Introduction for Provider Hosted Apps:
Provider Hosted App is one where the app is hosted outside of SharePoint. For Example, a server hosting IIS can host the app contents in a site. This is referred to as a remote web. This is more of a hybrid in that it can run a mix of both client and server side code. This high trust app model should be utilized when the situation either demands custom managed code or when a low-trust solution does not suffice.
Provider Hosted Application is very useful to re-use the existing .Net application with very minor changes and their hosting environment.
Comparison between SharePoint Hosted app and Provider Hosted Apps:
- Provider hosted apps need to run some server side code which is not possible with a SharePoint hosted app.
- If SAML Claims authentication provider is setup with ADFS 2.0. This isn’t compatible with SharePoint hosted apps so we must use Provider Hosted Apps.
When to create a provider-hosted app:
A provider-hosted app brings two very powerful tools: managed code and high trust. With managed code, the developer is free to use any programming language user deems fit for the task. However, the app model does not allow managed code to be installed directly on SharePoint. This seems like a deficit at first, but it is easily resolved by introducing an “app server” and hosting the code there.
If we require server-side managed code or some sort of context elevation, a provider-hosted could the correct choice.
Working Principle:
A provider-hosted app consists of two parts, the app for SharePoint and a website that contains the actual code, called the AppWeb. Since the AppWeb is not actually part of SharePoint but runs on a separate site or server, the high trust on premises scenario requires that we’re able to create a trusted connection between SharePoint and the AppWeb. On SharePoint 2013 authentication and trusts are managed by passing tokens to one another, thereby confirming identity. The tokens can open the door to permissions, so sending these tokens over an unencrypted connection introduces a security risk.
Since the “regular” tokens SharePoint uses only work with a user context, need something to create high trust tokens. This is where introduced a trusted security token. This token uses a matched set of public and private version of a server certificate to establish a secure connection between app and AppWeb.
More details, coming up in our next blog related also related to Provider Hosted Apps in SharePoint.