With the release of SharePoint Foundation 2010, Microsoft introduced several new features and capabilities along with upgrading items from previous versions of SharePoint. In this section, you will read a brief description of each of these new and upgraded features, along with an example that demonstrates why you should care about them.
One of the most obvious changes in SharePoint Foundation 2010 is that the ribbon from Microsoft Office 2007 has been incorporated in the platform. This change in the user interface is fundamental when it comes to interacting with Office products. As such, anyone who is familiar with Office 2007 will see this familiar feature in your sites now, as well.
For those of you who are not entirely comfortable with the ribbon, you can relax; it’s easy to use; you just need to understand the layout. The ribbon is context driven, meaning that you see the options that you need when you need to use them.
For example, if you are using a library within SharePoint, the ribbon will display options for tasks that are typically done in a library, such as creating a new document, uploading a document, checking-in a document, and so on.
The ribbon is divided into tabs, which are further divided into groups. Typically, a library has a Documents tab, which is divided into groups, such as New, Open & Check Out, Manage, Share & Track, Copies, Workflows, and Tags and Notes. Each of these groups contains specific actions that you can choose. For example, if you want to set up an Alert, on the Document tab, select the Share & Track group, and then click the button labeled Alert Me.
What’s more, as you perform different functions within the platform, you will notice additional tabs appear on the ribbon that are related to the task you’re currently performing. For example, you see the Edit tab when you are editing content properties, but you won’t see it if you are simply browsing a list of items.
Alerts were available within Microsoft Office SharePoint Server (MOSS) 2007; they were great as long as you had access to your email account. At the same time, they were a bit annoying because they were email messages that were sent to your email account. As many business users discovered, some of the alerts they set up generated a lot of excess email traffic that they had to manage.
SharePoint Foundation 2010 has expanded the alerts framework so that you can have alerts sent as Short Message Services (SMS) to your mobile devices. You can now tailor a business solution that sends out an SMS Alert to mobile devices. You can even create a totally customized alert system if you want, such as in the following examples:
You might want the initial assignment of a task to send an email message to the person to whom it was assigned.
Next, you might want the project manager to be notified by an email message when the task is three days from its due date.
You might want it to send an SMS Alert hourly to your team members when the task is in the last 12 hours before its due date and it does not show a completed status.
And finally, you might want to know if someone is able to take up the task and work on it to completion.
The Business Data Catalog (BDC) from MOSS 2007 has undergone a facelift and a name change; its new name is the Business Connectivity Services (BCS). It is now included in SharePoint Foundation and is no longer exclusive to the SharePoint Server product.
The BCS is able to provide full CRUD capabilities to external data from Line-of-Business (LoB) systems, web services, databases, and other external systems. This information is then presented within SharePoint Foundation 2010. The features within the SharePoint platform are able to access external data sources directly, both online and offline. By using familiar tools such as SharePoint Designer 2010 and Microsoft Visual Studio 2010, you can build solutions that can exploit these external sources within the SharePoint platform.
With the BDC in previous releases of SharePoint, you could only view the data in external sources. With BCS, you can not only view the data, but you can fully interact with it, all through familiar interfaces such as Microsoft Outlook. You can, for example, begin the onboard process for a new employee by simply adding them as a contact to Outlook, which can be tied to a business solution that copies the information to an External list (an external legacy data source such as Oracle), which in turn starts a workflow to make this person an employee.
You can connect to a wide variety of data sources, such as:
Databases
Web and Windows Communication Foundation (WCF) services
Microsoft .NET connectivity assemblies
Custom data sources
In addition to connectors for existing data sources, BCS provides a pluggable framework for developers to use to create connectors for new external system types, thus enabling these new data source types to be accessed via BCS.
The BCS is more efficient than the older BDC model. In the past, the BDC could only perform single item operations such as search, and if you needed other operations to be performed, they had to be done in a separate call. You are now able to provide batch and bulk operation support, with which you can read multiple items in a single call; in doing so, the number of round trips to the data source is greatly reduced, resulting in better overall performance.
BCS now supports the reading of Binary Large Objects (BLOB) data, which is really useful when it comes to streaming BLOBs of data from external systems. You can also use dot notation in field names, which you can use to read and write complex types.
SharePoint Foundation 2010 introduces three new client application programming interfaces (APIs) that you can use to interact with SharePoint sites from a .NET managed application (must be no earlier than Microsoft .NET Framework 3.5), a Microsoft Silverlight application (no earlier than Silverlight 2.0), or from ECMAScript (JavaScript, Jscript) that executes in the browser.
You are now able to design solutions that are fully interactive from within the browser. For example, you can use Silverlight to see different “what if” scenarios graphically, using real-time data.
In Windows SharePoint Services 3.0, fields were rendered on list views by a RenderPattern element in a field definition file, fldtypes*.xml. In SharePoint Foundation 2010, fields are rendered on list view pages by XSLT stylesheets. This means that you now must define the rendering of your custom field types by creating a custom XSLT stylesheet rather than by adding a custom RenderPattern element to a field type definition.
SharePoint Foundation 2010 supports multiple new events, including onCreate events for lists and websites and support for synchronous after events. It also offers a more approachable events infrastructure that is easier to program against than earlier versions.
SharePoint Foundation 2010 new events include:
Add and delete events on lists
Add events on websites
Synchronous or asynchronous after events.
Additionally, new event model capabilities include the following:
Event registration at the Site Collection level
XML event registration at the site receiver
Improved semantics for retrieving event data
Improved user interface for form-level events
The Health Analyzer is an extensible, rules-based infrastructure that not only monitors but also maintains the health of the entire SharePoint Foundation environment throughout a server farm. It is designed to automatically check for potential configuration, performance, and security issues and to identify these items to farm administrators.
SharePoint Health Analyzer monitors the farm by applying a set of health rules. A health rule is nothing more than executable code that is deployed at the farm level and is registered with the SharePoint Health Analyzer by a farm administrator. SharePoint Foundation 2010 ships with a number of health rules. You can create and deploy custom health rules by writing code that utilizes the SharePoint Foundation object model.
SharePoint Foundation 2010 comes with several enhancements and features to the list infrastructure, which improve the user experience along with data integrity.
Microsoft Office SharePoint Server 2007 demonstrated that when deployed on an enterprise level, the contents of lists can grow to become so large that performance can be diminished substantially. SharePoint Foundation 2010 addresses this issue by incorporating a new List View Threshold feature that allows you to specify the maximum number of items that a database operation can retrieve. If a search query exceeds the threshold, the query is blocked to avoid adversely affecting site performance. The user is notified that the limit has been achieved and is given the opportunity to refine the search query to retrieve a more manageable set of results.
Alternatively, you can also schedule “happy hour” controls to avoid times when you expect heavier loads. By scheduling during these less active time periods, users can run queries or reports that will return a large number of items without affecting other users on the platform.
Previously, you could create a loosely defined relationship between lists though a lookup field, whereby a child list would look to a parent list. With SharePoint Foundation 2010, items in a parent list are “aware” of related items in the child list, and you can set referential integrity constraints on the child items by specifying delete behavior. These list relationships and delete behaviors can be set either through the user interface or through the object model.
With SharePoint Foundation, you can set a primary key on column fields. This is done by using (or “enforcing”) a new feature called Unique Column Constraints, which you can use to enforce unique values in a list or document library column.
For example, you might want to ensure that the same Customer ID number is not applied to multiple customers. By enforcing the uniqueness of the column, you prevent the same Customer ID number from being used more than one time.
Not all column types support this feature. Table 1-2 lists which column types are supported and which are not.
Table 1-2. Column Type Support for Unique Column Constraints
Boolean (yes/no) | No |
Calculated field types | No |
Checked out to | No |
Choice field (but not multi-choice) | Yes |
Content type ID | No |
Created time | No |
Currency | Yes |
Custom field types | No |
Date/Time | Yes |
Hyperlink/Picture | No |
Lookup (but not multi-value) | Yes |
Modified by | No |
Modified time | No |
Multiple lines of text | No |
Number | Yes |
Person or Group (but not multi-value) | Yes |
Single line of text | Yes |
Title (but not in a document library) | Yes |
UI version | No |
BCS has introduced a new kind of list called the External list, with which you can access external data residing in different systems, databases, and spreadsheets in the same way that you access SharePoint Foundation list data. You can interact with the External list in the same way that you interact with other SharePoint lists; moreover, you can write to these lists (if the external data source allows it) and synchronize these changes with the click of a button.
Within SharePoint Foundation, the Microsoft Sync Framework provides a comprehensive and unified synchronization architecture that provides data-agnostic and bi-directional capabilities to developers. Due to its design, other Microsoft and third-party applications can synchronize more easily with SharePoint 2010 deployments.
The Sync Framework provides three core building blocks:
Sync Metadata Services
Sync Provider
Sync Runtime
The ability to use mobile devices to access SharePoint Foundation functionality, lists, and pages has been greatly expanded.
You can now have a mobile page that corresponds in purpose, data, and functionality to a nonmobile Web Parts page. Any Web Part on a nonmobile page can be adapted to be duplicated on a mobile page by adding a control. Some of the major Web Parts that are built in to SharePoint already have these adapters. You can develop your own adapters for Web Parts that you want to make available on mobile pages, so when a mobile device accesses a Web Parts page, it is redirected to the corresponding mobile page.
Your SharePoint Foundation solutions can now have SMS messages sent to mobile phones. If your solution uses the Outlook Messaging Service (OMS) protocol, most of your development work has been done for you.
SharePoint Foundation 2010 expands this mobile support, enhancing its Alerts feature. You can now choose to have Alerts sent via SMS messages to mobile devices. This is done by giving the SharePoint Foundation web application its own account (which can be changed programmatically) with a messaging service provider.
You can do more within the SharePoint environment by using your mobile phone. SharePoint Foundation 2010 adds many new types of mobile pages and over 60 new public mobile controls. These improvements provide new or enhanced support in mobile devices; which include view filtering, contact selection, file uploading, images, wiki pages, Web Part pages, and other functionality. The visual appearance of mobile pages is more colorful, as well. You can now duplicate the mobile experience through the full range of appearance, functionality, and data access that your SharePoint Foundation solutions provide to nonmobile users.
Through the use of a programmable system of throttling HTTP requests, SharePoint Foundation 2010 can control the number of requests when the front-end web server handling the requests becomes too busy to accommodate them all.
Using your existing system, the server code can perform the following:
Determine which Windows Server 2008 performance counters are used to establish whether a front-end web server is busy.
Define what values of a counter are poor enough to cause the worker thread to begin throttling.
Define which kinds of HTTP requests are throttled and whether they are throttled as soon as the server is busy or only when it has been busy continuously for at least 60 seconds.
Exempt certain kinds of HTTP requests from throttling.
The system can also report the current health score of the front-end web server in the HTTP response object so that your client-side code can do its own request throttling.
It is no longer necessary to compose a Collaborative Application Markup Language (CAML) query when your code needs to query a list. Instead, SharePoint Foundation 2010 comes with a Language-Integrated Query (LINQ) to SharePoint provider, with which you can query SharePoint lists from server code by using LINQ syntax. The provider can translate your LINQ queries to CAML queries for submission to the content database. Furthermore, since SharePoint Foundation 2010 also adds a new Join element to its Query Schema, you can have both implicit and explicit joins in your LINQ queries by using the join keyword. You can also write to lists by using the LINQ to SharePoint provider.
Note
To use this functionality, remember that you must have classes that provide an object-oriented interface over the relational content databases. These classes are generated for you by the SPMetal tool that comes with SharePoint Foundation 2010.
You can use LINQ syntax in your code even if you are not using the LINQ to SharePoint provider. Any SharePoint Foundation object that implements IEnumerable(Of T) can be queried by using LINQ syntax.
You can now join multiple lists in a single query utilizing the new Join element. Use the new ProjectedFields element to specify what list fields to include in the results; there are some details that will need to be considered when using these elements, such as the following:
You cannot join just any two lists, regardless of type.
If two lists are able to be joined, you cannot use just any primary or foreign field as the “join on” pair of fields
Client applications can now access SharePoint Foundation data in entirely different ways.
You can query within the client model in two ways:
Write CAML queries for use with the SPQuery class
Query any SharePoint Foundation object that implements the IEnumerable(Of T) with LINQ to Objects
You can query by using the ADO.NET Data Services Framework if the client application does not utilize the new SharePoint Foundation client object model and you only need to query list data.
Unlike previous SharePoint releases, it is encouraged to use either the client object model or the ADO.NET Data Services Framework for the best performance and usability. You can use previous web services such as the List Data Retrieval web service (which is still supported) but they are in place primarily for providing backward compatibility and interoperability with web service clients.
To maximize the new client application’s compatibility with future versions of SharePoint Foundation, it is highly recommended that you make direct calls to the owssvr.dll file as a method of client access.
The SharePoint Foundation 2010 Software Development Kit (SDK) does include documentation about client-side access to the SharePoint Foundation deployments by using RPC calls, but this information is only included to provide troubleshooting assistance to client applications that already make such calls.
The ribbon serves as the primary user interface that you use to interact with SharePoint Foundation 2010 sites. Earlier versions of SharePoint had commands that were accessed through multiple surfaces and located in various menus.
By contrast, the introduction of the ribbon presents an interface that is grouped in a logical manner through the use of tabs and groups, making them easier to find. Furthermore, the ribbon’s functionality can be extended to include your own custom commands.
Microsoft has introduced a new concept called sandboxed solutions with the SharePoint Foundation 2010 platform. A sandboxed solution gives Site Collection users a safe place where they can develop, deploy, and test custom code solutions. This is accomplished by using a subset of the Microsoft.SharePoint namespace. These solutions are stored within a solution gallery. Additionally, farm administrators can monitor and validate these solutions prior to deploying them into the production environment. Performance can be monitored by measuring CPU execution time, memory consumption, and database query time. You can also monitor other aspects of operation, including abnormal termination, critical exceptions, unhandled exceptions, and data marshalling size.
SharePoint Foundation 2010 continues Microsoft’s tradition of building on and enhancing security.
Claims-based identity is an identity model in SharePoint Foundation 2010 that includes features such as authentication across users of both Windows-based and non–Windows-based systems, multiple authentication types, stronger real-time authentication, a wider set of principal types, and delegation of user identity between applications.
When you sign in to SharePoint Foundation 2010, your token (issued by a Windows Server 2008 claims provider during your initial logon to a network) is validated and then used to sign in to SharePoint. SharePoint Foundation 2010 and SharePoint Server 2010 support five sign-in or access modes:
Windows Classic-Mode Sign-In
Windows Claims-Mode Sign-In
SAML (Security Assertion Markup Language) Passive Sign-in Mode
ASP.NET Membership and Role Passive Sign-In
Anonymous Access
Note
SAML Passive is when a web application is configured to accept tokens from a trusted logon provider. A trusted logon provider is an external (resides outside of SharePoint) Security Token Service (STS) that SharePoint trusts.
When claims-aware applications are built and deployed, the user needs only to present an identity to the application as a set of claims. One claim might be a user name and another might be an email address. The idea here is that an external identity system can be configured to give the client application all the information that it needs to about the user with each request, along with cryptographic assurance that the identity data received by your application comes from a trusted source.
Under this model, single sign-on can be achieved much easier than before, and the client application is no longer burdened with:
Under this model, the client application makes identity-related decisions based on claims supplied the user.
A new feature within SharePoint Foundation 2010 is the automatic password change feature. With it, you can update and deploy passwords without the need to perform manual password update tasks across multiple accounts, services, and web applications. You can use the automatic password change feature to determine whether a password is about to expire and to reset the password utilizing a long, cryptographically-strong random string.
You use managed accounts to implement the automatic password change feature. Managed accounts in SharePoint Foundation improve on security and ensure application isolation.
With Windows SharePoint Service (WSS) 3.0, it was difficult to get a user’s effective permissions on securable objects. There was simply no built-in way to see accurately all of the sites, lists, libraries and content to which a user had access. Over time, it became even more difficult if a site had complex permission settings, especially if inheritance was broken and unique permissions were applied to items. Not only was it difficult to see what permissions a user had, but you could not determine how a particular user gained permission to a particular object. SharePoint Foundation 2010 introduces a new command on the ribbon called Check Permissions. With this new command you now have a quick way to enumerate all of the role assignments for a specific user within a specific scope.
The SPSecurableObject class exposes a new GetUserEffectivePermissionInfo method. This method retrieves an object with detailed information about the effective permissions that a specified user has in the current scope and the role assignments related to this user at this scope. This method does not include web application security policy information in the permission mask if the provided user belongs to a policy that is marked “Account Operate as System.” This method is available for users who have the EnumeratePermissions permission granted.
The Secure Store Service replaces the SharePoint Server 2007 single sign-on feature. Secure Store Service is a service that provides storage and mapping of credentials such as account names and passwords. With it, you can securely store data that contains credentials that are required for connecting to external systems and for associating those credentials to a specific identity or group of identities.
It is common for solutions to try to authenticate to an external system in which the current user is known differently or has a different account for authentication. In such cases, Secure Store Service can be used to store and map user credentials that are required by the external system. You can configure Secure Store Service so that multiple users can access an external system by using a single set of credentials on that external system.