My Apps on the SharePoint Store

My Books

  • Apps
  • Azure
  • REST
  • CSOM/JSOM
  • Service Apps
  • WCF
  • REST/OData
  • CSOM/JSOM
  • SharePoint API
  • Silverlight
  • jQuery

Recent blog posts

User login

Home | Blogs

Stephane Eyskens's blog

SharePoint 2013 - Consuming custom WCF services from SharePoint-Hosted Apps in Authenticated Mode

Hi,


I don't know if you ever tried the following :

  • Create and deploy a custom WCF service inside of SharePoint using one of the built-in factories
  • Consume that WCF service from a SharePoint-Hosted App, ie via JavaScript

but if you did, you probably encountered the following problem:


The endpoint /_vti_bin/yourendpoint is not accessible in the context of a SharePoint App


SharePoint 2013 - My top 10 tips to speed up a development environment

Hi,

I've been working with SharePoint for quite a few years now in many different environments using both on-premises and Cloud-based solutions and a constant remains : SharePoint development environments are slow...

Here are a few tips that can help to speed up your dev machines.

SharePoint 2013 vs IBM Connections 4.5 - Comparison from the field

Hi,

In this blog post, I'm going to play a dangerous game which consists in comparing two products. Whenever you perform benchmarks, there is always a risk to underestimate some features and to overestimate others. Moreover, since I'm a SharePoint MVP, one could consider that I might not be totally objective in my comparison.

SharePoint 2010 Search Powershell Warmup tip with multiple authentication providers

Hi,


As you know, warmup scripts are used to "wake up" SharePoint so that when the first users are in the office, they don't encounter a very slow page load. On top of waking up the application pools of the web applications, one can also envision to wake up some services.

In a full Windows based authentication, including of course Claims & Windows, it is quite easy to do. However, in a scenario when you have a single zone with multiple authentication providers, say for instance Claims/NTLM-Kerberos & Forms/Custom Membership, things get a little more complicated.

Migrating SharePoint 2010 to 2013 applications, my top 10 attention points

Hi,

Now that I've been actively involved in two SharePoint migrations from 2010 to 2013, let me tell you what caused me the most headaches and what you'd better not underestimate in case you come yourself to migrate.

I'm not going to talk about refactoring and/or upgrading the code to be more compliant with 2013 except for the extreme situations such as using old legacy SharePoint components. So, most of the comments below are about an "as is" migration and things to consider seriously.

SharePoint 2013 migration tip - Custom Field Types

Hi,

As you might now, SharePoint 2013 comes with a native support of 2010 based solutions & user experience. It ships with two different paths such as:

  • Two different GACs. 2010 packages still deploy to the .NET 2/3/3.5 GAC while 2013 packages deploy to the .NET 4 GAC
  • Two physical locations for the TEMPLATE folder in 14 & 15
  • Some extra virtual directories in IIS to target either 14 (default) either 15 (explicit inclusion)

SharePoint 2013 - Integration Challenges - #5 Same Origin Policy - HTML5 postMessage

Hi,

I'm currently involved in integrating SharePoint with IBM Connections and I'm having a lot of fun trying to figure out all the possibilities. Since these integration considerations are not specific to SharePoint/IBM Connections, I'll blog a series of posts which will be rather short or rather long according to the topic I'm focusing on.

In this post, I'm going to focus on HTML5 postMessage. The HTML5 PostMessage API is another means to allow cross-origin communication. In a nutshell this is based on iframes or windows that are used as intermediate objects to establish the communication between the parent page and the child page as shown below:

  • 1. The parent page embeds an IFRAME that points to the child page. Both the child page and the parent page declare a onmessage handler to receive incoming messages
  • 2. The parent page sends a message, usually in JSON format to the child page using the htmlPostMessage method of the IFRAME object
  • 3. The child page potentially replies something

  • There are other modes based on popup windows but the concepts are similar.


    Scenario


    In this post, I'm going to elaborate on a scenario where a page hosted in IBM Connection consumes SharePoint data. Here is a screenshot of that page:

    When clicking on the buttons, the page retrieves in JSON format either the list of documents (excluding pptx) authored by the current user, either the list of presentations (only pptx).



    Let's code it now




SharePoint 2013 - Integration Challenges - #4 Same Origin Policy & Authentication - CORS

Hi,

I'm currently involved in integrating SharePoint with IBM Connections and I'm having a lot of fun trying to figure out all the possibilities. Since these integration considerations are not specific to SharePoint/IBM Connections, I'll blog a series of posts which will be rather short or rather long according to the topic I'm focusing on.

In this post, I'm going to focus on CORS (Cross Origin Resource Sharing) and SharePoint 2013 considering that one way to consume SharePoint data from non Microsoft products is to leverage the SharePoint 2013 REST APIs. Microsoft solutions could make use of the CSOM but it's not available when working with Java. Moreover, CORS is bi-directional while the CSOM in combination or not with the App Model is meant to consume SharePoint data from remote but not the other way around. Moreover, the App Model is also most suited when remaining in the Microsoft stack. I know that you can build provider-hosted apps with any technology including JAVA but it's probably not the easiest path.
So, I'll take the angle of a remote application (say java) that tries to consume SharePoint's REST API. But the same kind of technique can be used if you wish to work the opposite way (from SharePoint to a Remote App exposing some REST APIs)
If you haven't read my previous posts of this integration challenges serie (click the Integration tag), you'd better do it to have a full picture of the possibilities. I'm not going to explain what's the same-origin policy anymore.

CORS recap


In a nutshell, CORS is a communication between a browser and a server based on specific HTTP headers. The below schema shows a basic CORS conversation between a browser and a server:

where:

  • 1) The preflight options request is sent depending on several factors such as the VERB being used (GET,POST,PUT,DELETE) and some custom headers emitted by the client request. Also, this preflight request can be cached using the max-age attribute.
  • 2) The server *should* return a 200 response including the expected CORS http headers.
  • 3) According to the headers returned by the server in the response, the browser will perform or not the actual cross-domain request
  • 4) The response from the remote domain

As this schema shows, this looks quite simple. On the server-side you can control which origin is allowed and which methods. So, you could for instance decide that GET and POST are allowed but not PUT and DELETE.
You could allow some specific HTTP Headers or not etc..



Ok for the theory but what about real world?






SharePoint 2013 - Integration Challenges - #3 Same Origin Policy & Authentication - Cross-Domain Library

Hi,


I'm currently involved in integrating SharePoint with IBM Connections and I'm having a lot of fun trying to figure out all the possibilities. Since these integration considerations are not specific to SharePoint/IBM Connections, I'll blog a series of posts which will be rather short or rather long according to the topic I'm focusing on.
In this post, I'm going to focus on the SharePoint Cross-Domain library which turns out to be suitable only in some scenarios.



Read this one first


Make sure you read this post first http://www.silver-it.com/node/150


SharePoint 2013 - Integration Challenges with remote applications - #2 Same Origin Policy & Authentication - Reverse Proxy

Hi,

I'm currently involved in integrating SharePoint with IBM Connections and I'm having a lot of fun trying to figure out all the possibilities. Since these integration considerations are not specific to SharePoint/IBM Connections, I'll blog a series of posts which will be rather short or rather long according to the topic I'm focusing on.

In this post, I'm going to focus on very common problems when dealing with integration of external products.



Which API should I use?