This document provides an overview of provider hosted apps in SharePoint 2013. It discusses what SharePoint apps are, the different types of apps, and the definition of host and app webs. It also covers how to create a high trust provider hosted app, including debugging, packaging, and deployment. The presentation includes a demo and questions from attendees.
SharePoint 2013 “App Model” Developing and Deploying Provider Hosted Apps
1. 1
SharePoint 2013 “App Model”
Developing and Deploying Provider HostedApps
Sanjay Patel
Principal Consultant
Neudesic
Sanjay.Patel@neudesic.com
2. 2
Agenda
What are they(SharePoint apps)?
Types of SharePoint Apps
Definition: Host Web and App Web
Creating High trust SharePoint Provider Hosted App
Debugging - Provider Hosted App
Packaging and Deployment of Provider Hosted App
Demo
Questions
2
3. 3
SharePoint Apps The “new coolness” of adding functionality to your SharePoint site
It is a new and preferred way of doing development going forward
Apps are essentially web applications which run “Outside” of
SharePoint Host Web
It is a web application that is registered with SharePoint using an
app manifest.
You can use any language, such as HTML, JavaScript, PHP, or
.NET
Common IDEs are Microsoft Visual Studio 2012, and a new web-
based tool, "Napa" Office 365 Development Tools
You can connect your app with just about any internal or public web
services, take advantage of the new OAuth 2.0 support in
SharePoint, and use the Representational State Transfer (REST)
and client APIs (JavaScript and .NET) to integrate and connect your
app with SharePoint.
Use Client Side Object Model (CSOM) to talk to SharePoint
JavaScript (asynchronous)
.NET (synchronous or asynchronous)
A lot more hassle then the old method, but it is the “new coolness”
Why Apps?
5. 5
Summary: Cloud Hosted vs.
SharePoint Hosted
5
Cloud Hosted Apps SharePoint Hosted Apps
It is a preferred hosting model for almost all types
of apps
It is good only for smaller apps & resource
storage
It provides full power of web – choose your
infrastructure & technology
It is SharePoint-based; no server-side
code
This may require your own hosting It is automatically hosted in SharePoint
6. 6
Definition: Host Web and
App/Remote Web
“Host” web – The website where the app is installed, The website from where the app is
launched
https://neudesic.sharepoint.com/clients/microsoft
“App” web – The “special” website where the app is deployed to
In the same site collection as “host” web
https://app.prefix-app.id.neudesic.sharepoint.com/clients/microsoft
AKA
http://app-bdf2016ea7dacb. neudesic.sharepoint.com/clients/microsoft
7. 7
Creating a High Trust Provider
Hosted App
Create a Site Collection using “Developer Site” template
Create test certificate
Generate an Issuer ID - A high-trust app uses a certificate instead of a context token to
establish trust
Configure SharePoint 2013 for server -to-server app use and configure trust for your app
(Add the certificate to SharePoint’s list of trusted root certificate authorities)
Create a trusted security token service. Which fetches metadata from your app (for
example, the certificate) and establishes trust with it, so that SharePoint 2013 can accept
tokens that are issued by your app
Create a SharePoint Project using “App for SharePoint 2013” project template
Configure App Permissions (e.g. Site Collection, BCS etc.)
Add functionality into the App as per your requirement
7
8. 8
Debugging - Provider Hosted
App
Point project to the to the “Developer Site” site instance in project properties
Hit F5
The application gets deployed to “Developer Site”– it becomes “Host” web
The App gets deployed to “Remote” web
When you are debugging the Remote Web will be deployed on IISExpress
Communication between SharePoint and the Remote web on IISExpress will happen
using server-to-server protocol
8
9. 9
Packaging and Deployment of
Provider Hosted App
Register your High-Trust app by obtaining an AppId and Secret
(http://yoursite/_layouts/15/appregnew.aspx)
Publish App – (Use AppId as ClientId)
Generated Artifacts
<SharePointApp>.app(.zip file)
AppIcon.png
AppManifest.xml
Elements and Feature file(s)
<SharePointApp>.Web.deploy.cmd
<SharePointApp>.Web.deploy-readme.txt
<SharePointApp>.Web.SetParameters.xml
<SharePointApp>.Web.zip
Deploy Remote Web using Microsoft Web Deploy(msdeploy)
Publish.app in App Catalog
Install the App
9
11. PRINCETON SHAREPOINT USER GROUP
• Different SharePoint discussions each
month on various topics. Announced on
meetup.com
• Meets 4th Wednesday of every month
• 6pm – 8pm
• Infragistics Office
• 2 Commerce Drive, Cranbury, NJ
• http://www.meetup.com/princetonSUG
• http://www.princetonsug.com
12. THANK YOU
EVENT
SPONSORS
• Platinum & Gold sponsors
have tables here in the
Fireside Lounge
• Please visit them and
inquire about their
products & services
• To be eligible for prizes
make sure your bingo
card is signed by all
Platinum/Gold
Why Apps?The number of concepts and artifacts makes SharePoint difficult to learn, End users get confused with many options in ribbon and on the page so Microsoft found that user only understands 1) Site, 2) People 3) Apps 4) Themes, So they want to center the SharePoint experience on these conceptsAside from the end-user perspective, Apps fill a technical need as well. There have been big issues with fully-trusted applications. They can destabilize the farm; they are difficult to migrate to new versions of SharePoint.The initial attempt to solve this problem was sandboxed solutions. The problem with sandboxed solutions is that they were very limiting.Custom code runs inside SharePoint environment , Farm solution runs inside the worker process of the host siteMicrosoft doesn’t want us to write server side code…why? So that people don’t blame them!The app model enables developers to create new solutions that can be implemented using various different UX approaches. These different approaches can be used individually or combined:Immersive/Full Page: This would be an app that does not leverage much from SharePoint except possibly the user interface. An example of this would be the Office Web Apps or an app such as a CRM or accounting system.Part App: These types of app may simply add a Web Part to a site that act as the gateway/window to another app or service. Examples could be a time reporting or news control.Extension App: These types of apps could be a mix of SharePoint & non-SharePoint assets. For example a time reporting app could use SharePoint document libraries to store timesheets and extend the ribbon / Site Actions menu to submit new timesheets and approve them.
Cloud-hosted: Includes at least one remote component and may also include SharePoint-hosted components. Within this category are two important types of apps:Provider-hosted: These apps include components that are deployed and hosted outside the SharePoint farm. They are installed to the host web, but their remote components are hosted on another server.Write in anything (ASP.NET, PHP, Ruby, whatever)CSOM – JavaScript and .NETHard to deal with AuthenticationPowerfulCould be really richAuto-hosted: Remote components are provisioned and deployed for you on Windows Azure. As with a provider-hosted app, an auto-hosted app for SharePoint interacts with a SharePoint website but also uses resources and services that are located on a remote site that is hosted by Windows Azure. What’s different with an Azure Auto-Hosted app is that the app package contains the website & database in the package. When the app is installed in a site, SharePoint handles the automatic provisioning of the database (as a SQL Azure database) and website (as an Azure hosted website) using an account that has been setup by the SharePoint farm administrator.Package Includes ASP.NET website and Database CSOM – JavaScript and .NETOnly works in Office 365/SharePoint OnlineSharePoint-hosted:SharePoint will host the app in a special isolated subweb (SPWeb) called AppWeb that has all the same capabilities of a regular SPWeb.Server side code is not permittedAll logic & code runs in the clientEasy to buildLargely UselessCSOM – JavaScript
A high-trust app is a provider-hosted app for SharePoint for use on-premisesA high-trust app uses the server-to-server protocolIt's not intended for use in a cloud-hosted environment.The issuer ID and the certificate together identify the issuer of the app. The issuer ID must have a one-to-one correspondence with the certificate, so whenever you create a new certificate for a high-trust app, you must create a new issuer ID to associate with it, and if you use the same certificate for more than one app, you must associate the same issuer ID with itAdd the certificate to SharePoint’s list of trusted root certificate authorities Create a trusted security token service. Which fetches metadata from your app (for example, the certificate) and establishes trust with it, so that SharePoint 2013 can accept tokens that are issued by your app Permissions (Full Control, Read, Write or Manage)Token Helper