选择用于开发和托管 SharePoint 加载项的模式Choose patterns for developing and hosting your SharePoint Add-in

SharePoint 加载项模型引入了许多托管和开发模式。部分模式可以相互结合使用。例如,加载项可以将 SharePoint 托管的组件和远程托管的组件混合使用。要确定需要使用的模式,最有用的方法就是从自己的需求、技术和目标出发,将它们与 SharePoint 加载项支持的选项和可能性匹配。The SharePoint Add-in model introduces a wide range of hosting and development patterns. Some of these patterns can be used in combination with each other. For example, your add-ins can mix SharePoint-hosted and remotely hosted components. The most useful way to determine which patterns you'll want to use is to start with your own requirements, technologies, and goals and match them with the options and possibilities that are enabled by SharePoint Add-ins.

选择开发模式时要注意的事项What to think about when choosing your development pattern

SharePoint 外接程序扩大了使用 SharePoint 资源和服务时可以使用的可能的编程语言和技术堆栈的范围。选项的准确范围取决于加载项的类型和选择的承载模式。还可以将模式混合使用。SharePoint Add-ins widen the range of possible programming languages and technology stacks that you can use when you work with SharePoint resources and services. The precise range of options depends on both the type of add-in and the hosting pattern that you choose. It's also possible to mix patterns.

SharePoint 托管加载项SharePoint-hosted add-ins

从最简单的选择入手:SharePoint 托管加载项,或其中所有组件都托管在本地或 Office 365 SharePoint 场上的加载项。Start with the simplest option: SharePoint-hosted add-ins, or add-ins where all components are hosted on either an on-premises or Office 365 SharePoint farm. SharePoint 托管加载项安装在 SharePoint 网站(称为“主机 Web”)上。SharePoint-hosted add-ins are installed on a SharePoint website, called the host web. 它们的资源托管在主机 Web 的独立子网站(称为“加载项 Web”)上。They have their resources hosted on an isolated subsite of a host web, called the add-in web. 请务必了解主机 Web 与加载项 Web 的区别It's important to know the difference between host webs and add-in webs.

图 1 展示了 SharePoint 托管加载项的基本体系结构。Figure 1 illustrates the basic architecture of a SharePoint-hosted add-in.

图 1:SharePoint 托管加载项体系结构Figure 1. SharePoint-hosted add-in architecture

SharePoint 托管的应用程序的组件在 SharePoint 服务器场的 appweb 上进行托管。

可以将 SharePoint 承载的加载项与具有远程承载组件的加载项结合使用,但是任何在加载项 Web 上运行的加载项或加载项的部分在加载项的承载位置、加载项获取授权的方式和加载项可使用的语言这三个关键组件方面都有以下一系列要求。You can combine a SharePoint-hosted add-in with add-ins that have remotely hosted components, but any add-in or portion of an add-in that runs on an add-in web has the following set of requirements for three key components: where the add-in is hosted, how the add-in gets authorization, and what language it can use.

组件Component SharePoint 托管的外接程序要求SharePoint-hosted add-in requirement
外接程序组件的托管位置Where the add-in components are hosted 在 SharePoint 场的隔离加载项域中In the isolated add-in domain of your SharePoint farm
加载项获取授权的方式How the add-in gets authorized 已登录用户的权限The privileges of the signed-in user
加载项可使用的语言What language the add-in can use JavaScript(含 SharePoint JSOM 库)+ HTMLJavaScript (with the SharePoint JSOM library) + HTML
优势如下Get these benefits 应考虑的问题But consider this
重复使用常见的 SharePoint 项,如列表和 Web 部件。Reuse common SharePoint items, like lists and web parts. 您只能在加载项中使用 JavaScript,且无法使用任何服务器端代码。You can use only JavaScript in the add-in—you can't use any server-side code.
创建和部署相对简单,所以适合业务规则复杂性较低的小型团队工作效率加载项和业务流程自动化。Relatively easy to create and deploy, so they are good for small team productivity add-ins and business process automation, with lower complexity business rules. 外接程序仅具有已登录用户的授权特权。Your add-in has only the authorization privileges of the signed-in user.

开始创建 SharePoint 托管 SharePoint 加载项Get started creating SharePoint-hosted SharePoint Add-ins

提供商托管加载项Provider-hosted add-ins

提供商托管 SharePoint 加载项包含在 SharePoint 场外部署和托管的组件。Provider-hosted SharePoint Add-ins include components that are deployed and hosted outside the SharePoint farm. 此类加载项安装到主机 Web 上,但它们的远程组件却托管在另一个服务器上,此服务器不得位于 SharePoint 场中They are installed to the host web, but their remote components are hosted on another server that should not be a server in the SharePoint farm.

图 2 展示了提供商托管加载项的基本体系结构。Figure 2 illustrates the basic architecture of a provider-hosted add-in.

图 2:提供商托管加载项体系结构Figure 2. Provider-hosted add-in architecture

提供程序托管的应用程序的组件在任何 Web 服务器或托管服务上进行托管。

下表显示了在对承载位置、加载项授权和语言的要求方面,提供程序承载的加载项比 SharePoint 承载的加载项更加不固定。The following table shows how the requirements for hosting location, add-in authorization, and languages are much less fixed for provider-hosted add-ins than they are for SharePoint-hosted add-ins.

组件Component 提供程序托管的外接程序要求Provider-hosted add-in requirement
外接程序组件的托管位置Where the add-in components are hosted 任何 Web 服务器或托管服务Any web server or hosting service
加载项获取授权的方式How the add-in gets authorized OAuth 或 JavaScript 跨域库OAuth or the JavaScript cross-domain library
加载项可使用的语言What language the add-in can use Web 服务器或托管服务支持的任何语言Any language supported by your web server or hosting service

提供程序承载的加载项与 SharePoint 网站交互,但也使用位于远程网站上的资源和服务。在决定创建提供程序承载的加载项之前,您需要考虑以下事项。A provider-hosted add-in interacts with a SharePoint site but also uses resources and services that are located on the remote site. You'll want to consider the following before deciding to create a provider-hosted add-in.

获得权益Get these benefits 应考虑的问题But consider this
在 Microsoft Azure 或任何远程 Web 平台(包括非 Microsoft 平台)上托管外接程序。Host the add-in on Microsoft Azure or any remote web platform, including non-Microsoft platforms. 你负责创建远程组件的安装、升级和卸载逻辑。You are responsible for creating the installation, upgrade, and uninstallation logic of the remote components.
使用 SharePoint 客户端对象模型之一,JavaScript 跨域库或基于 SharePoint REST/OData 的 Web 服务与 SharePoint 交互。Use one of the SharePoint client object models, the JavaScript cross-domain library, or the SharePoint REST/OData-based web service to interact with SharePoint. 与 SharePoint 进行交互的每种方式都有进行数据访问的相应选项Each way of interacting with SharePoint has corresponding options for approaches to data access.
使用三个授权系统之一获取 SharePoint 数据的授权。Gain authorization to SharePoint data using one of the three authorization systems. 需要在 OAuth 和跨域库之间做出选择,以便向加载项授予对 SharePoint 的访问权限。You need to decide between OAuth and the cross-domain library to authorize your add-in's access to SharePoint.

将托管模式与开发目标对应起来Match your hosting pattern with your development goals

除了考虑每个选项的技术优势和限制外,在决定承载模式时还需要考虑开发目标。可以使用下表选出最能满足您需要的承载模式。In addition to considering the technical advantages and constraints of each option, you'll also need to think about your development goals when deciding on a hosting pattern. You can use the following table to help sort out which hosting pattern best fits your needs.

要求Your requirements 建议的托管模式Recommended hosting pattern 示例Example
专门处理和设置新 SharePoint 实体Work with and provision new SharePoint entities exclusively SharePoint 托管SharePoint-hosted 包含人员选取器控件并且将有关 SharePoint 用户的信息存储在 SharePoint 列表中的加载项An add-in that includes a people picker control and that stores information about SharePoint users in a SharePoint list
使用现有 SharePoint 实体并与外部(非 SharePoint)Web 服务交互Use existing SharePoint entities and interact with external (non-SharePoint) web services 提供程序托管Provider-hosted 从主机 Web 中的现有 SharePoint 列表中获取客户地址并使用 Web 应用程序中的映射服务显示其位置的加载项An add-in that gets customer addresses from an existing SharePoint list in the host web and uses a mapping service in a web application to display their locations
配置新的 SharePoint 实体并与外部 Web 服务交互Provision new SharePoint entities and interact with external web services 结合 SharePoint 承载和提供程序承载Combined SharePoint-hosted and provider-hosted 在应用程序 Web 上配置 SharePoint 列表,以便能够存储地址(用户提供或从现有 SharePoint 列表中提取)的纬度和经度坐标的映射加载项A mapping add-in that provisions a SharePoint list on the appweb so that it can store latitude and longitude coordinates for addresses that are supplied by the user or pulled from an existing SharePoint list

选择用于提供商托管加载项的托管模式时要注意的事项What to think about when choosing your hosting pattern for provider-hosted add-ins

SharePoint 托管加载项有固定的托管模式,因为它们托管在加载项 Web 上。SharePoint-hosted add-ins have a fixed hosting pattern because they are hosted on the add-in web. 若为提供商托管加载项,可以更灵活地托管加载项的各种组件。因此,如果选择创建此类加载项,需要将目标和要求与相应的托管模式对应起来。Provider-hosted add-ins provide more flexibility for hosting the various components of your add-in, so if you choose to create one, you'll need to match your goals and requirements to the appropriate hosting pattern.

OAuth 或跨域库OAuth or the cross-domain library

考虑提供程序承载的加载项以及如何构建时需要询问的一个最重要的问题是加载项如何获取与 SharePoint 交互的授权。提供程序承载的加载项为您提供了两个选择:JavaScript 跨域库和 OAuth。One of the most important questions you need to ask when considering provider-hosted add-ins and how you'll build them is how the add-in will get authorization to interact with SharePoint. Provider-hosted add-ins give you two choices: the JavaScript cross-domain library and OAuth.

使用**跨域库**,可以通过代理在加载项的远程组件中与多个域进行交互。The cross-domain library lets you interact with more than one domain from the remote components of your add-in through a proxy. 如果客户端代码和登录 SharePoint 的用户的权限足够,不妨考虑使用跨域库。If client-side code and the permissions of a user who is signed in to SharePoint are sufficient, the cross-domain library is a good option. 只要是通过防火墙进行远程调用,跨域库使用起来也很方便。The cross-domain library is also convenient whenever you are making remote calls through a firewall.

OAuth 是一种开放的授权协议,可以一种易于管理的方式在客户端应用(桌面、Web 和移动应用)中进行安全授权。OAuth is an open protocol for authorization that enables secure authorization from client applications (desktop, web, and mobile applications) in an easily manageable way. 如果打算生成的 SharePoint 加载项不仅是在远程 Web 应用中运行,而且还与 SharePoint 重新通信,那么通常需要使用 OAuth。If you plan to build a SharePoint Add-in that runs in a remote web application and communicates back to SharePoint, you will often need to use OAuth. 只要是从不得以独占方式使用客户端代码 (HTML + JavaScript) 的远程托管 Web 应用中调用 SharePoint,就必须使用 OAuth。OAuth is required whenever you are calling into SharePoint from a remotely hosted web application that can't use client-side code (HTML + JavaScript) exclusively. 详细了解 SharePoint 加载项中的 OAuth 工作原理Learn more about how OAuth works in SharePoint Add-ins.

SharePoint 外接程序的安全数据访问和客户端对象模型SharePoint 外接程序的三个授权系统更加全面地介绍了 OAuth 和跨域库之间的选择。Secure data access and client object models for SharePoint Add-ins and Three authorization systems for SharePoint Add-ins explain the choice between OAuth and the cross-domain library more thoroughly.

OAuth 与本地 SharePoint 场OAuth with on-premises SharePoint farms

如果使用的是 SharePoint 本地部署,可以使用 OAuth,但需要在创建高信任加载项和使用 Office 365 租赁之间做出选择。If you are using an on-premises deployment of SharePoint, you can use OAuth, but you will have to choose between creating high-trust add-ins and using an Office 365 tenancy. Office 365 将 Microsoft Azure 访问控制服务 (ACS) 用作信任代理。如果无权访问 Office 365 租赁,需要按照创建高信任 SharePoint 加载项中的说明操作,即使用证书在加载项和 SharePoint 之间建立信任。Office 365 uses Microsoft Azure Access Control Service (ACS) as the trust broker, and if you do not have access to an Office 365 tenancy, you'll need to use Create high-trust SharePoint Add-ins, which uses certificates to establish trust between your add-in and SharePoint. 可以向 SharePoint 场的加载项目录添加高信任加载项,但不能在 Office 应用商店中出售它们。You can add high trust add-ins to the add-in catalog of your SharePoint farm, but you can't sell them in the Office Store. 如果有权访问 Office 365 租赁,可以将它与 SharePoint 本地安装相关联,并对安装到本地 SharePoint 的加载项使用 ACS 作为信任代理If you do have access to an Office 365 tenancy, you can link it to your on-premises installation of SharePoint and use ACS as the trust broker for add-ins that are installed to your on-premises SharePoint.

下表列出了承载加载项的 SharePoint 组件和远程组件的所有可能模式,以及使用 OAuth 时可用的信任代理。请注意,您需要拥有对 Office 365 租户的访问权,才能使用 ACS 在 SharePoint 和安装到 SharePoint 本地安装的 SharePoint 外接程序之间建立信任。The following table lists all of the possible patterns for hosting both the SharePoint components and the remote components of your add-in, along with the trust brokers that are available to you if you're using OAuth. Note that you'll need access to an Office 365 tenant in order to use ACS to establish trust between SharePoint and a SharePoint Add-in that is installed to an on-premises installation of SharePoint.

SharePoint 组件位置SharePoint component location 远程组件位置Remote component location 信任代理Trust broker
本地On-premises 云中In cloud ACS、证书ACS, certificate
本地On-premises 本地On-premises ACS、证书ACS, certificate
Office 365 SharePoint 网站Office 365 SharePoint site 在云中In cloud ACSACS
Office 365 SharePoint 网站Office 365 SharePoint site 本地On-premises ACSACS

结合使用提供商托管和 SharePoint 托管Combine provider hosting and SharePoint hosting

还可以生成包含 SharePoint 托管组件和云托管组件的加载项。You can also build add-ins that include both SharePoint-hosted and cloud-hosted components. 例如,可以创建包含自定义 SharePoint 列表和内容类型的云托管加载项For example, you can create a cloud-hosted add-in that includes a custom SharePoint list and content type. 如果选用此体系结构,设计和方法必须考虑到模型中内置的安全限制。If you choose to use this architecture, your design and approach must account for security limitations that are built into the model. 只能在 SharePoint 托管的代码组件中使用 JavaScript,而且远程托管组件必须使用 OAuth 或跨域库与 SharePoint 网站进行交互。You can use only JavaScript in the code components that are hosted by SharePoint, and the remotely hosted components must use either OAuth or the cross-domain library to interact with the SharePoint website. 考虑采用这种方法时,请务必了解 SharePoint 中的加载项授权工作原理When considering this approach, make sure that you understand how add-in authorization works in SharePoint.

图 3 展示了使用 Azure 托管加载项的远程组件并使用 OAuth 时的体系结构。Figure 3 shows you how this architecture works if you use Azure to host the remote components of your add-in, and you use OAuth.

图 3:使用 OAuth 和 Windows Azure 时的 SharePoint 加载项服务器间通信Figure 3. SharePoint add-in server-to-server communication when you use OAuth and Windows Azure

Server to server communication restrictions

了解如何创建结合了云托管和 SharePoint 托管的加载项Learn how to create an add-in that combines cloud hosting and SharePoint hosting.

考虑结合使用提供商托管和 SharePoint 托管时,请注意以下几点。Here are some things to think about when you're considering a combination of provider hosting and SharePoint hosting.

获得权益Get these benefits 应考虑的问题But consider this
这两种方法的全部优势。All the benefits of the two approaches. 体系结构更加复杂,需要仔细规划服务器间通信和跨网站脚本限制。More complex architecture requires careful planning around server-to-server communication and cross-site scripting restrictions.

Azure Web 角色中的提供商托管加载项Provider-hosted add-ins in Azure Web Roles

可以在 Azure Web 角色(而不是 Web 应用,无论 Web 应用是本地网站还是 Azure 网站)中托管提供商托管 SharePoint 加载项。You can host a provider-hosted SharePoint Add-in on an Azure web role instead of a web application (whether the web application is on-premises or an Azure website). Azure Web 角色实质上是基于 Internet Information Services (IIS) 且在 Azure 上托管的网站。An Azure web role is, essentially, a website that's based on Internet Information Services (IIS) and hosted on Azure. 可以利用 Azure Web 角色的托管服务和可伸缩性。You can take advantage of the hosting services and scalability of Azure web roles. 此外,还可以提升 SharePoint 加载项的性能和可用性,尤其是当加载项的使用率高或需求随时间推移而变化时。You can also enhance the performance and usability of your SharePoint Add-in, especially if the add-in is heavily used or demand for it changes over time. 如果 SharePoint 加载项需要更多的服务器资源,那么 Azure 可以向加载项动态分配资源。If the SharePoint Add-in ever requires more server resources, Azure can dynamically allocate them to the add-in.

若要详细了解 Azure Web 角色,请参阅下面的链接。See the following links for more information about Azure web roles.

需要安装用于 .NET 的 Microsoft Azure SDK (Visual Studio 2012) 1.8.1 这一必备组件。可以使用 Web 平台安装程序进行安装。As a prerequisite, you will need the Microsoft Azure SDK for .NET (Visual Studio 2012) 1.8.1, which you can install by using the Web Platform Installer.

在 vsnv 中创建项目的方式取决于是先添加 SharePoint 加载项项目,再添加 Azure Web 角色项目,还是先添加 Azure 项目,再添加 SharePoint 项目。The way that you create the project in vsnv depends on whether you start with a SharePoint Add-in project and then add the Azure web role project, or you start with the Azure project and then add the SharePoint project.

将云服务添加到现有加载项Add a cloud service to an existing add-in

如果已有要在 Azure 上托管的提供商托管 SharePoint 加载项,请选择 SharePoint 加载项解决方案中的 Web 应用项目。If you already have a provider-hosted SharePoint Add-in that you want to host on Azure, choose the web application project in the solution for the SharePoint Add-in. 在菜单栏上,依次选择“项目”**** > “添加 Microsoft Azure 云服务项目”****。On the menu bar, select Project > Add Microsoft Azure Cloud Service Project. 此时,Azure 项目 NameOfTheWebAppProject.Azure 会添加到 SharePoint 加载项解决方案中。An Azure project called NameOfTheWebAppProject.Azure is added to the solution for your SharePoint Add-in. Web 项目的 Web 角色也会添加到 Azure 云服务项目中。A web role for the web project is also added to the project for the Azure cloud service. Visual Studio 2012 的 Office 开发人员工具设置必要的项目属性,以便 Web 角色能够处理 SharePoint 加载项。The Office Developer Tools for Visual Studio 2012 sets the necessary project properties so that the web role can work with the SharePoint Add-in.

将加载项添加到现有 Web 角色Add an add-in to an existing web role

如果在 Azure 云服务中已有要用作提供商托管 SharePoint 加载项主机的 Web 角色,请打开 Visual Studio 中的 Azure 云项目,再选择“解决方案资源管理器”**** 中的 Web 角色项目。If you already have a web role in an Azure cloud service that you want to use as a host for a provider-hosted SharePoint Add-in, open the Azure cloud project in Visual Studio, and then, in Solution Explorer, choose the web role project. 在菜单栏上,依次选择“项目”**** > “为 SharePoint 项目添加加载项”****。On the menu bar, select Project > Add Add-in for SharePoint Project. 此时,为提供商托管 SharePoint 加载项创建了项目 NameOfTheWebAppProject.Azure,并将它添加到了解决方案中。A project for a provider-hosted SharePoint Add-in is created called NameOfTheWebAppProject.Azure and added to the solution. Visual Studio 将 Azure Web 角色引用为 SharePoint 加载项的 Web 项目主机。Visual Studio references the Azure web role as the web project host for the SharePoint Add-in.

另请参阅See also