Categories

mcts 70-541 notes

Chapter 1 – Getting Started

  • WSS: Part of Windows 2003 Server OS, depends on its licensing model.
  • MOSS: Stand-alone server product, own licensing, standard and enterprise edition, main features: Extended search, business data catalog, Infopath support, Excel Services.
  • IIS web site is entry point for WSS.
  • Web application was called Virtual Server in WSS 2.0.
  • WSS uses IIS/ASP.NET authentication.
  • WSS uses its own authorization.
  • A site contains lists, document libraries and child sites.
  • A site collection is a container for sites.
  • Site collection architecture:
    • Site collection administrators.
    • Scope of membership/security/authorization.
    • Backup/restore scope.
    • Scope for site elements/queries.
    • Performance.
  • Site actions: Create page/list/library, site settings.
  • Customization: Shared storage – all users.
  • Personalization: Personal storage – per user.
  • Site columns: reusable definition, field type, default value, validation.
  • Content types: reusable definition, columns and behaviour.
  • Create and manipulate Office Open XML documents in code.
  • Workflows.
  • Feature
    • Feature.xml.
    • Farm wide installation.
    • Activation scope: Web, Site, WebApplication, Farm.
    • Hidden: Can only be activated by feature dependency or STSADM.
  • WSS object model and dispose pattern.
  • TIP: Copy wss.xsd to c:\program files\Microsoft Visual Studio 8\XML\Schemas.

 

Chapter 2 – SharePoint Architecture

  • IIS web site, virtual directory.
  • ISAPI to execute custom code on a request.
  • Application pool can contain single web site/virtual directory or any number of those. Pay attention to set the pool identity correctly. It is the identity that code will run as. One w3wp.exe per application pool.
  • ASP.NET is an ISAPI extension: aspnet_isapi.dll.
  • Each ASP.NET application runs in its own Application Domain.
  • WSS has a set of standard master pages. Make sure to use the required content place holders.
  • ASP.NET request pipeline: HTTP.SYS -> aspnet_isapi.dll -> aspnet_wp.exe <-> HttpApplication (HttpModule(s)), <-> HttpHandler.
  • HttpModule and HttpHandler are registered in web.config. HttpApplication events can be accessed in global.asax.
  • Sites and site collections are provisioned by adding entries to the configuration and content database.
  • WSS web application:
    • All requests (*.*) are routed to aspnet_isapi.dll.
    • ISAPI calls w3wp.exe.
    • SPHttpApplication implemented by custom global.asax.
    • SPRequestModule and SPHttpHandler are defined in web.config.
    • SharePoint section added to web.config.
  • SPVirtualPathProvider gets files(eg. *.aspx) from content database (unghosted, customized) or file system (ghosted, not customized).
  • WSS virtual directories: _controltemplates, _layouts, _vti_bin, _wpresources.
  • Site pages: Support customization, no in-line code, default security policy.
  • Application pages: No customization, farm-wide, in-line code allowed.
  • Debug configuration:
    <configuration>
      <SharePoint>
        <SafeMode CallStack="true" />
      </SharePoint>
      <system.web>
        <customErrors mode="OFF" />
        <compilation debug="true" />
      </system.web>
    </configuration>
  • Folder short-cuts: ~, ~site, ~sitecollection.
  • Securing application pages: Add RequireSiteAdministrator to custom action and override property with same name in application page.
  • ECB: Edit Control Block.

 

Chapter 3 – Pages and Design

  • No-compile pages scale better wrt. access time and memory consumption/behaviour.
  • Using SPFileSaveBinary unghosts a page.
  • Coping an unghosted page creates an unghosted page.
  • SPFile.CustomizePageStatus and RevertContentStream to manage customization.
  • SPFolder class: SubFolders, Files properties.
  • Page template is normal ASPX page.
    • Use meta:project to support SharePoint Designer.
    • Use ContentPlaceHolderMain.
    • Installed by feature or site definition.
    • Ghostable/GhostableInLibrary. The latter referes to document libraries.
  • Customized site pages are processed in safe mode. Ghosted are not!
    • Do not use in-line script in page templates!
    • If you do use the PageParsePath in web.config to circumvent errors in unghosted pages.
  • Customized pages can only contain safe controls.
  • Use * to register all controls/Web Parts in namespace as safe.
  • User controls are deployed to templates\controltemplates and can contain in-line code. Need to be registered as safe control also.
  • Adding, customizing and personalizing pages with Web Parts does not unghost those.
  • WSS uses the SPWebPartManager. Included in default.master.
  • Create Web Part page: Derive from WebPartPage and add Web Part zones. Use default.master.
  • Adding Web Parts to pages:
    • UI.
    • Declaritive for page templates in Elements.xml.
    • WSS object model: SPFile.GetLimitedWebPartManager.
  • Master pages:
    • application.master for application pages.
    • default.master for site pages.
  • WSS navigation elements: SPNavigationProvider, SPSiteMapProvider, SPContentMapProvider, SPXmlContentMapProvider.
  • Delegate controls are included in the master page and can be overriden by feature activation.
  • Custom master page template to modify default.master for all site pages.
    • Master page template.
    • Install with feature.
    • Redirect site pages (~masterurl, SPWeb.MasterUrl).
  • Each site has its own master page gallery.
  • Standard WSS site pages use also the ~masterurl.
  • custom.master links to SPWeb.CustomMasterUrl.
  • Alternatively use ~site/~sitecollection to hard-code a different master page.
  • Core.css is farm-wide and must not be changed.
  • Use themes or AlternateCSS for custom branding (SPWeb.AlternateCssUrl).

 

Chapter 4 – Web Parts

  • Standard Web Parts: Content Editor, Data View, List View, Image, Members, Page Viewer.
  • Chrome is rendered by default for Web Parts in a Web Part zone: Title bar, borders, dropdown menu.
  • Web Part events:
    • OnLoad: Intialize the control.
    • OnPreRender: Long running tasks.
    • CreateChildControls: UI components.
    • RenderContents: Render own controls/XSLT output, is rendered within chrome.
  • To receive post-back data from included control create private reference, create in CreateChildControls and call EnsureChildControls before accessing.
  • Web Part applications should contain all required resources.
  • Strong naming requires AssemblyInfo attribute AllowPartiallyTrustedCallers.
  • Web Part gallery, save to .webpart file for use in feature.
  • .dwp is for backward compatibility with WSS 2.0 Web Parts.
  • One Web Part gallery per site collection.
  • Place .webpart files in \dwp sub folder. Microsoft convention.
  • web.config changes: FeatureReceiver and SPWebConfigModification class.
  • [Personalizable] to mark properties.
    • Shared: Site wiede set by administrator.
    • User: Per user.
  • Assign custom Editor Part for a property by overriding CreateEditorParts method and remove [WebBrowsable] from property.
  • Use Page.RegisterAsyncTask to execute long running tasks asynchronously.
  • Web Part verb is an entry in the chromes edit menu. Override WebPartVerbCollection to add an entry.
  • Web Part connections.
    • [ConnectionProvider]
    • [ConnectionConsumer]
    • Implement class for ConnectionProvide/-Consumer or use an IWebPartField.
  • Embedded resources.
    • Images/JS: Web resource handler, assembly attribute, WebResource(FQRN).
    • Normal embedded with custom handler.

 

Chapter 6 – List and Content Types

  • Provisioning components: Site columns, content types, list templates defined in CAML.
  • Customized content: The above defined via UI.
  • Standard WSS types: Document library, form library, wiki page library, picture library, …
  • List based types: 0 – standard list, 1 – document library, 3 – discussion forums, 4 – survey, 5 – issue list.
  • SPWeb.GetList is the only method that throws FileNotFoundException. Only way to check for existence is to loop through all lists.
  • SPQuery and SPSiteDataQuery.
  • CAML syntax.
  • CAML debugging: Enable diagnostics logging via CA/Operations/Logging and Reporting/Diagnostic Logging.
  • WSS standard fields (site columns): See WSS fields feature.
  • Site column definitions:
    • Site column gallery is on site collection level.
    • Define field type, default values, …
    • Using AppendOnly requires a versioned list.
  • Field type -> Site column (field) -> Content type.
  • Custom field type: Use when validation in code or data access is required. Code placed in GAC and ASP.NET controls for rendering.
  • Derive from existing field, override FieldRenderingControl, GetValidatedString methods.
  • Field control using ASCX with RenderingTemplate.
  • Field types must be deployed to \tempate\XML.
  • Content type defines the schema for an item in a list or document library.
  • A list can use more than one content type.
  • A content type can be used either in a list or document library: item based or document based.
  • Content types bind event receivers and workflows.
  • WSS standard content types are in ctypes feature.
  • The title site column renders the ECB in lists.
  • Content type ID:
    • 0x – hex.
    • Base list/document library: 01 – list, 0101 – document library, …
    • 00
    • GUID
  • Content type id must be unique within a site collection.
  • Each site has a content type gallery.
  • SPWeb.AvailableContentTypes.
  • CAML content type definition can also contain view/edit pages and event handlers to be activated.
  • List types are provisioned with a list schema.
  • Use>10000 as list type identifier for custom lists.
  • List schema defines content types, fields, views and forms.
  • Fields must be redefined in list schema. There is no way to simply refer to an existing content type.
  • List fields can be indexed.
  • To define views modify an existing view and change the ViewFields element.
  • Lists can be instantiated in feature also containing data.
  • Lists support RSS. Use SPList.WriteRssFeed to generate RSS XML.
  • Event receiver is a class that contains one ore more event handlers.
  • Before (-ing) event executes on the same thread that handels the request: Use for cancelation and validation.
  • After (-ed) event executes asynchronously: Use for processing.
  • Event receiver inherits from SPListEventReceiver and must be deployed to GAC.
  • Feature definitioncan bind event receiver to list (site-level).
  • Event receivers can be bound in WSS object model. Is more flexibel than feature approach.
  • Before properties in before event: Value before changed by user.
  • After properties in before event: New value provided by user.
  • DisableEventFiring and EnableEventFiring in event handler to update the item.

 

Chapter 7 – Document Libraries

  • Document library is a specialized type of list but is intended to store documents. Uses the SPDocumentLibrary type.
  • Document is stored in the ListItem.File property.
  • ListItem.FileSystemObjectTypes tells whether it is a file or folder.
  • SPSite.MakeFullUrl to get absolute URL for a relative path.
  • Create a document in document library with .Add, path, memory stream and properties hash table.
  • Document library instances can be instantiated in feature and pre-loaded with documents and document templates. Document templates need to be activated via site definition or WSS object model.
  • Custom actions bound to a content type are valid for the type and it’s children.
  • Forms libary is a specialized document library for InfoPath forms.
  • Office Forms Services is part of MOSS. If not using MOSS all clients need InfoPath installed locally.
  • 2007 Microsoft Office System can generate Word 2007 and Excel 2007 documents on server.
    • Office Open XML specification.
    • Packaged in zip file.
    • Top-level file is called package.
    • Parts: XML content defined by content types.
    • Items: Metadata describing the parts.
    • Relationships: Name, type, target path.
    • Everything in the package must have a relationship.
  • Use WindowsBase.dll packaging API (C# 3.0) to read/write packages. System.IO.Packaging.
  • Classes: Package, PackagePart.
  • See http://openxmldeveloper.com for more information.
  • Return generate file directly with HttpResponse object.
  • See PackageViewer tool on companion web site.
  • WordProcessingML.
  • SpreadsheetML.
  • Word documents can store user defined XML (XML Data Store) and use content controls for display. See Developer tab in Word 2007. Content controls can be bound to the XML Data Store.

 

Chapter 8 – SharePoint Workflows

  • Reactive programs run to a point where they require user or external interaction. Also called episodic. Workflow programs.
  • Create a workflow instance to run a workflow program.
  • Activity: Atomic opertion. Standard activities are in Base Activity Library (BAL) and WSS Activity Library. Inherit Activity.
  • Composite activity: Activity with child activities. Inherits CompositeActivity. Eg. While, IfThen or Replicator.
  • Name property is design-time only!
  • Workflow types: Sequential, StateMachine.
  • Key classes: WorkflowRuntime, WorkflowInstance, WorkflowPersistenceService.
  • Books: Windows Workflow Foundation Step by Step, Windows Workflow Foundation.
  • WSS extends workflow by workflow template.
    • Integrates workflow programs into WSS (GAC).
    • Refers to workflow input forms (either application page or InfoPath): Assocation, initiation, modification and task edit.
    • Feature based installation.
  • Workflow association binds workflow to a list or document library or content type. Is created from workflow settings in site settings menu.
    • Task list: Task that can be assigned to users.
    • History list: Tracking.
  • Tools:
    • WSS: Workflow Developer Starter Kit (WSS SDK).
    • MOSS: Enterprise Content Management Starter Kit (MOSS SDK).
  • Ad-hoc workflow associations can be created via UI.
  • Custom workflow:
    • Must start with WorkflowActivated activity.
    • WorkflowProperties can be used in activity event handlers.
    • Generate handlers for activity with code.
  • Workflow programs run as the Sharepoint\system account.
  • Workflow templates can only be site collection features.
  • Workflow elements:
    • Method activities: CreateTask, …
    • Event activities: OnTaskCreated, pauses workflow and resumes when executed.
    • CreateTask, UpdateTask, CompleteTask, DeleteTask.
  • Method and event activity are connected with a correlator:
    • GUID.
    • Correlation token.
    • Requires coding.
  • Using InfoPath forms as custom workflow input forms simplifies coding and reduces it to create code for passing the data.

 

Chapter 9 – Solutions and Deployment

  • Site definition contains page templates and feature references.
  • Sites are dependent on the site definition for life-time.
  • Site definitions are located at 12\TEMPLATE\SiteTemplates.
  • Site definitions consist of configurations that user sees as site templates.
  • ONET.XML is the high-level manifest.
  • A Module is a defined file set with nested File elements.
  • Site definition items: NavBars, DocumentTemplates, Configurations and Modules.
  • Configuration items: Lists, Modules, SiteFeatures, WebFeatures.
  • Each configuration has a WEBTEMP file – WEBTEMP.solution.xml.
  • Define Title, Description, Hidden, DisplayCategory (tab in UI), RootWebOnly and SubWebOnly in WEBTEMP file.
  • SiteProvisioningProvider to execute custom code on site creation. Inherits SPWebProvisioningProvider, GAC. Use the ApplyWebTemplate method to process CAML instructions from site definition. Never call it on the same configuration -> create two configurations (one hidden).
  • A feature dependency ‘ActivationDependency’ forces activation of feature.
  • Feature stapling adds your custom features to existing site definitions via FeatureSiteTemplateAssociation. Powerful in connection with the global site definition.
  • Localization: Language packs are deployed as solution packages to add specific cultures for the core solution package.
  • File naming: Name.culture.resx -> UserMessages.en-US.resx.
  • Site definitions and features access resources through the resx file directly (instead of satellite assemblies).
  • Resource WSS location: 12\RESOURCES.
  • CAML resource format: $Resources:ResourceFile,ResourceName; E.g. $Resources:UserMessages,Warning;
  • Solutions package is a compressed .cab file (.wsp).
    • .wsp is copied to configuration database (addsolution).
    • Timer job processes it on each front-end server (deploysolution).
  • Manual build of .wsp:
    • .ddf with file mapping.
    • manifest.xml with solution ID, features, template files, CAS, site definitions, application pages and assemblies.
    • makecab tool to build .wsp file.
  • WSS uses IISRESET after a deployment command.
  • WSS installs the feature during deployment.
  • Deployment process:
    • allContentUrls: All non-administrative web applications.
    • allowGacDeployment: Contains assembly deployed to GAC.
    • allowCasPolicies: Contains CAS policies.
  • SPSite.WebApplication represents the IIS load-balanced web application.
  • Microsoft.SharePoint.Administration has SPWebApplication. Use WebConfigModifications property to change web.config in entire farm.
  • Language packs have same name and solution ID as core package. Use -lcid when adding and deploying the solution.
  • To localize a site definition create localized WEBTEMP file and deploy to the locale XML folder.

 

Chapter 10 – Application Security

  • CAS defines execution permissions for code running in partial trust.
  • Trust levels are defined in 12\CONFIG.
  • Minimal trust level:
    • no SQL.
    • no Web requests.
    • no WSS object model.
  • Recommandation: Run with minimal trust and set appropriate permissions.
  • Define CAS in assemblyinfo.cs. This does not grant any permissions.
  • Grant permissions in manifest.xml.
  • Important permissions:
    • SharePointPermission
    • EnvironmentPermission
    • SecurityPermission
    • AspNetHostingPermission
    • WebPermission
  • Check-out VS 2005 code analysis tool to help with CAS.
  • WSS uses ASP.NET authentication.
  • WSS has own authorization using a user security token.
  • SPPrincipal: User or group.
  • SPRoleCollection, SPUser, SPGroup, SPUserToken.
  • Authorization is on site collection level.
  • Select Welcome/My Settings to view your user information profile.
  • WSS vs. Windows security context: Access to WSS resources vs. access to external resources.
  • Groups are created in the context of a site collection (!) and than assigned to a site.
  • SPRoleAssignment, SPRoleDefinition (permission set).
  • SPWeb properties:
    • AllUsers: all explicit users and users from assigned groups.
    • SiteUsers: site collection users.
    • Users: explicit users only.
  • Application pool account:
    • accesses the content and configuration database.
    • runs with elevated privileges.
    • must be added to the local IIS_WPG and WSS_WPG group.
  • SHAREPOINT/system account is only WSS internal to provide a static name for the pool account. Is mapped to the windows pool account when accessing external resources.
  • Credential delegation is only required when accessing resources on a different server (double-hop).
  • Web request:
    • CredentialCache.DefaultCredentials.
    • Run with elevated privileges to use pool account.
  • Impersonate another user:
    • Get SPUser object from SPWeb.AllUsers by UserLoginName.
    • Create SPSite object with users SPUserToken.
  • Securing objects with ISecurableObject. Is implemented by SPWeb, SPList, SPListItem:
    • BreakRoleInheritance.
    • CheckPermissions – throws exception.
    • DoesUserHavePermissions.
    • ResetRoleInheritance.
  • Standard permission sets (Full trust, …) and BasePermissions.
  • Handling authorization failures with SPUtility:
    • RedirectToAccessDeniedPage.
    • HandleAccessDenied – takes exception.
    • EnsureSiteAdminAccess.
    • SendAccessDeniedHeader – takes exception.

 

Other topics

Configure target computer for WSS

  • Central Administration pool account: Create rights with Psconfig. Needs Database Creator and Security Administrator roles on configuration database. Must also be member of the Power users group and a domain account.
  • Application pool process account: db_owner, read and write on content and configuration database. Must be member of IIS_WPG, SPS_WPG and STS_WPG and a domain account in a farm setup.
  • IIS_WPG: Minimum permission to start worker process. New in IIS 6.0.
  • SPS_WPG: Minimum permission to start SharePoint Portal Server worker process.
  • STS_WPG: Minimum permission to start Windows SharePoint Services worker process.
  • References:
    http://blogs.msdn.com/modonovan/archive/2005/06/14/428862.aspx
    http://technet.microsoft.com/en-us/library/cc303306.aspx

Web Part security policies

  • Configure Web Part permissions: Can be done in manifest.xml. You can specifiy permissions or refer to a policy file for the Web Part assembly.
  • Custom security policy: Deploy to 12\CONFIG folder. Add the entries for a security policy file that apply to that component are required.
  • References:
    http://msdn.microsoft.com/en-us/library/bb862636.aspx

Deploy Web services

Schedule task by using WSS Timer service

  • Create a job by using SPJobDefinition: Inherit SPJobDefinition, deploy to GAC and install timer job. Submit to timer service: The timer job is installed by instantiating it with the SPWebApplication object. Can be done in a feature receiver for instance.
  • References:
    http://msdn.microsoft.com/en-us/library/cc406686.aspx

Manage records by using the records repository

Dynamically handle events

Manage site hierachy

  • List virtual servers on farm: SPWebService.WebApplications.
  • List sites for current user: SPWeb.GetSubwebsForCurrentUser.
  • Create a site: SPWeb.Webs.Add.

Customize navigation

  • Add item to Quick Launch: Site Settings/Navigation/New Heading or New Link (Publishing activated).
  • Modify top navigation menu item: Site Settings/Top link bar/… (No publishing activated).

Manage groups

  • Create a custom site group: Site Action/People and Groups/New Group (from list menu).
  • Add a cross-site group: Do not exist in WSS 3.0.