Transcript ABOUT ME
SharePoint Apps for the IT Pro
#spsnl 2014
ABOUT ME Thomas Vochten SharePoint MVP. Platform architect. Speaker. Trainer. Involuntary DBA. Consultant at Xylos. V-TSP at Microsoft.
@thomasvochten http://thomasvochten.com
AGENDA
INTRODUCTION TO APPS
THE PROBLEM WITH FULL TRUST CODE (FTC)
PREVIOUS ATTEMPTS TO FIX THE PROBLEM
MORE FRUSTRATIONS
WELCOME TO THE CLOUD APP MODEL (CAM)
EVERYTHING IS AN APP
THE NEW MICROSOFT ?
http://officespdev.uservoice.com/ https://officeams.codeplex.com/
TYPES OF APPS
SHAREPOINT HOSTED APPS
PROVIDER HOSTED APPS
PROVIDER HOSTED APPS
AUTO HOSTED APPS
APPS POSITIONING
APPS USER EXPERIENCE
SHAREPOINT STORE
WHO DO YOU TRUST ?
APP PROVISIONING
FULL PAGE
APPS UI COMPONENTS
PREPARING THE INFRASTRUCTURE
DEMO ENVIRONMENT
“Host-named site collections are the preferred method to deploy sites in SharePoint 2013”
From: TechNet
Exploring the demo environment
DNS PREREQUISITES
CHOOSE AN APP DOMAIN
CERTIFICATES
ROUTING WEB APPLICATION https://app-bdf2016ea7dacb.contosoapps.com/...
Routing Web App No host header
ROUTING WEB APPLICATION https://app-bdf2016ea7dacb.contosoapps.com/...
ROUTING WEB APPLICATION
SHAREPOINT PREREQUISITES
SHAREPOINT CONFIGURATION
CONSIDERATIONS
Configuring infrastructure for Apps
SIMPLE, RIGHT?
APPS SECURITY
SECURITY BASICS
SharePoint 2013 can authenticate Apps!
APP AUTHENTICATION It just works
AUTHENTICATION FLOW
start authentication does request target a CSO M/REST endpoint?
no yes does request carry a claims token?
yes does request target URL of an app web?
no does request carry an access token?
yes does access token Carry user identity?
yes yes App Authentication (app and user identity) no no App Only Authentication No Authentication (anonymous access) no User Authentication
end aut hentication
APP PERMISSIONS
LOW TRUST VS HIGH TRUST
LOW TRUST VS HIGH TRUST
SharePoint
On premises On premises Office 365 Office 365
Remote App
In cloud On premises In cloud On premises
Trust broker
ACS, certificate ACS, certificate ACS ACS
KERBEROS?
SAML AUTHENTICATION
SUMMARY
QUESTIONS ?
#spsnl @thomasvochten