Provider-hosted Config

Use a provider-hosted App with HTTP

Posted on Updated on

In some cases you may want to use HTTP instead of HTTPS in your ISS Web Site for consuming in your SharePoint Provider-hosted App. Here how to do it

if ((Get-PSSnapin -Name Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue) -eq $null)
{
    Add-PsSnapin Microsoft.SharePoint.PowerShell
} 
# Allow SPSecurityTokenService over HTTP
$serviceConfig = Get-SPSecurityTokenServiceConfig
$serviceConfig.AllowOAuthOverHttp = $true
$serviceConfig.Update()
Write-Host “You’re about to do a iisreset. Press any key to continue or CTRL+C to cancel.”
Read-Host
iisreset  
Advertisements

On-Premises Provider-hosted Apps – Part II

Posted on Updated on

Part IOn-Premises Provider-hosted Apps – Creating a Task List and Fundamental Configurations

Part II – Creating a High Trust relationship between your Web Application and SharePoint 2013

In Order to provide a trusted relation between your Web Application and SharePoint, you must tell that your website created in Part I is secure and can be added to the App Catalog and communicate with your Iframe within the Application Part of your Visual Studio project.

Task List

  1. Ensure that your have a non “sharepoint\system” user, eg: “DOMAIN\SP_Apps”
  2. Ensure that the User is part of the Site Collection Administrator in the App Calalog and Target Sharepoint Site
  3. Ensure that the User in the IIS Application Pool for the App Catalog and Target SharePoint Site have Full Control over the folder that have the Certificates
  4. Ensure that your GUID in the Powershell Command is in Lowercase, stupid? ya, but can have some issues

Creating the Full Thrust

if ( (Get-PSSnapin -Name Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue) -eq $null )
{
    Add-PsSnapin Microsoft.SharePoint.PowerShell
}
$CertPath = "C:\Certs\ProviderHostedApps.cer"
$CertName = "ProviderHostedApps"
#create certificate from cer file
$certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($CertPath)
# Make the certificate a trusted root authority in SharePoint
New-SPTrustedRootAuthority -Name $CertName -Certificate $certificate 
# Get the GUID of the authentication realm
$realm = Get-SPAuthenticationRealm
# Generate a unique specific issuer ID
$specificIssuerId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
# Create full issuer ID in the required format
$fullIssuerIdentifier = $specificIssuerId + '@' + $realm 
Write-Host $fullIssuerIdentifier
$tokenIssuerName = "ProviderHostedApps Hi-Trust Apps " + $specificIssuerId
Write-Host $tokenIssuerName
# Register the token issuer
New-SPTrustedSecurityTokenIssuer -Name $tokenIssuerName -Certificate $certificate -RegisteredIssuerName $fullIssuerIdentifier -IsTrustBroker
Write-Host "ProviderHostedApps Issuer ID:" $specificIssuerId
Write-Host "You're about to do a iisreset. Press any key to continue or CTRL+C to cancel."
Read-Host
iisreset 
 

Now go to Central Administration

_admin/ManageTrust.aspx

On-Premises Provider-hosted Apps – Part I

Posted on Updated on

PART I – Creating a Task List and Fundamental Configurations

Part II – Creating a High Trust relationship between your Web Application and SharePoint 2013

There is many information on the Internet in order to configure SharePoint Apps, the problem is that a sequence of small errors can broke your configuration. This article is provided in a way that you can follow a sequence that will help you configuring SharePoint 2013 Provided-hosted Apps On-Premises. I will provide some links in order to you configure each point of the Task List

I assume that you have SharePoint and IT Skills

Before you begin:

SharePoint 2013 Provider Hosted Apps Model:

  1. From Microsoft: Choose patterns for developing and hosting your app for SharePoint – Provider-hosted apps

What tools will i need:

  1. Microsoft Web deploy 3.5
  2. IIS 6.0 Resource Kit

Help me build a Task List in a DEV Environment

  1. Configure DNS
    1. Create a Host A for your main SharePoint Application for IP: 127.0.0.1 sp.domain.local
    2. Create a Host A for IIS Application (Isolated) for IP: 127.0.0.1 web.domain.local
    3. Create a Host A for the App Catalog (Isolated) for IP: 127.0.0.1 apps.domain.local
    4. Edit your host file “C:\Windows\System32\drivers\etc”

The goal pointing to localhost, is you can resolve all sites even not connected to Internet

  1. Configure SharePoint 2013 Apps
    1. Create a App Catalog Site in sp.domain.local under /sites/
    2. Configure SharePoint Central Administration for the App Catalog
  2. Configure IIS for web.domain.local
    1. Install Management service delegate
    2. Manage Certificates
    3. Apply SSL to web.domain.local

Create Hosts in DNS

image

Install Management service delegate

image image

Create a App Catalog Site in sp.domain.local under /sites/

image
image
image

NOTE:

Create as SP_Farm because you Can’t manage Apps as System Account

Manage Certificates

 

image
image
image
Double Click Your Certificate to CER File
 image
Right Click Your Certificate to PFX File
image

Apply SSL to web.domain.local

image
image
image

Hope that help you, I’ll see you on part II