Sitecore.Services.Client / Entity Service Allowed Controllers

By default any Entity Service controllers you create abide by the Sitecore.Services.SecurityPolicy setting within the Sitecore.Services.Client.config. By default this is set to Sitecore.Services.Infrastructure.Web.Http.Security.ServicesLocalOnlyPolicy making the service safe and controllers only availably locally. This will cause issues if you call your controller in a live environment outside of the local environment as it wont be accessible.

Allowed Controllers

You can patch this setting to enable all controllers, but this is not a recommended practice, as this will open all controller endpoints to the world.

Instead SSC has the idea of allowedControllers. This section within the Sitecore.Services.Client.config allow you to patch in controllers that are exempt from the ServicesLocalOnlyPolicy setting. This section allows fine control over exactly which controllers are available externally.

Using the allowed controllers setting doesn’t mean you have to sacrifice all security on your controller. After patching in your controllers into the allowedControllers section, you can apply standard authentication filters or Cors to your controller.

Below is an example of a patch file that patches a custom controller into the allowedControllers section. You will also notice many of the Sitecore modules using this allowedControllers section such as xDB and XFM (Shown at the bottom of the page).

Huge thanks to @KevinObee for explaining lots of how SSC works.

Sitecore FXM using allowedControllers

Sitecore SPEAK List Component, Custom Tile and Knockout Databinding

In this post I will walk through using the Sitecore SPEAK List Component using Knockout databinding and a custom tile to create a custom look and feel of the List component. Continue reading

Sitecore Entity Service (SSC) Adding Paging

Recently I did a Sitecore User Group talk on Entity Service (video based on the talk available on Master Sitecore). I was asked there how you could extend Entity Service to including paging instead of using the standard GetAll() function.

Using my method of extending Entity Service and its repository pattern, as explained in this blog post. This blog post will explain how to add a new custom paged function for getting all entities.
Continue reading

Sitecore Entity Service (SSC) Custom Controller Action

Following on from my post on the basics of Entity Service and using the JavaScript API (Entity Service in Sitecore.Service.Client), in this post I will explain how to extend Entity Service Sitecore.Services.Client (SSC) with new controller actions.
Continue reading