6. Voraussetzungen
• Office 365 Tenant
Eröffnen Sie einen freien 1-Monat Test:
http://office.microsoft.com/
• Windows Azure
90-Tage freier Test:
http://www.windowsazure.com/dede/pricing/free-trial/
• Visual Studio 2013
• Ein paar Bibliotheken…
Goldpartner:
Veranstalter:
7. Authentifizierung und Identities
Authentifizierung als
berechtigter Benutzer
in unserem Web
Portal
Authentifizierung als
berechtigter
Benutzer/App für das
jeweilige Service
Was darf der Benutzer
in unserer App?
Goldpartner:
Veranstalter:
9. Federated Authentication
1. Request Token
mit
App-ID + Secret
oder
Username +
Password
STS
Authority
2. Get Token
Resource
App
3. Use Token
Achtung: STS Token <> STS Token!
WAAD verwendet JSON Web Token (JWT), SharePoint SAML Token
Goldpartner:
Veranstalter:
10. Live Demo
ASP.NET Web Projekt mit Office 365 Authentifizierung
Goldpartner:
Veranstalter:
11. ADAL for .net
• Active Directory Authentication Library (ADAL) v1 for .NET –
General Availability! (Vittorio Bertocci)
http://www.cloudidentity.com/blog/2013/09/12/activedirectory-authentication-library-adal-v1-for-net-generalavailability/
• Windows Azure Authentication Library (AAL) for Windows
Store: a Deep Dive (Vittorio Bertocci)
http://www.cloudidentity.com/blog/2013/04/22/windowsazure-authentication-library-aal-for-windows-store-a-deepdive/
• ADAL 1.0 and Windows Store Apps
(Alex Simons) – coming soon
http://social.msdn.microsoft.com/Forums/en-US/faf520ce1653-4eac-b398-c4bfcbc5c7fe/adal-10-and-windows-storeapps
11
Goldpartner:
Veranstalter:
15. Integrating Applications
in Windows Azure Active Directory
Access Level Type
Description
Single Sign-On
Default permission. The app is enabled for single sign-on with Azure AD,
and the user token will contain claims such as the user’s User Principal
Name, First and Last Name and unique identifiers.
Single Sign-On,
Read Directory Data
Single sign-on plus the ability to read directory data using the Graph
API. This allows querying of company, user and group information.
Single Sign-On,
Read and Write Directory Data
Single sign-on plus the ability to read and write directory data using the
Graph API. This allows querying and writing of company, user, and group
information, but does not allow deleting users or groups.
http://msdn.microsoft.com/en-us/library/windowsazure/b08d91fa-6a64-4deb92f4-f5857add9ed8.aspx#BKMK_AccessLevels
15
Goldpartner:
Veranstalter:
16. Was kann in Windows Azure
verwendet werden?
Access method
Azure Website
$
Azure Cloud Service
$$$
WAAD
Exchange EWS
Exchange PowerShell
SharePoint CSOM
SharePoint REST
SharePoint PowerShell
Lync SDK
Lync PowerShell
16
Goldpartner:
Veranstalter:
17. Zusammenfassung
• Verwenden Sie Federated Authorization
(OAuth2)
• Verwenden Sie GraphAPI für WAAD
Manipulationen
• Verwenden Sie Office 365 Services
• Entwicklen Sie tolle Lösungen mit Office
365!
Goldpartner:
Veranstalter:
18. Call 2 Action
• Laden Sie diese Präsentation und den
Beispielcode:
http://blog.atwork.at
• Interessiert an einer fertigen Office 365
Produktlösung?
http://delegate365.com
18
Goldpartner:
Veranstalter:
19. Graph API Links
•
•
•
•
•
19
Windows Azure Graph API
http://code.msdn.microsoft.com/Graph-API-Authenticate-and-53c6cb92/view/SourceCode
GraphAPI Explorer
https://graphexplorer.cloudapp.net/
MVC Sample App for Windows Azure Active Directory Graph
http://code.msdn.microsoft.com/windowsazure/Write-Sample-App-for-79e55502
Adding Sign-On to Your Web Application Using Windows Azure AD
http://msdn.microsoft.com/en-us/library/windowsazure/dn151790.aspx
Group & Role Claims: Use the Graph API …
http://www.cloudidentity.com/blog/2013/01/22/group-amp-role-claims-use-the-graph-api-toget-back-isinrole-and-authorize-in-windows-azure-ad-apps/
Goldpartner:
Veranstalter:
20. SharePoint Links
•
•
•
•
•
20
SharePoint Online Management Shell (PS) http://www.microsoft.com/enus/download/details.aspx?id=30359
OAuth and remote apps for SharePoint
http://msdn.microsoft.com/en-us/library/office/apps/fp179932.aspx
Office365ClaimsConnector
http://www.codeproject.com/Articles/637378/How-to-Create-a-Windows-8App-for-SharePoint-Part
OAuth authentication and authorization flow for apps that ask for access
permissions on the fly in SharePoint 2013
http://msdn.microsoft.com/en-us/library/office/apps/jj687470.aspx
Helper for:
http://json2csharp.com/
Goldpartner:
Veranstalter:
21. Exchange Links
• Microsoft Exchange Web Services Managed API 2.0
http://www.microsoft.com/enus/download/details.aspx?id=35371
• Getting started with the EWS Managed API
http://msdn.microsoft.com/enus/library/dd633626(v=exchg.80).aspx
• Connect to Exchange Online Using Remote PowerShell
http://technet.microsoft.com/enus/library/jj984289(v=exchg.150).aspx
21
Goldpartner:
Veranstalter:
22. Lync Links
• Lync 2013 SDK (only for WPF)
http://www.microsoft.com/en-us/download/details.aspx?id=36824
• Windows PowerShell Module for Lync Online
http://www.microsoft.com/en-us/download/details.aspx?id=39366
• Lync PowerShell
http://blogs.office.com/b/office365tech/archive/2013/08/19/remotepowershell-for-lync-online.aspx
• Using Windows PowerShell to Manage Lync Online
http://technet.microsoft.com/en-us/library/dn362831.aspx
22
Goldpartner:
Veranstalter: