HOW TO: Publish a LightSwitch App (high-trust) to SharePoint On-Premises environment
This post is a contribution from Raghavendra B Nanjaiah, an engineer with the SharePoint Developer Support team.
Just wanted to publish this post provided the steps to publish a LightSwitch App to SharePoint On-Premises environment. Hope you will find this useful.
Section 1: Create issuer ID (same as high-trust app)
1. Check if any previously registered SPTrustedSecurityTokenIssue exists. If there’s a malfunctioning one and if –IsTrustBroker switch was used, it means the bad token issuer might be getting called. If this is the first time you are configuring high-trust apps then you can skip steps a & b below.
a. Run Get-SPTrustedSecurityTokenIssuer. If no Azure workflow is configured this command should return empty. If you get any issuer apart from workflow, run below script to delete it.
b. Remove-SPTrustedSecurityTokenIssuer (pass Id value from output of the above command).
2. Create a new SPTruestedSecurityTokenIssuer by running below script, passing your SharePoint Developer site URL and Cert path (.cer) that you will use to sign the token (you need to create a self-signed cert). For more information see: https://msdn.microsoft.com/en-us/library/fp179901.aspx.
Take a note of the $issuerId = “447f40c6-99df-4d37-9739-5370102489f7” from the below script. We’ll be using it later.
param( [Parameter(Mandatory=$true)][string] $TargetSiteUrl, [Parameter(Mandatory=$true)][string] $CertPath = $(throw "Usage: ConfigureS2SApp.ps1 <TargetSiteUrl> <Certificate>") ) # On error, stop $ErrorActionPreference = "Stop" # Add sharepoint snapin # add-pssnapin microsoft.sharepoint.powershell function ConfigureS2SApp([string]$TargetSiteUrl, [string]$CertPath) { #write-host "Configuring with parameters $appTitle , $TargetSiteUrl , $CertPath" write-host "you passed" $TargetSiteUrl $CertPath -foregroundcolor Green $issuerId = "447f40c6-99df-4d37-9739-5370102489f7" $spweb = Get-SPWeb $TargetSiteUrl $realm = Get-SPAuthenticationRealm -ServiceContext $spweb.Site $fullAppIdentifier = $issuerId + '@' + $realm $certificate = Get-PfxCertificate $CertPath New-SPTrustedSecurityTokenIssuer -Name $issuerId -Certificate $certificate -RegisteredIssuerName $fullAppIdentifier –IsTrustBroker #turning off https <optional> this will make our sharepoint site run on http and still work with high trust app. $serviceConfig = Get-SPSecurityTokenServiceConfig $serviceConfig.AllowOAuthOverHttp = $true $serviceConfig.Update() } ConfigureS2SApp $TargetSiteUrl $CertPath # done write-host "S2S is now configured" -foregroundcolor Green
Section 2: Enable SharePoint on LightSwitch app and publish
1. Right-click the LightSwitch project and go to properties and choose SharePoint tab.
2. Enable SharePoint on the project (this basically adds SharePoint related files to LightSwitch project e.g., SharePointLaunch.aspx etc.,).
3. Right-click on the project and click Publish.
4. Select Provider-hosted in SharePoint options.
5. Select IIS server since we will not be using Azure to host LightSwitch app.
6. Select Create Package on disk from the next screen.
7. Select users must connect using Https option.
8. Choose the appropriate data settings for your LightSwitch app.
9. Select use a certificate for a high-trust configuration and provide the certificate details and issuer ID we generated in Section 1 of this post.
10. Choose the web app where LightSwitch will be hosted and provide Client ID (you can generate your own GUID using Visual Studio or PS).
11. Create app principal by following the below steps in PS.
$clientId = "<Your Client ID>"
$spweb = Get-SPWeb "https://mspx2013"
$realm = Get-SPAuthenticationRealm -ServiceContext $spweb.Site
$fullAppIdentifier = $clientId + '@' + $realm
$appPrincipal = Register-SPAppPrincipal -NameIdentifier $fullAppIdentifier -Site $spweb -DisplayName "SimpleHTApp"
Set-SPAppPrincipalPermission -Site $spweb -AppPrincipal $appPrincipal -Scope Site -Right FullControl
12. The summary screen should look like below.
13. From the published folder, upload the .app file to SharePoint Developer Site.
14. Host the LightSwitch app in different IIS web (e.g., https://localhost:9090).
15. When you click on the SampleLightSwitch app you will be redirected to the actual LightSwitch app that’s hosted in your IIS server.
Comments
- Anonymous
January 01, 2003
The comment has been removed - Anonymous
December 31, 2014
ASd - Anonymous
December 31, 2014
Test - Anonymous
June 26, 2015
No updates on the sharePointHostData error? - Anonymous
November 10, 2015
Since this is somewhat new to me I have to ask a couple of naïve questions: 1) what is the client id? Where do I looks this up? I want to use on premises; 2) What kind of Certificate is this? Do I have to create it or is this from a Certificate Authority (enterprise wide or public)?