Calling SharePoint from ASP.Net MVC
We have an ASP.Net MVC application (which uses Angular JS and Web API) to call into a middle .Net tier. This has to call SharePoint for various things like Authentication, Authorization, Content Management, Document Management and so on. I know there are 3 approaches. One is to use Managed CSOM. The other one is SSOM and the 3rd one is using custom Web Services. Now every approach is having some drawback. For example, though CSOM seems to be the best option initially, there are many things which we cannot achieve using CSOM like Event Receivers, Timer Jobs, Elevating Privileges, Generating Token for Authentication and so on. Please keep in mind that the ASP.Net MVC application is just an external application and not a Provider Hosted Add-In. If we decide SSOM, then we are forced to deploy the ASP.Net MVC application either into SharePoint itself or deploy it into the same IIS server and share the app pool. Sharing app pool will be a disaster, since it can bring everything down, if one site goes down. The 3rd approach of using custom web services, will involve a lot of custom development and hence prone to errors and inefficient application. I am totally confused. Can anyone please suggest? Please read my requirement carefully and try to understand it properly before suggesting some solutions. If you need more clarity, please le
September 3rd, 2015 1:57am

Hi,

In that scenario (ASP.NET.MVC) as external application (and also I am assume its hosted outside of the SharePoint Server),You can consume the SharePoint REST API services.

Not to rely on the soap based services(.asmx).

And also you are free by choosing your own app pool for your web application not to align or force to change anything to use the SharePoint Web Services.

Could you please confirm your  ASP.NET MVC application authentication details ? So you will get more precise information on this topics.

Free Windows Admin Tool Kit Click here and download it now
September 3rd, 2015 3:14am

Thanks for your prompt response. The SharePoint environment is configured for Multi Tenancy and Forms Based Claims Authentication. Every tenant has separate membership DB. Hence the user is authenticated using a custom membership provider. The ASP.Net MVC based site will not do any authentication, rather, it will simply pass the credentials (during first login) to the SharePoint site and will have to get the user authenticated with a token. For every subsequent request, it will have to use this token and we need to explicitly re-validate the token, w/o password (this is another mystery, since SecurityToken class is neither serializable, so that it can be sent to the ASP.Net MVC site nor able to be revalidated, since revalidation requires getting claims back from the token and security token class is not having this property. Anyway, these are different stories and much more confusing. I have created different posts for these questions). Hope it clarifies.

Also, if I use CSOM, how can I publish content types, have event receivers and so on?

September 3rd, 2015 3:25am

Hi,

Token validation / serialization / expire / alive and re validation  will be managed by the SharePoint Client assemblies.

What I suspect, if you choose to work on the MVC application thats not hosted in SharePoint Server, then why you are looking into SharePoint related stuffs like "Event Receiver, Content Type Publishing, TimerJob".

Put it this way,You are creating an application interface (your case) just to consume the SharePoint data and modifying based on the user context.

Nothing to do with use of  or Manage the SharePoint sites using CSOM.

There is "Remote Event Receiver" but it will not fit to your requirement, as its focused on "ASP.NET MVC" hosted in SharePoint and used "Provider Hosted App".

Free Windows Admin Tool Kit Click here and download it now
September 3rd, 2015 4:29am

The content or data is going to live inside SharePoint and will have to be managed inside SharePoint. Hence these are inevitable. It's a business requirement. Also, as far as I understand, token generation cannot be done in CSOM, especially so in my case, since there is no concept of apps involved.

September 3rd, 2015 4:49am

Hi,

Please not to come conclusion.
In SharePoint perspective, your MVC application is just Client or Remote Web that consumes the data from the SharePoint.

To deal with it, Please have a look at this link and its contents.

https://msdn.microsoft.com/en-us/library/fp179912.aspx

If you need more flexibility in terms of Token Management ,You must convert your ASP.NET MVC application to SharePoint Provider hosted app.

Next, I tried little on my end, I am able to use the Office 365 ( Analogue to remote web or client application) webservice on MVC application.

Try your luck too.

Free Windows Admin Tool Kit Click here and download it now
September 3rd, 2015 9:08am

Thanks a lot for your response. But, as I said, in my case, the MVC application is not a SharePoint Add-In. Also, we have a native mobile app, which also needs to be able to use SharePoint for pretty much everything like Authentication, Content Management and so on. Also, ours is an On Premise deployment of SharePoint and not cloud based. Moreover, I understand that concepts like OAuth, S2S etc are meant more for App's Authorization and not meant specifically for user authentication.
September 3rd, 2015 10:46am

Ok,

The conclusion  is a client applications including standalone MVC.NET can interact with SharePoint through any of the legacy authentication providers and also compatible with OAuth and S2S authorisation model.

From your notes, You are expectation scope is wider than this stand alone MVC.NET application.

To leverage the full benefits and all the features (excluding administrative tasks) using client application of the SharePoint, you must to convert your MVC application to Provider hosted app.

otherwise, just use your MVC application as client application within its boundaries.

Free Windows Admin Tool Kit Click here and download it now
September 3rd, 2015 11:17pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics