Mobile App talking to SharePoint behind TMG

 

Often when one thinks about app development in a corporate environment, ideas strike around business processes that are already existing, functionalities that have already been implemented yet accessibility is limited. When I say limited I mean the mechanism to access that application/functionality is via for example the intranet/extranet. How about have a mobile app that could read/write from your SharePoint extranet which is sitting behind TMG. This was our scenario so here is how I approached it end-to-end.

 

So what will it be? Native, Web, Hybrid? Well since I had HTML5, jQuery and CSS3 skills, I went for mobile web app approach. There was no business requirements for what platforms this app should target so I had the flexibility to opt for the one I could quickly come up with something working. There are a lot of debates around what type of app development should one target and I think it all boils down to the requirements, reach and timeframe that one has.

 

There are a lot of frameworks that can help speed up your mobile app development. I chose jQuery mobile for this instance as it is cross-platform, supports HTML5 and has good documentation to refer to. Cordova for the add-on to access some basic device functions like accelerometer  via JavaScript. I also used a few apple tags that helped me create a splash screen and app icon for iPhone and iPad. The app was also tested on the Andriod phone as well and worked just as fine.

 

The data that I wanted to get on the device was tucked away in a SharePoint list in the company intranet. This list was used to put in leave requests which had a workflow for approval associated with it. I wanted to get this data via SharePoint web service on to the device and show who was on leave . As long as I was on the corporate network, all good but as soon as I had to get it over the internet, I had some trouble with authentication via TMG.

 

TMG had forms based authentication enabled and hence had a forms based authentication page that comes up as soon as I try to access the intranet site over the internet. In order for the TMG to be able to request credentials from the client web service, TMG should throw as 401 code but it would send a 302 redirection code to the login page which does not help when you want to give users a smooth browsing experience. The approach I took was to update the UserAgent of the request to "Microsoft-WebDAV-MiniRedir/6.0.6002". I couldn't do this at the client side as this property cannot be updated using JavaScript. This had to be done on the server side so I wrote a wrapper web service that the client would call and this service in turn would call the SharePoint web service behind TMG by posing as a WebDAV request. TMG understands that the WebDAV request cannot be redirected to forms based authentication page and hence will fall back to Basic Authentication giving a 401 status code and the wrapper service can then respond with the user credentials.

 

I wanted to automate the deployment and code management as much possible and explored some options and found that Windows Azure had an integration with code repositories like BitBucket for auto publishing. As soon as I checked in the code in the repository, the updates got deployed to the cloud. This model of hosting the app code in the cloud is good when you want to manage updates to the code without the users updating the app. This also gives the advantage that all users using your app are on the same version of the code and there is no need to maintain old version functionality if it is not going to be used going forward.

 

Once the app got a decent response and I got some good feedback about it, I then added the functionality to be able to request of leave. This request on the app would result in creating a list item in the leave request SharePoint list which would then trigger the leave approval process.

 

Here is an architectural diagram that explains the approach more visually.

 

There is a big potential for apps like these in organisations that have a lot of information in their SharePoint environments and want to give their users a way to access/interact with the information remotely via a mobile app.