SharePoint Tools learned at ShareCamp

I had the opportunity to attend to ShareCamp in Microsoft München and hier are some interesting tools that I saw during the lessons:

Name	Description
Search query tool	Really nice tool for generating search queries against SharePoint 2013. You can see the xml and field names that come from SharePoint. Really helpful when creating custom search templates.
dotPeek	A free alternative to .NET Reflector by JetBrains
PowerGUI	A free tool like Powershell ISE but better.
IronSP	Interesting tool for development for SharePoint in Ruby. Currently under development and not simple to use without deep knowledge of the project.
Collaboration Manager	A commercial tool for managing SharePoint templates including upgrades. However it costs lots of money.

Hope you find this list helpful.

Google Id/Windows Authentication in SharePoint 2010 using Windows Azure

In this article I will describe how to enable signing in using Google Id, Windows Open Id, Facebook or Yahoo account to a SharePoint 2010 site collection. As authentication provider I will use Windows Azure Platform.
Here are the steps you have to do:

Configure the Azure platform

1. Create an account on Windows Azure Platform using your Windows Live Id. There is 90 days evaluation period available on Windows Azure that is free, additionaly the Access Control Services I will use as authnetication provider are free at least until December 2012. During the registration process you will be however asked to fill in you credit card number. For more information about pricing see this.
2. After you created your azure account go to the Windows Azure management portal  https://windows.azure.com/.
3. In the portal click “Services Bus, Access Control & Caching ” and then “Access Control”. See following picture
4. 
5. Click new to create a new namespace and select a unique name for the namespace and the region where your server exists and click “Create namespace” button
6. Wait until the namespace is activated. It takes several minutes
7. Click the newly created namespace and then “Access Control Service”
8. Click “Identity providers” and add the providers that should be used in your SharePoint site collection for the authentication. See folllowing image.
9. 
10. Click Relying party application button in the left tab and add a new Relying application and fill the form as marked in the following image. The url should be the url of your sharepoint web application.
11. 
12. Also check the “Create new rule group”
13. Now click the “Rule groups” and click Generate. The form should look like this afterwards:
14. 
15. Click save.
16. Click  “Application Integration” under “Development” tab. Then “Login pages” and then your relying service application.
17. Copy the content of the textbox und option 1. It should look like this https://yournamespace.accesscontrol.windows.net:443/v2/wsfederation?wa=wsignin1.0&wtrealm=http%3a%2f%2fsharepoint2010%2f
18. For now you are done with the azure platform configuration. Now go to your SharePoint server where should be the claims authentication enabled.

Create and export new certificate

1. Run following command “MakeCert.exe -r -pe -n “CN=<yournamespace>.accesscontrol.windows.net” -sky exchange -ss my”. The Makecert.exe can you find in this folder: C:\Program Files\Microsoft Office Servers\14.0\Tools
2. Here http://msdn.microsoft.com/en-us/library/gg185932.aspx  you can find a description how to export the newly created certificate for the communication betwen SharePoint and Azure.
3. Once you have the file go back to Azure platform to your namespace and click “Certificates and keys” and click “Add” button in the “Token signing” section.
4. Upload the exported certificate and leave the other setings to default

Configure SharePoint to use claims
Run following script. Replace following things:

1. Path to the certificate
2. Password of the certificate
3. $realm (it is the Url you gave in the Relying Application Settings as Realm). Mind the slashes.
4. $signinurl It is the url from step 17
5. The names of the providers.

Add-PSSnapin "Microsoft.SharePoint.PowerShell"

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("yourcertificatename.pfx","yourpassword")

$map1 = New-SPClaimTypeMapping "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "Email" -SameAsIncoming

$realm = "http://sharepoint2010/"

$signinurl = "https://yournamespace.accesscontrol.windows.net:443/v2/wsfederation?wa=wsignin1.0&wtrealm=http%3a%2f%2fsharepoint2010%2f"

New-SPTrustedIdentityTokenIssuer -Name "Azure ACS" -Description "Windows Azure ACS v2" -Realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map1 -SignInUrl $signinurl -IdentifierClaim $map1.InputClaimType

New-SPTrustedRootAuthority -Name "Azure Test Token Signing" -Certificate $cert

$issuer = Get-SPTrustedIdentityTokenIssuer
$authority = Get-SPTrustedRootAuthority
$issuer.ProviderUri = $signinurl
$issuer.Update

Check if the things work:

1. Open central administration and open Web application
2. Click Create new Web application
3. Switch to claims authentication
4. Check the “Azure ACS”
5. Create new web application
6. Create new site collection
7. Set the permissions on the site collection that the users have access to the site collection
8. Log in with your Google Id to the site collection

References:  Travis Nielsen blog

Creating Secure Store Service Application through Powershell

SSSA is a good way how to store credentials for accessing external systems.
Here is a script that will help you to create such a service application through powershell.
Thanks to the codeplex project autospinstaller for the inspiration.

Add-PsSnapin Microsoft.SharePoint.PowerShell
$serviceApplicationPool  = "SecurityTokenServiceApplicationPool" #name of the application pool under which the application should run
$secureStoreDatabaseName  = "SecureStoreServiceDatabase" #the sharepoint database where the service app will store the data
$secureStoreApplicationName  ="Secure Store Service Application" #name of the service application
$secureStoreApplicationProxyName  ="Secure Store Service Application Proxy" #name of the service application proxy
$secureStoreAdministrator = "domain\administrator" #the administrator of the application
$secureStoreUser = "domain\user" #the group or user that will have access to service application. I use the group configuration
$secureStoreAdministratorEmail = "adminemail" #email of the administrator
$serviceContext = "http://localhost" # the url for getting the service application context
$targeApplicationUserName= "administrator" #user name which will be used to access the external application
$targetApplicationUserPassword = "password"
#password which will be used to access the external application
$passPhrase = "PassPhrase" #passphrase for securing the application

If ($secureStoreApplicationName -eq $null) {$secureStoreApplicationName = "State Service Application"}
# Get the service instance
$SecureStoreServiceInstances = Get-SPServiceInstance | ? {$_.GetType().Equals([Microsoft.Office.SecureStoreService.Server.SecureStoreServiceInstance])}
$SecureStoreServiceInstance = $SecureStoreServiceInstances | ? {$_.Server.Address -eq $env:COMPUTERNAME}
If (-not $?) { Throw " - Failed to find Secure Store service instance" }
# Start Service instance
If ($SecureStoreServiceInstance.Status -eq "Disabled")
{
	Write-Host  " - Starting Secure Store Service Instance..."
	$SecureStoreServiceInstance.Provision()
	If (-not $?) { Throw " - Failed to start Secure Store service instance" }
	# Wait
	Write-Host  " - Waiting for Secure Store service..." -NoNewline
	While ($SecureStoreServiceInstance.Status -ne "Online")
	{
	   Write-Host  "." -NoNewline
		Start-Sleep 1
		$SecureStoreServiceInstances = Get-SPServiceInstance | ? {$_.GetType().ToString() -eq "Microsoft.Office.SecureStoreService.Server.SecureStoreServiceInstance"}
		$SecureStoreServiceInstance = $SecureStoreServiceInstances | ? {$_.Server.Address -eq $env:COMPUTERNAME}
	}
	Write-Host  $($SecureStoreServiceInstance.Status)
}
			# Create Service Application
			$GetSPSecureStoreServiceApplication = Get-SPServiceApplication | ? {$_.GetType().Equals([Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplication])}
			If ($GetSPSecureStoreServiceApplication -eq $Null)
			{
				Write-Host  " - Creating Secure Store Service Application..."
				New-SPSecureStoreServiceApplication -Name $secureStoreApplicationName -PartitionMode:$false -Sharing:$false -DatabaseName $secureStoreDatabaseName -ApplicationPool $serviceApplicationPool -AuditingEnabled:$true -AuditLogMaxSize 30 | Out-Null
				Write-Host  " - Creating Secure Store Service Application Proxy..."
				Get-SPServiceApplication | ? {$_.GetType().Equals([Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplication])} | New-SPSecureStoreServiceApplicationProxy -Name $secureStoreApplicationProxyName -DefaultProxyGroup | Out-Null
				Write-Host  " - Done creating Secure Store Service Application."
			}
			Else {Write-Host  " - Secure Store Service Application already provisioned."}

			$secureStore = Get-SPServiceApplicationProxy | Where {$_.GetType().Equals([Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy])}
			Start-Sleep 5
			Write-Host  " - Creating the Master Key..."
			Update-SPSecureStoreMasterKey -ServiceApplicationProxy $secureStore.Id -Passphrase $passPhrase
			Start-Sleep 5
			Write-Host  " - Creating the Application Key..."
			Update-SPSecureStoreApplicationServerKey -ServiceApplicationProxy $secureStore.Id -Passphrase $passPhrase -ErrorAction SilentlyContinue

$usernameField = New-SPSecureStoreApplicationField –Name “UserName” -Type UserName –Masked:$false
$passwordField = New-SPSecureStoreApplicationField –Name “Password” –Type Password –Masked:$true
$fields = $usernameField,$passwordField

$adminClaim = New-SPClaimsPrincipal –Identity $secureStoreAdministrator –IdentityType  WindowsSamAccountName
$userClaim = New-SPClaimsPrincipal –Identity $secureStoreUser –IdentityType  WindowsSamAccountName
$targetApp = new-spsecurestoretargetapplication -name "externalApplication" -friendlyname "externalApplication" -contactemail $secureStoreAdministratorEmail -applicationtype Group -timeoutinminutes 3
$ssApp = New-SPSecureStoreApplication –ServiceContext $serviceContext –TargetApplication $targetApp –Field$fields –Administrator $adminClaim -CredentialsOwnerGroup $userClaim
$firstCredential = ConvertTo-SecureString $targeApplicationUserName –AsPlainText –Force
$secondCredential = ConvertTo-SecureString $targeApplicationUserPassword –AsPlainText –Force
$credentialValues = $firstCredential,$secondCredential
Update-SPSecureStoreGroupCredentialMapping  –Identity $ssApp –Values $credentialValues

Pex and Moles Testing Framework for SharePoint

Here is a quickstart for working with unit testing framework for SharePoint. This Framework is called Moles. You can download it here. It is free academic use and Microsoft partners.

So how this Framework works: It allows you to replace any method with by you defined delegate. So here is a simplistic function:

Simple Intro

public static bool IsInFuture(DateTime date)
{
	return date > DateTime.Now;
}

So this function is not easily unit testable, because the DateTime.Now is not a constant value. What we can do with moles is following:

[TestMethod()]
[HostType("Moles")]
public static void IsInFutureTest()
{
      MDateTime.NowGet = () => new DateTime(2010,09,01);
      bool actual = SuperClass.IsInFuture(new DateTime(2010, 09,03));
      Assert.IsTrue(actual);
}

The interesting thing here is the MDateTime construct, that comes from moles and the function replaces the actual method call with by us defined function that returns a constant date.
So here is what we have to do when we want to use the MDateTime construct:

1. Install Pex and Moles.
2. Add a new item of type “Moles and Stubs for Testing”  into the unit test project.  This file has to be called mscorlib.moles, because  the DateTime class is located in the mscorlib.dll. When you add this file the moles Framework analyses the dll and create the stubs. These stubs are the classes with the “M” prefix.
3. Add following attribute [HostType(“Moles”)] to the test method. This tells moles framework to replace the actual methods with custom delegates.
4. For this type you have to also add following row to the assemblyinfo.cs of the test project [assembly: Microsoft.Moles.Framework.MoledType(typeof(DateTime))]

SharePoint Unit Testing

You can stub in this way all SharePoint objects e.g. SPContext, SPList etc. All you have to do is to add new moles file with the name Microsoft.SharePoint.moles. This has actually one drawback and it is that it is a lot of coding to fullfill all the expectations that you use in the method to be tested. There come behaviors for SharePoint in play. It offers stubs with predefined behaviors against you can unit test your code. In all these cases you  don’t access the physically SharePoint, in extreme there can be no SharePoint installed at all.

So where can you find Behaviors for SharePoint. They are part of the Moles project and you can find it on the machine where moles are installed on the following path \Program Files (x86)\Microsoft Moles\Documentation\behaviors.samples.zip\behaviors\Microsoft.SharePoint.Behaviors. All You have to do is to compile this project and you have an assembly called Microsoft.SharePoint.Behaviors.dll that you can reference in your test projects. Here is a short sample how you can work with SharePoint behaviors:

[TestMethod()]
[HostType("Moles")]
public static void  IsListNameCorrectTest()
{
BSPSite site = new BSPSite();
BSPWeb web = site.SetRootWeb();
BSPList list = web.Lists.SetOne();
list.Title = "TestList";
bool actual = MyClass.IsListNameCorrect(list);
Assert.IsTrue(actual);
}

public static class MyClass
{
public bool IsListNameCorrect(SPList list)
{
return list.Title.Length < 200;
}
}



									

Clean Code: A Handbook of Agile Software Craftsmanship

A really interesting book about doing software right. You can buy it here or you can find it in pdf form here.

Changing column type in a list template – upgrade scenario

In this article I would like to describe the scenarios that you can come across when changing  the structure of a list.

Changing column type

Consider following scenario: We have a list that should hold information about a person. the person has following fields: first name , last name and birth date. The part of schema.xml file, that defines the columns could look like this:

<pre><Field Type="Text" DisplayName="Firstname" Required="FALSE" ID="{168a8095-32a8-4b25-a4b6-046b3dc3d466}" StaticName="FirstName" Name="FirstName"Version="1" ColName="nvarchar1"/>
<Field Type="Text" DisplayName="LastName" Required="FALSE" ID="{168a8095-32a8-4b25-a4b6-046b3dc3d466}" StaticName="LastName" Name="LastName"Version="1" ColName="nvarchar2"/>
<Field Type="Text" DisplayName="BirthDate" Required="FALSE" ID="{168a8095-32a8-4b25-a4b6-046b3dc3d466}" StaticName="BirthDate" Name="BirthDate"Version="1" ColName="nvarchar3"/>

So far so good. Now we released this list template and the users happily created lists based on this template and filled thousands list items into these list. But there is an error in the xml: the birth date should not be of type text but DateTime. So we modify the schema.xml accordingly:

<Field Type="Text" DisplayName="Firstname" Required="FALSE" ID="{168a8095-32a8-4b25-a4b6-046b3dc3d466}" StaticName="FirstName" Name="FirstName"Version="1" ColName="nvarchar1"/>
<Field Type="Text" DisplayName="LastName" Required="FALSE" ID="{168a8095-32a8-4b25-a4b6-046b3dc3d466}" StaticName="LastName" Name="LastName"Version="1" ColName="nvarchar2"/>
<Field Type="DateTime" DisplayName="BirthDate" Required="FALSE" ID="{168a8095-32a8-4b25-a4b6-046b3dc3d466}" StaticName="BirthDate" Name="BirthDate" Version="1"/>

After the activation of the feature the SharePoint will update all columns in the list instances. However it is very probable that the existing list items will not be editable. In my case I become “Input string not in a correct format”. And if you e.g. convert  a column from DateTime to Text you can receive even a CATASTROPHIC_FAILURE. Cool. So this is not the way how to fix it.

Deleting column

If you want to create a robust scenario for updating columns do not ever change the type of the column, instead mark it as hidden and create a new field e.g. BirthDate2 with the correct data type. Then after the installation and activation of the feature you have to iterate through all the existing list instances of the type and transfer the data programmatically from the old to the new field, wherever possible. If you have a temptation to delete the old column and create a new column with another type and guid, be advised that SharePoint will update the list instances accordingly. This means in our case it would delete all data in the Birthdate column in all these lists. This is really dangerous side effect of updating the lists.

Simple advice

Don’t screw up in the first place, because it could be really time consuming to make it right.

Emulating different browsers

Here http://www.spoon.net/browsers you can find a pretty cool plugin for your browser that can emulate ie6, ie7, ie8, opera, chrome, firefox and safari.

Installing SP2007 solution to SP2010

It went actually pretty smoothly, however I met one error in our solution:

The path to the configuration data of the solution was done in following way:

Environment.GetFolderPath(Environment.SpecialFolder.CommonProgramFiles) + @"\Microsoft Shared\web server extensions\12\Config\oursuperconfig.xml");

The “12” folder is hard coded into the string so it cannot work for sp2010 because it stores data in the “14” folder.

I found a SharePoint function SPUtility.GetGenericSetupPath that can handle this problem. This function returns the correct folder for both SP versions:

SPUtility.GetGenericSetupPath("config")+"oursuperconfig.xml"

SharePoint Solution Installer support for SP2010

I modified the SharePoint Solution Installer and now it supports SharePoint 2010.

I added following config entry into the setup.exe.config

<add key=”SupportedSharePointVersion” value=”2007″/>
If it contains value “2007”  then the solution can be installed only to MOSS 2007 and WSS 3.0

If it contains “2010” the the solution can be installed only to SharePoint 2010 and SharePoint Foundation.

If you leave it empty then no check for specific version of SP is done and you can install it to all above versions.

You can download the modified SSI binaries and source code from here. (It is actually a zip file renamed to jpeg because of WordPress policy.)