Integrating Collaboration Hub with Microsoft SharePoint 2013/2016

Note

This section explains the Microsoft SharePoint 2007-2016 integration with certificate-based authentication. An overview over the different SharePoint integration variants is accessible at Integrating Collaboration Hub with Microsoft SharePoint.

If you are using our On-Premise Edition, please follow the instructions in the administration manual.

Important

Since Microsoft® stopped supporting Microsoft SharePoint 2007 and 2010 on October 9, 2012, respectively on October 13, 2015, it is getting increasingly difficult to provide Collaboration Hub for these SharePoint versions.

As we want to keep Collaboration Hub up to date and to provide the best features possible, we stopped supporting Microsoft SharePoint 2007 and 2010 on April 1, 2017.

In case you experience problems during the integration, please read Troubleshooting the Microsoft SharePoint integration.

To integrate Collaboration Hub with SharePoint Server, the following steps are necessary:

Installing the Signavio Connector Web Service (AD-based access, SharePoint 2013/2016)

The web service is required for SaaS systems to gain access to Active Directory data within a local domain. The web service files can be downloaded here: https://editor.signavio.com/sharepoint/signavio_ldap_access.zip

To install the web service on your Microsoft SharePoint system, proceed as follows:

  1. Open the file Web.Config and configure the values of serverurl and base. base_DN refers to Active Directory folders, which are used to search for users and user groups. In case several folders need to be added, separate them with a | during the configuration.

    Active Directory with six preferred folders to search in

    The base_DN folder values can be defined like the following examples:

    • OU=Groups,OU=AAA,OU=Organization,DC=adtest,DC=local
    • OU=Users,OU=AAA,OU=Organization,DC=adtest,DC=local
    • OU=Groups,OU=BBB,OU=Organization,DC=adtest,DC=local
    • OU=Users,OU=BBB,OU=Organization,DC=adtest,DC=local
    • OU=Groups,OU=CCC,OU=Organization,DC=adtest,DC=local
    • OU=Users,OU=CCC,OU=Organization,DC=adtest,DC=local

    In Active Directory, there are two types of folder icons. Regular folders use the syntax CN=foldername and Organization Unit folders (as shown in the example) use a syntax like OU=foldername.

  2. In order to use a specific user name and password to access the Active Directory instead of an Application Pool identity, uncomment the username and password fields and fill them accordingly. Note that the user name must have a domain prefix, e.g. TEST\User.

  3. Copy the signavio_ldap_access folder to the wwwroot directory, which is (by default) C:\inetpub\wwwroot. Make sure that the NetworkService account has read access to the folder (by default that is the case).

  4. Open the IIS manager and select Application pools from the expandable list on the left. Right click the Signavio application pool and select Add Application Pool...:

    Click "Add Application Pool...".
  5. Enter the following parameters for the new Application Pool:

    Creating an Application Pool with valid parameters.
    ::

    Name: signavio_ldap_access

    Net Framework-version: 4.0.X

    Managed Pipeline mode: Classic Start Application pool: Yes

  6. Right click the newly created Application Pool and select Extended options. Under Process Model, check that the identity is NetworkService. If not, edit the field’s value by selecting NetworkService from the first drop-down list and press OK:

    Change the identity of the Application Pool.
  7. Right click Sites in the menu on the left and select Add Website..:

Click "Add Website...".
  1. Enter the following parameters:
Define service parameters:
Sitename: signavio_ldap_access
Application pool: signavio_ldap_access (select from the list)
Physical path: navigate to the signavio_ldap_access folder(default path:
C:\inetpub\wwwroot\signavio_ldap_access)
Port: choose a suitable port, which is not used by other websites, e.g. 33333
Hostname: leave empty
Check „Start website“
  1. Enter http://<your\_ip>:<port>/setup.asmx into the web-browser, for example http://192.168.1.1:33333/setup.asmx. The browser will notify about the status of the service. If the page is displayed and the Active Directory connection is marked with OK, the connector URL and the Security Token will be displayed:

    examples: successful vs. unsuccessful configuration.

Downloading the Signavio Collaboration Hub SharePoint App

Open the Explorer to download Signavio Collaboration Hub SharePoint App. Make sure you are logged in as a workspace administrator and follow these steps:

  1. Click Setup, then Manage Collaboration Hub authentication in the top drop-down menu of the Signavio Explorer.
  2. Select from the dropdown menu the desired authentication method:
  • For Active Directory-based authentication, select LDAP based authentication as the authentication mode and the correct SharePoint version. Insert the URL of the connector web service, as well as its security token before downloading.
  • For certificate-based authentication, select Certificate based authentication as the authentication mode and the correct SharePoint version.
  1. Click Save and Test. In case the test terminates with an error, check your configuration settings.
  2. Click Download SharePoint Webpart.

Hint

The dialog also provides the download of a Collaboration Hub certificate that can be installed in a web browser. Read more about the certificate-based publishing in the chapter Creating certificates.

Depending on your web browser configuration it will now be stored the Microsoft SharePoint App in your download directory or prompt for the download.

Manage read access rights

In this chapter you will learn how to manage read access rights on Collaboration Hub for Active Directory users and user groups. To enable directory service-based (AD, Windows Azure) authentication, it is necessary to grant diagram access rights to domain users or user groups. Via the read access configuration dialog, you can configure exactly which user or user group can get access to specific diagrams or folders in Signavio.

Important

In case you set up certificate-based authentication, you can ignore this section.

In case you set up Active Directory-based authentication and you do not configure access rights to any published diagram, a user will see an empty Collaboration Hub.

To grant read access, proceed as follows:

  1. Open the Explorer. We recommend you to use a different browser or your browser’s incognito mode, to avoid session conflicts, see SharePoint displays the Signavio login page, although the authentication mechanism was configured correctly.

  2. Click in Setup menu the Manage users & access rights entry.

  3. Open the Read access tab in the Manage users & access rights dialog.

    The read access tab.
  4. Choose a folder or diagram in the left navigation column. The dialog shows the access rights connected to the object. If the right has been assigned to a parent directory the corresponding folder is displayed as well.

    Overview of all assigned rights of a diagram or folder.
  5. If you have marked the desired folder, then you can specify the user you want to grant access for. Type in a user name by using the search functionality - as soon as you start typing, a drop down list appears containing the user names found. Select the user name. Alternatively click the input field and choose a user name from the drop down list. To navigate through the sites, use the arrow at the bottom of the list.

    Adding a user who will get access to the folder and the contained diagrams.

Hint

Opening the read access dialog and searching for a user or user group can serve as a test of the directory service integration. If an existing user does not appear, something went wrong during the setup.

  1. Click the Add button. The user can now be found in the list of granted access rights.

    The read access will be established for the user.

Revoking read access

You can also remove assigned read permissions. Follow the instructions 1 to 3 of the previous section and then proceed as follows:

  1. Select the user you want to remove from the list of users with read access.
  2. Click Remove right next to the user name.
Removing a user from the list.

Hint

If the read access is inherited from the parent directory, the delete option is not displayed. Navigate to the appropriate folder using the inherited from column and delete the permission here.

  1. Confirm by clicking the Yes button in the warning message box.

Installing the Signavio App on Microsoft SharePoint 2013/2016

This chapter describes how to install the Signavio Collaboration Hub SharePoint App on Microsoft SharePoint 2013/2016.

Important

Please configure your Active Directory service before you install Collaboration Hub SharePoint App.

In case you want to setup certificate-based authentication, please skip this step and proceed at Downloading the Signavio Collaboration Hub SharePoint App.

Copy the file SignavioViewer2013_2016.wsp, which is provided via the Explorer into a directory of your choice on the Microsoft SharePoint server. Install the Microsoft SharePoint solution as described in the corresponding Microsoft SharePoint manual. The following section gives a short introduction into the installation of the Signavio SharePoint App on various versions of Microsoft SharePoint servers. The argument SharePointServerURL represents the Microsoft SharePoint server’s web application URL .

To install the webpart for Microsoft SharePoint Server, open the management shell of Microsoft SharePoint, navigate to the directory containing the file SignavioViewer2013_2016.wsp and execute the following commands:

  1. Upload the SharePoint Solution package using the following command:
Add-SPSolution -LiteralPath {PATH_TO_WSP}

Sample

Add-SPSolution -LiteralPath C:\Users\Administrator\Desktop\SignavioViewer2013_2016.wsp
  1. Install the solution on SharePoint. Please mind the version number in the code examples.:
Install-SPSolution -Identity {} -WebApplication {SharePoint 2013 Server URL} -GACDeployment

Sample

Install-SPSolution -Identity signavioviewer2013_2016.wsp
- WebApplication http://win2k8-test3/ -GACDeployment
  1. Check the status of the installation by using the SharePoint Central Administration:
http://{SP_SERVER}:{PORT}/_admin/SolutionStatus.aspx?ItemName=signavioviewer2013_2016.wsp&Lcid=0

Sample

http://win2k8-test3:10343/_admin/SolutionStatus.aspx?ItemName=signavioviewer2013_2016.wsp&Lcid=0

In case there are problems during the installation, please have a look at Troubleshooting the Microsoft SharePoint integration.

Further information about installing a .wsp-file on a Microsoft SharePoint Server 2010 can be found at http://technet.microsoft.com/en-us/library/cc262995.aspx.

Configuring the SharePoint 2013/2016 App

Once you have installed the Microsoft SharePoint app on your server you can add Signavio Collaboration Hub to the desired web page.

  1. Click under Page the Edit page entry.

  2. Via Add webpart you can embed the installed component.

    Add the Siganvio webpart.
  3. For this purpose, activate the Signavio Collaboration Hub Web Part option and then click the Add button.

  4. Click Edit to add the Signavio URL to the Signavio section on the right side. This either directs to the Signavio server or defines an URL to a specific start diagram (URL from the Collaboration Hub preview):

    Insert the diagram URL via the SharePoint web interface.
  5. In addition, you have the possibility to make the settings for the component layout, such as title or the dimensions:

    Configure the display options for the Web Part.
  6. Optionally, you can perform advanced settings, such as page description or insert a link to a help page.

You find more information about embedding a webpart on the following page: http://office.microsoft.com/de/HA010097463.aspx.

Removing the Signavio App

With Microsoft SharePoint 2013/2016 the web part can be removed via the solution manager of the central administration.

  1. First, go to the system settings in the central administration.
  2. Retract the web part and then remove it.
  3. Alternatively, you can retract and delete the web part on the Microsoft SharePoint administration shell using the following commands:
Uninstall-SPSolution –Identity signavioviewer.wsp  –WebApplication <SharePointServerURL>

Remove-SPSolution –Identity signavioviewer.wsp