Stages Documentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
712:cms_sharepoint_online [2025/09/15 14:55] – created - external edit 127.0.0.1712:cms_sharepoint_online [2025/12/15 15:25] (current) Policnik, Florian
Line 22: Line 22:
 </cms-type> </cms-type>
 </code> </code>
 +
 +
 +===== Features: Download file and open in SharePoint Online  =====
 +
 +This integration provides users with two ways to access a file: Download the file via Stages and open it in SharePoint Online.
 +  * Download via Stages: Stages handles the download for the user. To ensure SharePoint Online file permissions, the user must authenticate via Stages. This behavior can be overwritten by the ''use.system.account.for.download'' setting (see below).
 +  * Open in SharePoint Online: The user is taken to the file in SharePoint Online. User authentication is handled by SharePoint Online. If the link is to the latest version of the file, SharePoint Online will typically offer an editor such as Word Online. If the file in Stages is fixed to a specific revision, SharePoint Online will offer a download or a read-only view of the file. This depends on the file type.
 +
 +The default option is download and can be changed by ''preferred.file.access'' setting (see below).
 +
  
 ===== Host Properties ===== ===== Host Properties =====
Line 38: Line 48:
   * Links: [[https://portal.azure.com|Microsoft Azure Portal]]   * Links: [[https://portal.azure.com|Microsoft Azure Portal]]
  
-> client.secret ** * **+> client.secret ** * ** //(required if no keystore file is provided)//
  
   * Description: The client secret, which can be generated after registering the stages application at the Microsoft azure portal website.   * Description: The client secret, which can be generated after registering the stages application at the Microsoft azure portal website.
   * Links: [[https://portal.azure.com|Microsoft Azure Portal]]   * Links: [[https://portal.azure.com|Microsoft Azure Portal]]
 +
 +> client.certificate.keystore.file //(since Stages 7.12.3.0, required if no client secret is provided)//
 +
 +  * Description: Path to the keystore file with private key and certificate to authenticate with Azure. Path can be absolute or relative to Stages installation directory.
 +
 +> client.certificate.keystore.password //(since Stages 7.12.3.0, required if no client secret is provided)//
 +
 +  * Description: Password for the specified keystore file.
 +
 +> client.certificate.key.alias //(since Stages 7.12.3.0, required if no client secret is provided)//
 +
 +  * Description: Alias of the private key / certificate entry in keystore file.
 +
 +> client.certificate.key.password //(since Stages 7.12.3.0, required if no client secret is provided)//
 +
 +  * Description: Password of the private key / certificate entry in keystore file.
  
 > tenant.id ** * ** > tenant.id ** * **
Line 68: Line 94:
   * Default Value: Document   * Default Value: Document
   * Description: Name of the **document**  content type. Sharepoint supports multiple content types but stages only supports the default type for documents.   * Description: Name of the **document**  content type. Sharepoint supports multiple content types but stages only supports the default type for documents.
-  * Since Stages 7.5.6.2, 7.6.2.4 and 7.7.0.0 it is possible to define multiple content types. Separate them with a #. For example:+  * It is possible to define multiple content types. Separate them with a #. For example:
  
 <code xml> <code xml>
Line 79: Line 105:
   * Description: The second content type which is supported by stages.   * Description: The second content type which is supported by stages.
   * Known Issue: Typo in Default Value. Has to be Link to a **D**ocument   * Known Issue: Typo in Default Value. Has to be Link to a **D**ocument
-  * Since Stages 7.5.6.2, 7.6.2.4 and 7.7.0.0 it is possible to define multiple link types. Separate them with a #. For example:+  * It is possible to define multiple link types. Separate them with a #. For example:
  
 <code xml> <code xml>
Line 90: Line 116:
   * Description: When set to true, files will be downloaded using the system account.   * Description: When set to true, files will be downloaded using the system account.
  
-sites.selected.scope (since Stages 7.10.7.0)+ 
 +preferred.file.access 
 + 
 +  * Default Value: download 
 +  * Description: When set to ''link'', the user will be linked directly to SharePoint OnlineThe download option can be chosen from the sub-menu. 
 + 
 +> sites.selected.scope
  
   * Default Value: false   * Default Value: false
Line 96: Line 128:
  
  
-==== Proxy configuration (since Stages 7.10.10.0) ====+==== Proxy configuration ====
  
 Stages can communicate with SharePoint Online through a proxy. Fill in the ''proxy.scheme'', ''proxy.hostname'' and ''proxy.port'' host properties to use a proxy. Otherwise no proxy is used. Stages can communicate with SharePoint Online through a proxy. Fill in the ''proxy.scheme'', ''proxy.hostname'' and ''proxy.port'' host properties to use a proxy. Otherwise no proxy is used.
Line 187: Line 219:
 {{ :cms:azure_permissions.png?direct }} {{ :cms:azure_permissions.png?direct }}
  
-=== Recommended option: Application and delegated permission Sites.Selected (Since Stages 7.10.7.0) ===+=== Recommended option: Application and delegated permission Sites.Selected ===
  
 To active this option the setting ''sites.selected.scope'' has to be set to ''true'' in the xml host properties: To active this option the setting ''sites.selected.scope'' has to be set to ''true'' in the xml host properties:
Line 258: Line 290:
 ==== Certificates & secrets ==== ==== Certificates & secrets ====
  
-It is required to generate a client secret for Stages. It's recommended to choose expire never or a long duration. If the secret expires it must be changed in Stages and all users have to re-authenticate.+It is required to generate a client secret or certificate for Stages.  
 + 
 +=== Client Secret === 
 + 
 +It's recommended to choose expire never or a long duration. If the secret expires it must be changed in Stages.
  
 [[https://doc.stagesasaservice.com/lib/exe/detail.php?id=74:cms_sharepoint_online&media=cms:azure_certificates_secrets.png|{{:cms:azure_certificates_secrets.png}}]] [[https://doc.stagesasaservice.com/lib/exe/detail.php?id=74:cms_sharepoint_online&media=cms:azure_certificates_secrets.png|{{:cms:azure_certificates_secrets.png}}]]
 +
 +Client secret can be specified like this:
 +
 +<code xml>
 +<cms-property name="client.secret" value="xxxxxx" />
 +</code>
 +
 +
 +=== Certificates (Since 7.12.3.0) === 
 +
 +It is possible to use certificates instead of client secret. A [[https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-self-signed-certificate|certificate has to be generated]] and added to Azure configuration. A keystore file with private key and certificate has to be configured in Stages:
 +
 +<code xml>
 +<cms-property name="client.certificate.keystore.file" value="conf/sharepointonline.pfx" />
 +<cms-property name="client.certificate.keystore.password" value="keystorepassword" />
 +<cms-property name="client.certificate.key.alias" value="myalias" />
 +<cms-property name="client.certificate.key.password" value="keypassword" />
 +</code>
  
 ===== Repository Configuration ===== ===== Repository Configuration =====