应用主体的目的是什么？ [英] What is the purpose of app principal?

问题描述

我有一个网站集，其中安装了提供商托管的加载项（使用远程Web，但没有应用程序Web）。加载项包含一个客户端部分（以远程Web的ASP.NET MVC应用程序的URL为目标），该部分插入到网站集的
根网站的一个网站页面中。加载项远程Web应用程序在SharePoint场中注册为安全令牌颁发者（通过S2S和证书）。

I have a site collection where a provider-hosted add-in is installed (with a remote web, but without an app web). Add-in contains a client part (targeting a URL of the remote web's ASP.NET MVC application), which is inserted in one of the site pages of the root web of the site collection. Add-ins remote web applications are registered as security token issuers in the SharePoint farm (via S2S and certificates).

我在"站点内容"中看到加载项。但当我进入'网站设置'=> '网站应用权限'我只看到'SharePoint'主体，但不是我的加载项的主体（clientID，即'@'字符左侧的部分，不是我的加载项的部分）：

I see the add-in in 'Site Contents'. But when I got to 'Site Settings' => 'Site app permissions' I see only 'SharePoint' principal, but not a principal of my add-in (clientID, i.e. the part on the left of '@' character, is not that of my add-in):

我了解每个加载项必须在网站集中安装后才能在网站集中注册其应用主体。

As I understand every add-in must have its app principal registered in the site collection once installed in the site collection.

问题有点"基本"。并且可能有一个明显的答案，但在阅读MSDN和与SharePoint相关的书籍之后我并不清楚。

The question is a little bit "fundamental" and maybe has an obvious answer, but it's not clear to me after reading MSDN and SharePoint-related books.

1）我认为什么校长是"SharePoint"app主体？

1) What principal do I see as 'SharePoint' app principal?

2）为什么我看不到我的加载项的应用程序主体？

2) Why don't I see my add-in's app principal?

我在Visual Studio中看到的加载项的清单：

The manifest of my add-in as I see it in Visual Studio:

<?xml version="1.0" encoding="utf-8" ?>
<!--Created:cb85b80c-f585-40ff-8bfc-12ff4d0e34a9-->
<App xmlns="http://schemas.microsoft.com/sharepoint/2012/app/manifest"
     Name="My custom add-in"
     ProductID="{060a8042-9c31-49ae-967b-3ba485dc22d1}"
     Version="1.0.0.1"
     SharePointMinVersion="15.0.0.0">
  
  <Properties>
    <Title>$Resources:Addin_Title;</Title>
    <StartPage>~remoteAppUrl/?{StandardTokens}</StartPage>
    <SupportedLocales>
      <SupportedLocale CultureName="en" />
      <SupportedLocale CultureName="de" />
    </SupportedLocales>
  </Properties>

  <AppPrincipal>
    <RemoteWebApplication ClientId="*" />
  </AppPrincipal>
  <AppPermissionRequests AllowAppOnlyPolicy="true" >
    <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="Manage" />
  </AppPermissionRequests>
</App>

请标记为答案，如果这有帮助。

Please, mark as answer, if this helps.

推荐答案

1。 App Principal用于使用App Only Policy而不是真实用户凭证进行应用身份验证，它不会询问用户输入的用户名和密码，因此会更安全。

1. App Principal is used to make app authenticate with App Only Policy instead of real user credential, it won't ask user input user name and password, so will be more security.

2。 App Principal主要包含App Id和App Secret，需要在MVC web.config中添加：

2. App Principal mainly contain App Id and App Secret and it needs to be added in MVC web.config:

<add key="ClientId" value="d0ee6f6d-1c39-44b2-a284-f3143e820ec2"/>
<add key="ClientSecret" value="11Flt0LME9mnToNhRN5nmgeynAXW3nMBvJBrIBGlT/o="/>

ClientId表示AppId，ClientSecret表示AppSecret。

ClientId means AppId, ClientSecret means AppSecret.

更多详细信息，请参阅以下文章：

For more detailed information, please refer the articles below:

SharePoint 2013：使用仅应用程序策略和应用程序主体而不是用户名和密码组合

创建和部署SharePoint提供程序托管的MVC应用程序在Office 365和Azure中

谢谢

最好的问候

这篇关于应用主体的目的是什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！