Developing Secure Mobile Applications from SharePoint Presented by Seyfarth Shaw LLP and Something Digital

Similar documents
SharePoint Development: When Out-of-the-Box Just Isn t Enough

This Record of activity confirms that Jonathan Scrase has completed the following courses within the Microsoft Virtual Academy:

Microsoft SQL Server Review

On-premise and Online connection with Provider Hosted APP (Part 1)

Please contact Cyber and Technology Training at for registration and pricing information.

Enterprise Mobile Web Development. Robert Altland Principal Consultant, Mobility Neudesic, LLC

Developing Microsoft SharePoint Server 2013 Core Solutions

SharePoint 2013 Business Connectivity Services Hybrid Overview

Microsoft Training and Certification Guide. Current as of December 31, 2013

Microsoft Training and Certification Guide. Current as of March 16, 2015

ADS2013: App Development with SharePoint 2013

SAV2013: The Great SharePoint 2013 App Venture

RFP# ADDENDUM No. 1 Questions and Answers

Managing trust relationships with multiple business identity providers (basics) 55091A; 3 Days

Migration from SharePoint 2007 to SharePoint 2010

White Paper Converting Lotus Notes Applications to the Cloud Using the CIMtrek converter Product

Ricardo Perdigao, Solutions Architect Edsel Garcia, Principal Software Engineer Jean Munro, Senior Systems Engineer Dan Mitchell, Principal Systems

Securing Cloud Applications Using Windows Azure Access Control

CHOOSING THE RIGHT HTML5 FRAMEWORK To Build Your Mobile Web Application

Copyright

Document Management. Document Management for the Agile Enterprise. AuraTech Pte Ltd

Flexible Identity Federation

The Great Office 365 Adventure

SharePoint Apps model overview

System Requirements for Microsoft Dynamics NAV 2016

Identity Federation: Bridging the Identity Gap. Michael Koyfman, Senior Global Security Solutions Architect

TH3 Office 365 REST APIs. Peter Carson

Kony MobileFabric Messaging. Demo App QuickStart Guide. (Building a Sample Application

GOA365: The Great Office 365 Adventure

70-243: Administering and Deploying System Center 2012 Configuration Manager : Monitoring and Operating a Private Cloud with System Center 2012

nexus Hybrid Access Gateway

GSA2013: The Great SharePoint Adventure 2013

This document is provided to you by ABC E BUSINESS, Microsoft Dynamics Preferred partner. System Requirements NAV 2016

System Requirements for Microsoft Dynamics NAV 2016

Initial Value Proposition (IVP)

Cross-Platform Phone Apps & Sites with jquery Mobile

System Requirements for Microsoft Dynamics NAV 2015

Mod 2: User Management

SINGLE & SAME SIGN-ON ASPECTS

Interact Intranet Version 7. Technical Requirements. August Interact

Introduction to Mobile Access Gateway Installation

Site Configuration Mobile Entrée 4

Gladinet Cloud Access Solution Simple, Secure Access to Online Storage

Agenda. Federation using ADFS and Extensibility options. Office 365 Identity overview. Federation and Synchronization

System Requirements for Microsoft Dynamics NAV 2016

My Stuff Everywhere Your Content On Any Screen

Your Technology Partner Offshore and Onsite. Services Portfolio

MIGRATING SHAREPOINT TO THE CLOUD

WHITE PAPER. Migrating an existing on-premise application to Windows Azure Cloud

PC-Duo Web Console Installation Guide

Throughout this document, you will be instructed to log in as user Ann, or as user Julia. Log in using the user name assigned to you.

STRONGER AUTHENTICATION for CA SiteMinder

Course MS55077A Project Server 2013 Development. Length: 5 Days

Flexible Identity Federation

New Features: What s new in Windows Intune?

About Me. Software Architect with ShapeBlue Specialise in. 3 rd party integrations and features in CloudStack

Establishing two-factor authentication with Check Point and HOTPin authentication server from Celestix Networks

Explore Microsoft SharePoint 2013

Telerik: Develop Experiences

PEGA MOBILITY A PEGA PLATFORM WHITEPAPER

This course provides students with the knowledge and skills to develop ASP.NET MVC 4 web applications.

Andrej Zdravkovic Regional Vice President, Platform Solutions Intellinet

Building HTML5 and hybrid mobile apps using cloud services. Andrei Glazunov

Architecture Workshop

BlackBerry Universal Device Service. Demo Access. AUTHOR: System4u

Office 365 Cheat Sheet OneDrive for Business

MaaSter Microsoft Ecosystem Management with MaaS360. Chuck Brown Jimmy Tsang

Petroleum Web Applications to Support your Business. David Jacob & Vanessa Ramirez Esri Natural Resources Team

Microsoft Azure Cloud for Solution Architects

MS 10978A Introduction to Azure for Developers

Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps

Developing and deploying mobile apps

HTML5. Turn this page to see Quick Guide of CTTC

Making Mobile a Reality

System Requirements. Microsoft Dynamics NAV 2016

Introduction to the EIS Guide

Using Shibboleth for Single Sign- On

System Requirements for Microsoft Dynamics NAV 2016

Izenda & SQL Server Reporting Services

Developing ASP.NET MVC 4 Web Applications MOC 20486

Collaborating with External Users

Microsoft SharePoint Architectural Models

Audience Profile This course is intended for any developer that is tasked with creating applications that interface with O365.

A Standards-based Mobile Application IdM Architecture

BYOD How-To Guide. How do I securely deliver my company s applications and data to BYOD?

ROCKING THE CLOUD VDI AT SAINT PAUL COLLEGE. Najam Saeed Lisa Nguyen Rob Reiter

INFORMATION TECHNOLOGY STANDARD

Michael Noel. Colin Spence. SharePoint UNLEASHED. 800 East 96th Street, Indianapolis, Indiana USA

Building native mobile apps for Digital Factory

Microsoft Introduction to Azure for Developers

How To Use Salesforce Identity Features

Transcription:

Developing Secure Mobile Applications from SharePoint Presented by Seyfarth Shaw LLP and Something Digital

Glenn Ferrie Practice Manager Something Digital, LLC Mark Soriano Application Development Manager Seyfarth Shaw LLP Byong Kim Senior Legal Solutions Architect Seyfarth Shaw LLP Developing Secure Mobile Applications from SharePoint Presented by Seyfarth Shaw LLP and Something Digital June 10, 2014

Session Topics Seyfarth Shaw: Our journey upgrading SeyfarthLink to SharePoint 2013 to enhance the user s mobile experience Something Digital: Explore different methods of developing secure applications in SharePoint 2013

Polling http://ilta.cnf.io/sessions/101

What mobile app do we build? Immediate business need was to bring SeyfarthLink, Seyfarth Shaw s client collaboration platform, to be supported on mobile devices Clients and attorneys constantly asked whether or not their ipad or iphone could be used Decision to not build a mobile application for the sake of it The Firm wanted to develop something that would be utilized instead of spending the time and resources to build an application for marketing purposes Factors for our decision making: Learning Curve Time/Cost Demand

What approach we used Conducted a 3 day strategy session with a consulting firm focused on mobile application development Discussed pros and cons for: Native Application Mobile Website Hybrid Application SharePoint 2013 vs SharePoint 2010 Mobility HTML5 SharePoint 2010 Mode Upgrade path Search Security Enhancements

SharePoint Security Then and Now THEN In earlier releases of SharePoint, IT Pros and developers could rely on Active Directory or Forms-based authentication. Active Directory / NTLM On-premises Difficult to invite 3 rd parties Forms-base Authentication Easier to invite 3 rd parties Developers managed user access 1 st class user management took time to develop No great story for mobile users here

SharePoint Security Then and Now NOW With SharePoint 2013*, IT Pros and developers can use existing protocols for authentication as well as Claims-based authentication. With appropriate configuration, identity can be federated across many applications spanning trust realms. *you can do this with SP 2010 Active Directory / NTLM Forms-base Authentication Claims-based Authentication Federated Identity Responsive Mobile Experience for SharePoint 2013 Improved compatibility with mobile browsers for Android and ios

SharePoint Security and Now Claims-based The Basics This is the simplest view of Claims-based Authentication Issuers: Active Directory, Office 365, Microsoft, Google, Yahoo, Facebook, etc.

Issuer SharePoint Security and Now Claims-based 3 4 5 2 How it works In this graphic you will see: you (aka the client), the issuer, and the relying party. The relying party is any application, service, or resource secured with claims-based auth. 6 1 1. Unauthenticated client requests access to relying party 2. Relying party redirects the client to the issuer 3. Issuer prompts client for identification 4. Client authenticates with the issuer 5. Issuer redirects secure request to relying party 6. Relying party provides access to the client

SharePoint Security SeyfarthLink Needed to refactor custom code that was specific to authentication Encoded format i:0#.w <domain>\<user> Any reference to username Navigation Documents Recent Activity SharePoint 2010 Mode Can leverage claims-based by conversion Upgrade path to 2013 for each site more difficult Decided to create fresh 2013 sites and migrate content ourselves F5 - Big IP Appliance Access Policy Manager (APM) Reverse Proxy Server Local Traffic Manager (LTM) Load balancer

SharePoint Mobile Responsive Design Out-of-the-box (OTB) vs Custom SharePoint 2013 - Contemporary View SharePoint Device Channel - Detect specific device being used Hybrid SharePoint OTB Contemporary View and our own custom mobile responsive design Web Controls Example: Grids, Textboxes, Dropdowns Conversion of Telerik/.NET web controls to Telerik Kendo UI

SharePoint Mobile Responsive Design Transition from desktop to mobile device One webpart for both desktop and mobile experience Show/hide styles and functionality based on screen width/height Easier maintenance and support Mobile device agnostic Native device functionality limited

Client/Server Development Client Side JSON jquery CSS 3 Server Side WCF SharePoint Object Model

Testing Ramping up both onshore and offshore resources Automated testing when we can, but with mobile devices having team members be involved with usability testing Leverage existing/available tools Visual Studio 2013 Microsoft Test Manager Team Foundation Server Invested in mobile devices for testing iphone, ipad Nexus 7 Google Glass

DEMO: SeyfarthLink for Mobile Demo application SeyfarthLink - Desktop SeyfarthLink - Mobile (using responsive design)

Legend AD Active Directory STS Security Token Service RP Relying Party (App) Trust Reams A set of resources protected by an identity provider and its associated policy SharePoint Security and Now Federated Securtity enables collaboration across multiple systems, networks, and organizations in different trust realms. More info: http://msdn.microsoft.com/en-us/library/ms730908(v=vs.110).aspx

SharePoint 2013 Security Security Model Options / Platform Support http://technet.microsoft.com/en-us/library/fp161350(v=office.15).aspx

+ DEMO: Federated Auth Sample SharePoint 2013 Online (data) Federated Authentication Office 365 Microsoft Azure AD ASP.NET MVC 4 + Bootstrap Azure Web Sites SharePoint 2013 CSOM

Free Stuff! Just for you FREE Online resources that will enable you to start creating mobile web sites with SharePoint 2013 and Azure including the source code from the SD Demo. Free SharePoint 2013 Trial: http://technet.microsoft.com/en- US/evalcenter/hh973397.aspx Free Microsoft Azure Trial: http://azure.microsoft.com/en-us/pricing/free-trial/ Azure Dev Tools: http://azure.microsoft.com/en-us/downloads/ Source code (GitHub): https://github.com/glennferrie/ilta2014demo Telerik Kendo UI http://www.telerik.com/download/kendo-ui

The Office 365 Trust Center - http://office.microsoft.com/en-us/business/office-365- trust-center-cloud-computing-security- FX103030390.aspx Links & References SharePoint, Security, Compliance Links for IT Pros and Developers configuring SharePoint environment on-premises or in the cloud. Overview of identity, authentication and authorization in Office 2013 - http://technet.microsoft.com/enus/library/jj683102(v=office.15).aspx Configure SP2013 for claims-based authentication - http://technet.microsoft.com/enus/library/ee806890(v=office.15).aspx What s new in auth for SP2013 http://technet.microsoft.com/enus/library/jj219758(v=office.15).aspx

A Guide to Claims-based identity and access control http://msdn.microsoft.com/en-us/library/ff423674.aspx Links & References continued More Links for IT Pros and Developers configuring SharePoint environment onpremises or in the cloud. Mobile security and authentication in SharePoint 2013 http://technet.microsoft.com/enus/library/fp161350(v=office.15).aspx Federated Authentication Overview - http://msdn.microsoft.com/enus/library/ee517293.aspx What s new for mobile devices for SharePoint 2013 http://technet.microsoft.com/enus/library/fp161352(v=office.15).aspx F5 BIG IP Appliance https://f5.com/products/big-ip

Office Dev Center http://dev.office.com Developer Resources Links for devs Get some help. SharePoint 2013 / Azure Resources Articles, Walkthoughs, and Sample Code SharePoint for IT Pros http://technet.microsoft.com/en-us/sharepoint/ Azure Dev Center http://azure.microsoft.com/en-us/develop/net/ Azure Doc Center http://azure.microsoft.com/en-us/documentation/

Questions We ll now open it up for questions

Thank You

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information