For those of you who are "in the app way" with SharePoint 2013 (no, not a lot different from being "in the pregnant way", as they say), you'll reach that point sooner or later where the token signing certificate for your SharePoint STS expires if you are using low trust apps on premises. Why is…
Tag: App Model
Debugging SharePoint Apps That Are Hosted In Windows Azure Web Sites
Today, I'm going to be the lazy human I'm so frequently accused of being by my somewhat faithful dog Shasta, and bring together two posts written by two other folks into one uber "ain't it cool how this all works together post" by me. Here are the two concepts we're combining today: Publishing a provider-hosted…
Getting the Current User Identity in a Low Trust App in SharePoint 2013
Today's post comes primarily because it's a common question, but not because it's a particularly brilliant answer; maybe just a bit unexpected. If you followed the some of the differences between low trust and high trust apps in SharePoint, you will know that in a low trust app, SharePoint knows who the user is, versus…
Another Tip if Visual Studio Times Out Trying to Deploy Your App in SharePoint 2013
I've had this happen to me, seemingly randomly, a number of times before. You open Visual Studio and create a new SharePoint App. You go through the wizard and then hit F5 to run, deploy and debug your app. Something happens along the way though…you watch the output window and it just keeps counting time…
How To Control App Token Lifetimes in SharePoint 2013
Today's post is the first selection from the little twitter contest I announced on the Share-n-Dipity blog a few days ago: http://blogs.technet.com/b/speschka/archive/2013/09/04/use-social-tools-to-tell-me-what-you-want-to-see-here-next.aspx. Shariq wanted to know more about the lifetime for high trust app tokens, as he tweeted here: @speschka – I would be keen to understand more around caching tokens in High Trust Apps….
Security in SharePoint Apps – Part 8
PREVIOUS: Security in SharePoint Apps – Part 7 For this, the very last in the series, I just wanted to briefly talk at a high level about the process you should be doing when developing an App for a SharePoint site that uses SAML (or FBA for that matter). I’ve already written a detailed post…
Security in SharePoint Apps – Part 7
PREVIOUS: Security in SharePoint Apps – Part 6 In this part of the series, I’m going to shift gears a bit and talk about high trust apps and the plumbing that goes along with them. As I’ve explained somewhat earlier in this series, one of the big differences between low trust and high trust apps…
Security in SharePoint Apps – Part 6
PREVIOUS: Security in SharePoint Apps – Part 5 As promised, in this part of the series we’re going to talk about the big dogs of App security – those options that you can use to let you do anything, anywhere with your content. Specifically we’re going to look at App Only policy apps, and tenant…
Security in SharePoint Apps – Part 5
PREVIOUS: Security in SharePoint Apps – Part 4 As promised in Part 4, there’s actually a very interesting type of application that you don’t even install in a site collection. How can this be you ask…well let’s talk about it. With most apps, you have to deploy it somewhere to be installed – the SharePoint…
Security in SharePoint Apps – Part 4
PREVIOUS: Security in SharePoint Apps – Part 3 In Part 3 I talked about how SharePoint sends over a context token with the request for an App when using low trust (this does NOT come over to a high trust app). It’s worth looking at what a context token is, and how we compare that…