WSRP ‘support’ in SharePoint 2013

Web Service for Remote Portlets (WSRP) is a standard for aggregating content within a host system, allowing the content to come from an external system, yet styling to be provided by the host.

SharePoint has ‘support’ for WSRP since SharePoint 2007, via the WSRP Viewer web part (Enterprise), however while it may technically meet the standard it is all but useless for anything except the most basic of requirements (as at the current version, SharePoint 2013).

How WSRP works is, once configured, the host inserts an iframe into the page (to contain the portlet), with the source of that iframe pointed back to a proxy running on the host server itself. This allows the host server the opportunity to intercept and rewrite the requests and responses, for example style sheets from the host server can be injected, and page resources (such as images) can also be rewritten to point to the proxy.

Limitations with SharePoint:

* The code implementing the WSRP consumer (there is no producer support) appears to have been simply translated from Java, still contains many Java features/conventions, and isn’t very responsive.

* It does not work in SharePoint Online. In SPO, the WSRP Viewer web part is available, and can actually be added to a page, but there is no way to configure it to display anything. Configuration requires updating an XML file in ‘C:\Program Files\Microsoft Office Servers\15.0\Config’, which simply isn’t possible in SPO. See

That means you need to have an full installation; it is an Enterprise feature, so you require an Enterprise version.

* Resource redirects do not work. Requests for resources from the proxy pages, such as images, fail with a security error unless the target authority (host name + port) is added to a list of allowed redirection servers.

These can be added to the configuration file with the undocumented <RedirectServer> element (repeating for each server), which gets past the security issue, however it still doesn’t work because the proxy page never sets the content type, leaving it at “text/html”. This means images aren’t displayed, scripts won’t be run, etc, all because they have the wrong MIME type.

This is probably why the configuration is undocumented. The feature was simply never completed.

* Portlets can’t be easily styled. While SharePoint does inject a style sheet into the rewritten content, it is hard coded to “/_layouts/1033/styles/core.css” (varying by language), with no way to configure.

This means it has SharePoint styling, but to style with any kind of site branding you would need to do something like directly edit the CSS file in the LAYOUTS directory, which I strongly advise against due to maintainability issues.


The few features that the WSRP Viewer part does have in SharePoint include that it can be integrated with the Secure Store for trusted subsystem style authentication. The <SsoApplication> element needs to be configured with the name of the Secure Store application that holds the credentials.

These credentials, if present, are then used as the network credentials for accessing the external (source) system. The WSRP Viewer can either be anonymous, or if configured to use the current user, it will pass through the Name property of the current SharePoint user in the <UserContext> element, userContextKey attribute, in requests to the source system. There is no way to configure this except turn it on or off.

There is also another undocumented configuration option where you can add <RegistrationProperty> elements, with Name and Value attributes, to the producer, which appear to be used as name/value pairs passed through to the RegistrationURL, if used. (I have not tested this, so it may not work.)


In a pinch, WSRP could be used to display some plain text in an installed Enterprise environment, but you will very quickly hit limitations with customisation to the point that a plain iframe (Page Viewer web part) would generally do just as well.

I would recommend against changing the core.css style sheet in the LAYOUTS directory, but if your organisation is strongly committed to WSRP and you don’t mind a maintenance nightmare with SharePoint, then you could test to see if it works. (I haven’t yet).

Bottom line — WSRP isn’t really supported in any practical way.

Leave a comment

Vote Compass

So, usually I blog about technology, but it’s about time I added a bit of social commentary.

A cool feature of the recent Australian Federal Election was the ABC Vote Compass. Here it is, showing where the major political parties are placed:


This concept, of plotting both the economic and social position of politics, has been around for a while, e.g. the Political Compass or Political Quiz (note: both of these have the Y-axis the other way around, so you have to swap top-bottom to compare to the ABC Vote Compass).

It also shows why none of the major Australian political parties are a good fit for me — I want a mix of the economic right AND social liberalism, I want the social policies of the Greens / Labor, and the economic policies of the Coalition.

The positions of the major parties is something I could never quite understand: why is social liberalism so connected to the economic left, and why is the economic right (economic liberalism) so connected to conservative social policies?

That leaves me to turn to minor parties such as the Liberal Democratic Party (LDP), often with below the line voting (and wishing we had above the line optional preferences).

Leave a comment

XML Logging in the .NET Framework

This was originally going to be some guideline instructions for a CodePlex project, Essential.Diagnostics that I work on, but it ended up being more an opinion piece so I thought it would fit better on a blog.

There are several trace listeners (loggers) in the .NET Framework that can produce XML output. Outputting to XML results in more complex (verbose) files than, say, a simple text file output, but usually has the benefit of being better processed by tools, correlated across tiers, etc.

There are three main XML listeners, plus one extension in Essential.Diagnostics:

  • XmlWriterTraceListener
  • RollingXmlTraceListener (in Essential.Diagnostics)
  • EventSchemaTraceListener (in System.Core)
  • EventProviderTraceListener (in System.Core)

Examples of how to configure and use each one (used to produce the output below) is provided in the Essential.Diagnostics project.
Read the rest of this entry »

, ,

Leave a comment

Windows 8 Developer Preview Safe Mode

In Windows 8 the ‘Safe Mode’ option is not available on the boot with F8 screen, prompting several guides on creating an additional boot entry using BCDEDIT and chaning the properties via the Windows GUI — not much use if your machine has already run into trouble.

Shift+F8 is the secret key that gets the old boot options menu, with ‘Safe Mode’, but you need to hold it down during POST and keep holding it down until the “Advanced Boot Option” screen appears, otherwise you can’t time it right (unlike F8, or F10 below, which you just hit at the beginning of the boot).

Also the Edit Boot Options menu, available via boot with F10, is still available, and that allows low level control of all the boot options.

I couldn’t track down a current reference for the options, but did find one for Windows XP / Server 2003, most of which still appear relevant:

To get the same as ‘Safe Mode with Networking’:

  1. Press F10 while booting
  2. You should get a text screen titled “Edit Boot Options”, with a section “Edit Windows Boot options for: Windows Developer Preview”
  3. There should be an input area that already has “/NOEXECUTE=OPTIN” (in my case it also had “/HYPERVISORLAUNCHTYPE=AUTO”, which I think is because I am running Hyper-V)
  4. Add “/SAFEBOOT:NETWORK” (Note: “/NOGUIBOOT” doesn’t seem to work — it still shows the loading screen, so options like “/SOS” didn’t work)
  5. Hit ENTER to boot

Safe Mode is important for an early Developer Preview like this as drivers issues are much more likely (I ran into problems trying to add the NVIDIA drivers for my Alienware M14x and had to boot into safe mode to uninstall them).

Leave a comment

Comparison of logging frameworks

I added a comparison of the major logging/tracing frameworks for .NET to the CodePlex site for Essential.Diagnostics, to demonstrate how System.Diagnostics stacks up against log4net, NLog and the Enterprise Library.

I also added a performance comparison (the source code is in the CodePlex project if you want to verify the results).

Look at the results for yourself, but I think System.Diagnostics does okay — and the extensions in Essential.Diagnostics (plus others such as Ukadc.Diagnostics and UdpPocketTrace) fill out the gaps compared to log4net and NLog. Similarly on the performance side, all have very little overhead (NLog is a winner on overhead, but does relatively worse on actually writing the messages to a log file).

What about the Enterprise Library Logging Application Block? Well, I just don’t think it does well compared to the others. Sure it was a lot better than .NET 1.0 System.Diagnostics, but a lot of that was added in .NET 2.0 System.Diagnostics (such as multiple sources). In some cases it is worse than what is currently available in the standard framework — e.g. no delayed formatting. This shows up in the performance figures which indicate several magnitudes greater overhead than any of the other frameworks!

I’m obviously biased, but I really think that the best solution is to stick with the standard, out-of-the-box, System.Diagnostics, extended where necessary to fill any gaps (Essential.Diagnostics, etc, for additional listeners, filters & formatting).

P.S. Also check out my guidance on Logging Levels.

Leave a comment

SharePoint 2010 logging levels

According to MSDN “in Microsoft SharePoint Foundation 2010 the preferred method of writing to the Trace Logs is to use the SPDiagnosticsServiceBase class” (

MSDN also provides some guidance on the trace and event log severity levels to use (, however the WriteEvent() and WriteTrace() methods use slightly different enums; the diagnostics logging configuration in Central Administration is slightly different again, and then you have a third set of values accessed by the PowerShell command Get-SPLogEvent.

The table below shows the mapping of levels from these different sources.

Despite the complicated mapping, in general I think things go in the right direction with events writing to the event log and trace log at the same time, and having a high trace level. The distinction between event logging and trace information is also good, with independently set thresholds.

EventSeverity EventLogEntryType TraceSeverity ULSTraceLevel ULSLogFileProcessor
None = 0 None = 0 0 (None) Unassigned = 0
ErrorServiceUnavailable = 10 Error 1 Critical = 1 (or ErrorCritical)
ErrorSecurityBreach = 20
ErrorCritical = 30
Error = 40
Exception = 4
Assert = 6
Warning = 50 Warning 8 Warning = 8
FailureAudit = 60
Unexpected = 10 Unexpected = 10 Unexpected = 10
Monitorable = 15 Monitorable = 15 Monitorable = 15
SuccessAudit = 70 Information 18 Information = 18
Information = 80
Success = 90
Verbose = 100
High = 20 High = 20 High = 20
Medium = 50 Medium = 50 Medium = 50
Verbose = 100 Verbose = 100 Verbose = 100
VerboseEx = 200 VerboseEx = 200 VerboseEx = 200

Read the rest of this entry »

Leave a comment

[Rant] Why are IM/presence networks still fragmented?

Email (well, the majority of it anyway) is one nice standardised SMTP network — any mail server can send to any address, finding each other by the domain. To some degree client protocols are also standardised (IMAP or POP), and although there are exceptions (e.g. Exchange protocol) the servers and clients still generally support the standard protocols as well.

Instant messaging, presence, and related networks are, however, still fragmented.
Read the rest of this entry »

Leave a comment


Get every new post delivered to your Inbox.