OFC323
Dot-Com Meets SharePoint:
Building an Internet-Facing Web
Site Using Microsoft Office
SharePoint Server 2007
Jim Masson
Lead Program Manager
Microsoft Corporation
Agenda
A look at an example internet site
The ABCs of Publishing
Authentication and Authorization
Internet Facing Topologies
Performance and Scale
Key topics covered elsewhere
OFC216 Using the Web Content Management Features of Microsoft
Office SharePoint Server 2007 to Build Great Looking Sites
Branding and change control
Multi-lingual publishing
Catch it on the DVD
OFC329 Migrating Your Content Management Server 2002 Web Sites to
Microsoft Office SharePoint Server 2007
Migration from CMS 2002
Thursday 1 – 2:15 259 AB
A Tour Through an Internet Site
Jim Masson
Lead Program Manager
Office SharePoint Servers
Site Features
Visible
Custom Look And Feel
Anonymous Access
Blog
Content Rollup
Navigation
Behind the Scenes
Custom Master Page
Forms Authentication
WSS Blog template
Content Query and Table of Contents Web Parts
Controlled Publishing Process
Separate authoring and production environments
Cached for Performance
ABCs of Web Content Management
Extranet
Enterprise
Division
Team
Individual
Internet
Authoring and Branding
Custom master page provides a shared look
and feel
Page Layouts control how specific types of
content are presented
All press-releases share a common structure
Constrained Editing Controls
HTML editor, link, and image controls
Styles can be separated from content
Branding Enforcement
Per web control of available master pages, page
layouts, and web templates
Controlled Publishing
Pages are document library items
Check out
Draft versions
Simple moderation
Approval workflows
Custom workflows
Page and document scheduling
Author can specify when content goes live
Content Deployment
Controlled release into production
Controlled Publishing
Jim Masson
Lead Program Manager
Microsoft Corporation
Security on Public Sites
Authentication and Authorization
Common pattern
Anonymous access site
But with a “members area”
Forms Authentication
Hardening
Restricted Reader Role
Disabling Client Integration
Policy enforcement
Authentication and Authorization
Several Authentication Methods Available
Windows, Forms, Web SSO
Per Web Application
Forms Authentication
ASP.NET 2.0 Membership model
We ship LDAP membership provider
AD, ADAM, third party LDAP servers
Other ASP.NET Providers can also be used
i.e. SQL Server Provider shipped with ASP.NET
Anonymous Access
Configuring Anonymous Access
Enabled by central administrator per web application
Can then be enabled in webs and lists
For publishing scenarios, must be enabled in the root web
Subwebs can then require authentication
i.e. members areas
Rights capped
You simply cannot give anonymous users some rights
(i.e. writing to a document library)
Hardening
Restricted Reader role
Restricted Readers can use the site
Can view pages, documents, images
But they can’t use everything
Can’t call Remote APIs
Can’t view SharePoint application UI
Can’t view minor or historical versions
Disabling Client Integration
Policy
Can constrain maximum access per web application
Deny all write access via http://site:80
ACLs can’t give you back write access
Updates only via content deployment, or an intranet facing
web app
Security Configuration
Jim Masson
Lead Program Manager
Microsoft Corporation
Topologies
Farms
Scale up and down as needed
Performance
Redundancy
Multi-farm
Staging environments in different network
Example
Authoring in intranet with Active Directory authentication
Production in perimeter network with forms auth
Site collections can be deployed
between environments
Multi-Farm Topology
Web Front End
Content
Deployment
Requests
Internet
NLB
Authoring Farm
Production
Farm
Internet
Content Deployment
Paths and jobs
Paths connect source and destination Site Collections
Jobs control what content is copied when
One direction (source -> destination)
Not multi-master
Incremental by default
Incremental takes changes since last successful deployment
Configured by central administrator
Can delegate to authors using the “QuickDeploy” job
Content fix-up
Links
Security
Content Deployment
Jim Masson
Lead Program Manager
Microsoft Corporation
Performance and Scale
Internet Publishing Scenarios
Mostly Read
Many repeat views of the same content
Course Grained Access
Good candidate for caching
Improve Scale Up
Improve Scale Out
Caching
Goal: Make your web site fast 
Minimize work per request in order to increase
performance for Internet scale
Respect permissions and personalization
Two main types of caching
No execution of the web page
Page output cache, disk-based cache
Reduction of number of database round trips
Page item cache, navigation node cache, list query cache
(cross list, single list)
Internet sites will focus on the first type
Page Output Cache
Serves cached versions of HTML output of
page to users
Cache one version of the page for each “bucket”
of users with unique permissions on the site
Cache is in-memory
Most efficient when most users have the same
rights on the site
Anonymous users are all in one bucket
Request
Cache
Master Page
Navigation
Page Content
Data-Driven
Views
Configuring Output Caching
Cache Profiles – “How long should things
be held in the cache”?
Centrally defined, change in one place takes effect
across site collection instantly
Can apply to sites and to page layouts separately
Separate profiles for anonymous users versus
authenticated users
Cache Policy – “What profiles can be
used where?”
Allow or disallow owners of sites and page layouts to
choose a “cache profile” of their own
Centrally controlled per site collection
Disk-Based Caching
Caches page resources on web front-end
servers for serving to users
Images, .css, .js files are retrieved from the database once,
and stored on disk on the web front end
Further requests are served from the cache, trimmed based
on security
Configurable: Place on disk to cache, # of megabytes on disk,
file extensions to support
Cache
Logo.jpg
Gradient.gif
Styles.css
Script.js
Call To Action
Install And Use Beta 2
Give Us Feedback
http://blogs.msdn.com/ecm
Chalk Talks In The TLC
Thursday 9:45 – 11:00 AM
Thursday 2:45 – 4:00 PM
Related Sessions
OFC216 Using the Web Content Management Features of
Microsoft Office SharePoint Server 2007 to Build Great Looking
Sites
Catch it on the DVD
OFC329 Migrating Your Content Management Server 2002 Web
Sites to Microsoft Office SharePoint Server 2007 259 AB
Thursday 1:00 – 2:15
Resources
Technical Chats and Webcasts
http://www.microsoft.com/communities/chats/default.mspx
http://www.microsoft.com/usa/webcasts/default.asp
Microsoft Learning and Certification
http://www.microsoft.com/learning/default.mspx
MSDN & TechNet
http://microsoft.com/msdn
http://microsoft.com/technet
Virtual Labs
http://www.microsoft.com/technet/traincert/virtuallab/rms.mspx
Newsgroups
http://communities2.microsoft.com/
communities/newsgroups/en-us/default.aspx
Technical Community Sites
http://www.microsoft.com/communities/default.mspx
User Groups
http://www.microsoft.com/communities/usergroups/default.mspx
Fill out a session
evaluation on
CommNet for
a chance to
Win an XBOX 360!
The 2007 Microsoft Office System
Clients. Servers. Solutions.
Install Beta 2 today!
It’s in your attendee bag
Talk
Lab
Learn more at the Office System TLC
Demo Stations / Hands-on-Labs / Chalk-talks
Demo
Get more information
http://www.microsoft.com/office/preview/default.mspx
http://msdn.microsoft.com/office/
© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not
be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.