Jim Wilt Chief Software Architect Metrics Reporting, Inc. ARC402
Objectives Answer the question, “What is an architectural pattern and pattern language?” Define a SharePoint specific pattern language in support of repeatable solutions Demonstrate how a SharePoint pattern language is actionable
Objectives (special) Your feedback on: Q1: Does this special type of pattern language add value to your solution design efforts? Q2: Who do you say the target audience of this material should be? (please write answers to these special objectives in the comments section of your evaluation)
Why Single Out SharePoint? Because it is a premier platform for web applications both in the enterprise and in the cloud!
Why Patterns? “Each pattern describes a problem which occurs over and over again in our environment, and then describes the core of the solution to that problem, in such a way that you can use this solution a million times over and over, without ever doing it the same way twice” -- Christopher Alexander
A Universal Pattern Language You might also like… All good, but all require time to digest
So, why a SharePoint pattern language? ( why not use an existing pattern language? )
Other Universal Languages Music Math Code 1 + 2 = 3
Universal Languages are often Specific Music Math Code 1 + 2 = 3 A SharePoint pattern language does make sense!
Hasn’t P&P already done this? Yes, and it’s great… You might also like… Also all good, but all focus on execution
Gang-of-Four and P&P each effectively addresses specific audiences… Theoretical Applied …but are at opposite ends of the spectrum
A SharePoint pattern language can bridge the gap Best Architecture Best Implementation It pulls from the best standard patterns and pushes to the best implementation patterns Best Solution Design
A SharePoint pattern language can bridge the gap Adding field experience will further enhance the patterns Experience Best Architecture Best Implementation Best Solution Design
Defining a Pattern Language “Each pattern is a three-part rule which expresses a relation between a certain context, a problem, and a solution.” -- Christopher Alexander
Pattern languages are composed of 4 elements: The pattern name is a handle used to describe the problem The problem describes when to apply the pattern The solution describes the elements that make up the design and their relationships The consequences are the results and trade-offs when applying the pattern
SharePoint Additions The Solution Scope dimension The Implementation Approach dimension
Micro feature Very specific component or other feature asset that can be used in a SharePoint solution Examples: Accessible text editing web part Workflow activity that connect to your application’s services Contained application A full featured application that uses SharePoint capabilities to solve a set of needs in a centralized way Examples: HR system Public web presence Organic application The combination of a full feature set that a business can use as foundation for creating additional applications Examples: Project management Collaboration centers Generally, only one solution scope dimension applies
Implementation Approach Dimension Search scopes Site structure BDC configuration List structuring Native web part configurations CSS & chrome Master page layout and customization Workflow composition Meta-data and document types List definitions and form customization Custom web parts Site and list template creation and packaging Feature packaging Custom workflow activities Event receivers No code SharePoint Designer Visual Studio One to many implementation approaches may apply
A note on Solution Complexity & Cost Micro Feature Contained App Organic App FeaturesFeatures Architecture & Development Deployment, Management, Governance, Support SharePoint Designer No Code Visual Studio Hosted/Cloud Friendly Local/ Enterprise Hosted Less Costly $ $ More Costly $$$$$ $$$$$
SharePoint Pattern Language Sections Pattern Name Intent Design Scenario Structure/Concept Consequences & Trade-Offs Scope Considerations Related Patterns & Anti-Patterns Reference Links
Pattern Name “It's not about elitism--it's about efficiency. It's not about impressing others--it's about a shared understanding of specific concepts. It's about being able to talk about ideas or processes or even parts with fewer words and (potentially) greater meaning.“ --Kathy Sierra
Intent What does the design pattern do? What is its rationale and intent? What particular design issue or problem does it address?
Design Scenario A scenario that illustrates a design problem and how the pattern solves the problem The scenario helps clarify the more abstract description of the pattern that follows
Structure/Concept A representation of the components in the pattern Can be anything from logical diagrams to mock- up screens
Consequences & Trade-Offs How does the pattern support its objectives? What are the trade-offs and results of using the pattern?
Scope Considerations Micro-feature Contained Application Organic Application Generally, only one of these applies
Implementation Considerations No Code SharePoint Designer Visual Studio One or more of these may apply and they are then rated as: Less recommended Recommended Best choice
Related Patterns & Anti-Patterns What design patterns are closely related to this one? What are the important differences? Are there anti-patterns which exemplify what to not do?
Reference Links Push to the P&P content to further direct configuration, optimization, and implementation Link to any documentation, online references, webinars, etc. that promote further understanding and direction to implementation
Intent What does the design pattern do? This pattern is for acquiring private information from an anonymous source that remains secure from other public access. What is its rationale and intent? There are times when from a public site you may wish to acquire information (e.g., contact data like address, phone, etc.) from a non-authenticated user where you must assure the data you collect remains private. This is the pattern for getting information from an anonymous source in a secure, private manner. What particular design issue or problem does it address? Securely acquiring information from a pubic facing site's anonymous users.
Design Scenario A scenario that illustrates a design problem and how the pattern solves the problem This pattern is for a public facing site that would like to acquire information from a non-logged in user. It might be contact information, a survey where they can securely issue a complaint, or perhaps, financial or other sensitive information to be gathered. For a membership-site, this pattern would be used by the public facing side to present an application for membership to public users. What anonymous users see: Information may be collected:Access to that information is guarded through obfuscation:
Design Scenario (continued) A scenario that illustrates a design problem and how the pattern solves the problem (continued) Only Administration has access to the collected data through a web part view only they can access. What administrators see:
Structure/Concept A representation of the components in the pattern This feature is implemented using a Custom List: The custom list is created as any normal list with the addition of a calculated field, Thank You, that will contain a message displayed after the private input form is submitted. The field is calculated so that it is not displayed in the input form and so the text displayed can easily be modified by authorized designers only. The list is made private & secure by deleting the All Items view, replacing it with a Thank-You view (w/no toolbar) that displays only one record (filter ID=1) which is seeded in the list. Administrative access to the list contents is made through the creation of a Web-Part document library that uses the list's web-part with full toolbar and filter ID≠1. Further security is obtained by obfuscating the DispForm.aspx for the list (requires SharePoint Designer)
Consequences & Trade-Offs How does the pattern support its objectives? This pattern is easy to implement and requires little SharePoint Designer involvement to result in an effective, pleasant/clean, and highly functional interface to anonymous users that behaves close to most Web 2.0 systems currently in the public domain. Not having to deploy custom DLLs is a real plus, especially when working in a Software Plus Services environment where SharePoint is hosted and adding custom DLLs is generally prohibited. What are the trade-offs and results of using the pattern? Security through obscurity is not as solid as protecting anonymous data through custom code.
Implementation Considerations No Code: Recommended Create a Custom List and set up the input fields for the data to be captured. Create an additional Thank-You field as a calculated field with the desired post-submit message. A calculated field is never displayed on the input form. Because the message is displayed both when the form is submitted and cancelled, it must be generic enough to represent both actions.
Implementation Considerations (continued) No Code (continued): Recommended Modify the default List View a Thank You view which only presents the calculated Thank-You field, has no toolbar, and only displays the first (seeded) list item. A document library (e.g., PrivateContent) is created to host Web-Part Pages with permission set to only allow access to administrators. A Web-Part Page is created in the document library with a web-part to the custom list content. The web-part is configured to display the content as desired (Edit the current view) and a Full Toolbar is used to allow modifications to the custom list settings. An SSL link to the SharePoint site is highly recommended when collecting sensitive information.
Implementation Considerations (continued) SharePoint Designer: Best choice Do the following in addition to the No Code option: Obfuscate the DispForm.aspx to mitigate SharePoint-aware hacking. Check-Out the associated Thank-You List View (e.g., ThankYou.aspx) and add custom style sheets to format the list display more prominently. Using a GUID is a good idea.
Implementation Considerations (continued) Visual Studio: Less recommended There currently is no value advantage when using Visual Studio in this approach.
Related Patterns & Anti-Patterns What design patterns are closely related to this one? What are the important differences? Initially, one might think that using a Survey with anonymous access would be easier, but this is a completely different approach. Collecting, manipulating, and formatting information out of a custom list is much easier and more flexible when compared to surveys. Further, there is greater control over the response to submitted information in a custom list. Using a Discussion is similar to a survey, but it renders all input public. Are there anti-patterns which exemplify what to not do? It is less desirable to collect private or secured information from an anonymous user in any form of an open format. Any attempt to control anonymous input information with workflow will fail. Forcing impersonation to allow workflow from anonymous accounts is a serious breach of security in that it compromises the entire server greatly.
Reference Links A complete webinar demonstrating this pattern can be found here: geekSpeak: Security from a Public, Anonymous Windows SharePoint Services 3.0
SharePoint Pattern Delivery Options Word OneNote InfoPath Which do you prefer?
More to come with SharePoint 2010! To be continued…
References Matt Hessinger, Hessinger Consulting: firstname.lastname@example.org@hessingerconsulting.com Jim Wilt, Metrics Reporting, Inc: email@example.com@metricsreporting.com 1007 public websites delivered on SharePoint: http://www.wssdemo.com/Pages/websites.aspx http://www.wssdemo.com/Pages/websites.aspx Alexander, Ishikawa, Silverstein, "A Pattern Language", New York, Oxford University Press, 1977 Gamma, Helm, Johnson, Vlissides, "Design Patterns: Elements of Reusable Object- Oriented Software", Addison-Wesley, 1995 Microsoft Patterns & Practices SharePoint Guidance-August 2009: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=91 f3c22c-8be7-4721-9449-84f699337d55#tm http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=91 f3c22c-8be7-4721-9449-84f699337d55#tm Kathy Sierra, "Why Web 2.0 is more than a buzzword", 2006, http://headrush.typepad.com/creating_passionate_users/2006/11/why_web_20 _is_m.html http://headrush.typepad.com/creating_passionate_users/2006/11/why_web_20 _is_m.html Metrics Reporting SharePoint Learning Center: https://www.mriwm.com/ProjectSites/Learn%20SharePoint/default.aspx https://www.mriwm.com/ProjectSites/Learn%20SharePoint/default.aspx
Objectives (special) Your feedback on: Q1: Does this special level of pattern add valve to your solution design efforts? Q2: Who do you say the target audience of this material should be? (please write answers to these special objectives in the comments section of your evaluation)
www.microsoft.com/teched Sessions On-Demand & Community http://microsoft.com/technet Resources for IT Professionals http://microsoft.com/msdn Resources for Developers www.microsoft.com/learning Microsoft Certification and Training Resources www.microsoft.com/learning Microsoft Certification & Training Resources Resources
Complete an evaluation on CommNet and enter to win an Xbox 360 Elite!