Post on 16-Apr-2017
Roy Kim
July 12, 2014
Designing for SharePoint Provider Hosted Apps On-premise
Key Topics
Traditional On Premises Design Provider Hosted
App Design Usage Scenarios Application Development
Agenda Typical On Premises Design Provider Hosted App Value
Propositions Provider Hosted App Solutions Provider Hosted App Architecture Application Layers Security Aspects Solution Packaging Options Q&A
UI Chrome control
Business logic JavaScript C#/VB Remote Event Receiver
SP data access REST API .NET CSOM JSOM
Custom Data store Security
SP App Authentication Remote app authentication
Typical On Premises App Design
• Full Trust solutions• ASP .NET web forms• Sandbox solution has its limitations• Product Upgrade challenges• Store relational data in lists
Build customizations off of SharePoint Server
SharePointRemote Application
• Customizations• Build on different platforms• High workloads
• SharePoint is more robust• SharePoint is upgradable
Typical On Premises App Design
• More scalable• Cloud Ready
Consists of both an app for SharePoint that is
deployed directly to a SharePoint 2013 site; and
a separately deployed web application.
Can have its own SQL database No automatic list or library
provisioning in the SP host web. Remote app “Manifested” for use in
a SharePoint site
Provider Hosted App Overview
Only App Web
Hosted in its own web serverBrowser
Provider hosted App Architecture
Data StoreLists and Libraries
Business LayerData Access Layer
Presentation LayerBrowser
Business LayerData Access Layer
Presentation Layer
Server Side Approach (e.g ASP .NET)
Client Side Approach (HTML, css, JavaScript)
SharePoint vs Remote Application
User profiles and social
Content and collaborationList based data structures
SharePointHighly transactionalRelational data structuresHigh workloadHigh capacity
Remote Application
Comparison by Design
SharePoint vs Remote Application
Team Sites
PortalContent Management
SharePointCRM
Supply ChainEcommerceHuman Resources
Remote Application
Complimentary Solution Examples
Provider hosted App Architecture
SQL Server
Browser
App Parts
Full Immersive Chrome ControlJquery, Angular,
Bootstrap
Entity FrameworkCSOM, REST
WCF
.NET, Java, PHP
Site column and Content types
Lists & Libraries
Master Pages
Web PartsCustom Web Services
APIs
Themes and styles
Remote App
App Part, Full Immersive Page
(Chrome Control), UI custom action
Application Layer Breakdown
PresentationRendering
UI WidgetsControls
UI Logic
Client API libraries
HTML 5 / CSS
BootstrapJQuery UIModernizr
AngularJSKnockoutJSBackbone
SharePoint REST APISharePoint JSOMSP Cross domain
library
Browser IE, Chrome, FirefoxSafari
Client Side Application Design
Expose Remote App in SharePoint Site
Have app do something to the SP item
Display and interact with
App along side SP data
Take over experience with
App with SP behind the
scenes
UI Custom ActionExpose Remote App in SharePoint Site
Application Programming Interfaces
Browser
SharePoint
REST
WebServer
JSOM
REST
.NETCSOM
API
Data Access Layer Service Interaction
(AJAX)
ServerObject Model
Remote App
Sharepoint APIsSharePoint APIs
How do we get data from another app? SharePoint’s JavaScript cross domain library S2S via web proxy
teamsites.com
app-123.apps.com
S2S
JavaScript cross domain library
Browser level security - Same origin policy
S2S SecurityServer-To-Server Security
Reference:http://blogs.msdn.com/b/scicoria/archive/2013/05/03/using-s2s-for-on-premises-access-with-forms-based-access-fba-in-sharepoint-2013.aspx
App PermissionsApp Only
App + User
User
SharePoint Deployment Artifacts
Structural
• Web Template
• Site column & Content types
• Lists & Libraries
Branding
• Master page
• CSS, JavaScript, images
• Pages
Functional
• Web parts• Application
pages, user Controls
• Event receivers
• Workflows• Provisionin
g logic• Timer job
Solution Packaging
Farm solutions vs. No code solutions vs. App
Farm SolutionNo Code/
Declarative Solution
SharePointApp
Administration servicesPlatform services
End-user solutions
Make it an app where possible
Solution Packaging
Structural
• Web Template
• Site column & Content types
• Lists & Libraries
Branding
• Master page
• CSS, JavaScript, images
• Pages
Functional• Web parts• Application
pages, user Controls
• Remote event receivers
• Workflows• Provisionin
g logic• Timer job• Custom
APIsNo Code/
Declarative Solution
SharePoint
App
Farm Solution
Solution Packaging
Q&A
Thanks to our sponsors!
Connect. Collaborate. Share.
Toronto SharePoint Users Grouphttp://www.meetup.com/TorontoSPUG/
Toronto SharePoint Business Users Grouphttp://www.meetup.com/TSPBUG/
SharePoint Saturday Torontohttp://spbuzz.it/spstoyam
SharePint Drake and Firkin aka “The Drake” 6982 Financial Drive, Unit B101
Don’t Miss the Prizes… Xbox One with Kinect Your favorite SharePoint books Training vouchers Office 365 Swag
(tweet #ShareSelfie #spstoronto to win) Vendor gifts and raffle
SecurityOptions for accessing SharePoint data from your remote app or inbound scenarios
Options for accessing data on your remote app from SharePoint or outbound scenarios
From Server
From Browser