site which then makes it available to other users. • When the app is no longer needed it is uninstalled by the user and all associated files and configurations are removed completely.

  9. DEMO – Using an App in SharePoint Let’s play Tic-Tac-Toe!

  10. Design Patterns - App Structure SharePoint App Webs • Host Web - where the app is installed • App Web - contains the apps files • Remote Web - contains ASP.NET server-side logic SharePoint App Project Templates • SharePoint-Hosted– Host + App? • Auto-Hosted– Host + App + Azure-hosted Remote Web • Provider-Hosted– Host + App + Self-hosted Remote Web

  11. Design Patterns – Client-Side vs. Server-Side Rules of Thumb • Use client-side code whenever possible. • Use server-side code (i.e. remote web) only when necessary. • Server-side code runs outside of SharePoint, so • It is outside SharePoint's security boundary. • It must use client libraries or web services to access SharePoint just like browser-based code.

  12. SharePoint App UI Components • Immersive Web Pages - Full browser pages served from the app web or a remote web. • Client Web Parts - Provides the contents to an IFRAME embedded in a SharePoint page as a web part. (a.k.a. App Parts)

  13. SharePoint App UI Components (Cont.) • Style Sheet Inheritance – Conform to the host site’s branding. • Chrome Control – Inherit navigation and contextual elements from the host site. • Custom Actions - Provide new menu items on the ribbon or Edit Control Block (ECB).

  14. DEMO – Hello World! Because what would a development talk be without one?

  15. The Development Environment • Server Infrastructure • SharePoint Online (part of O365) • On-site SharePoint 2013 Server farm • No client OS installation supported! • Developer Environment • Workstation • Visual Studio 2012 • Microsoft Office Developer Tools for Visual Studio 2012 • Napa Office 365 Development Tools • Free development tool available in the Office Store • Actually a provider-hosted SharePoint app!

  16. DEMO – Napa / Client Web Part

  17. Security - Tokens SharePoint Apps use tokens to represent various security-related values. • Generated and passed between components to provide secure communications. • Tokens used by SharePoint use the Security Assertion Markup Language (SAML) XML format. • Tokens are only useful when the party receiving the token trusts the token issuer. • Types of Tokens • Identity (or User) Token • Server-to-Server Token • Context Token • Access Token

  18. Security – App Permissions The app must request specific permissions in its manifest. The user must grant those permissions in order to install the app. • Scope- Specifies the SharePoint resources that are accessible to the app. • Permission - Specifies the type of actions that can be taken on the resource. • Properties - Optionally, specifies additional information for the scope of the permission. <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web/list" Right="Write"> <Property Name="BaseTemplateId" Value="101"/> </AppPermissionRequest>

  19. Security - Authentication Users: "Who are you?" • SharePoint 2013 uses claims-based authentication. • On-site - Use Active Directory, FBA or custom claims providers. • Online - Microsoft Online Directory Service (MS-ODS) • Hybrid - Use identity federation (eg. ADFS) to manage users in both environments. Apps: "What app are you using?" • Each deployed app has a unique identity. • App identity used to grant permissions tothe app's codebase.

  20. Security - Authorization Policies "What are you allowed to do?" • User-Only Policy- Access is granted based only on the user's identity. • User+App Policy- Access is granted only if BOTH the user AND the app have the required permissions. • App-Only Policy- The app provides the necessary user identity information with each request. (“High-Trust” apps only)

  21. DEMO – Access SharePoint Data

  22. Questions? E-Mail - Steve.Wright@us.sogeti.com Contact Info

More Related