The Dangers of AllowHttp for SharePoint

SharePoint 2013 and Office Web Apps communicate authorization via a JSON Web Token. This JWT contains important information about the caller, such as the username, SID, time-related information, as well as where the request is originating from. JSON is insecure by default and the JWT is easily unpacked to reveal the contents of the JWT. So, how does this apply to SharePoint? If you’ve followed what I do for any period of time, you’ll
Continue Reading →

SharePoint 2010 September 2014 Cumulative Updates

The September 2014 Cumulative Update for SharePoint 2010 has been released. SharePoint Foundation:  SharePoint Server 2010: http://support.microsoft.com/kb/2883103 Project Server 2010: http://support.microsoft.com/kb/2883006 Office 2010 September 2014 Cumulative Updates: http://support.microsoft.com/kb/2995904
Continue Reading →

SharePoint 2013 September 2014 Cumulative Updates

The September 2014 Cumulative Update for SharePoint 2013 has been released. SharePoint Foundation: http://support.microsoft.com/kb/2883087 SharePoint Server 2013: http://support.microsoft.com/kb/2883068 Project Server 2013: http://support.microsoft.com/kb/2883072 Office 2013 September 2014 Cumulative Updates: http://support.microsoft.com/kb/2995905
Continue Reading →

Streamlined Topology Performance

The Streamlined Topology is the ‘hot new thing’ with regards to SharePoint topologies. While the guidance is written for SharePoint 2013, it can be used with SharePoint 2010 as well, with the exception of the Very Low Latency tier. The explanation of this topology is that it provides better performance with low latency for end-user facing services. Let’s demonstrate the Streamlined Topology performance! This scenario should appl
Continue Reading →