Security Concepts

UI Integrity and Related Security Items

Sun, 07 Mar 2010 15:59:39 GMT

A proper understanding of the proper relationship between file UI and data security is an important item for FileMaker Pro developers.

I would recommend a review of FileMaker Tech Info 5671 found at thefmkb.com/5671.

Steven

Secure my admin pages

Thu, 04 Mar 2010 18:06:11 GMT

I have a xsl page that contains a list with all the records in my database. This is a public page that everyone can view without logging in. For this I've enabled the guest account.

I've also created xsl pages to edit the list. But when my user gets to these pages, they are automatically logged in as guest. How can I force the login window so that they can get more rights. I've searched the net and this forum and what I find is that I need to initiate a script to switch user account but this scriptstep is not compatible with the web.

How can I setup a security concept that allows me to do this.

Sharing account information between 2 files ?

Thu, 04 Mar 2010 17:17:57 GMT

Hi !

I have 2 different files on server. Is it possible to some how pass user information from one file to another ? I mean that account is created to both files with one session and both shares the account privileges etc. Is possible to use a third file ("Personnel file") that contains that information and is used by the other two ? I have no idea how to use "External authentication"...

Thank you in advance !

Report showing only objects created by the current user

Thu, 25 Feb 2010 09:47:46 GMT

I want that users see only the objects they have created in a given table. For that I've set custom priviledges for the records in the users' priviledge set such that there is a limited access for viewing, editing and deleting according to the calculation:

CreatedBy = Get ( AccountName )

where CreatedBy is a global field populated at startup with the function Get(AccountName). This means that the current user sees only the entries he has created in that table.

However, when viewing a list view report on that table the current user sees all the fields he didn't create. These fields have the value:

Keeping that priviledge set route, is there a way to have those fields totally hidden, i.e. just having these entries removed rather than showing ?

File Maker Pro 10 Adding Passwords to Converted Documents?

Thu, 18 Feb 2010 22:31:57 GMT

Hi everyone. I'm new to the FM Forums but I appreciate any help you all can offer. Also, I apologize if this issue is addressed in another thread, but I searched and couldn't find it.

Here's the deal: I've recently upgraded an installation of File Maker Pro 6 to File Maker Pro 10. I have four databases that are used regularly in my company. After converting them all from the 6 format to the 10 format, two have spontaneously started requiring password in order for me to write to them. I can open the file as a "guest" and view it to my hearts content, but I cannot make alterations to it because it requires a password.

The two documents that now require passwords have never had a password on them at any point in their existence.

Has anyone has any experience with this? It's driving my (and my administrative staff) crazy!

Any help you can offer would be much appreciated!

disable creation and deletion of portal row

Sun, 07 Feb 2010 11:56:58 GMT

Hi all!
I have a record with portal and if it will be locked the edit,modify and delete will disabled to every fields by user privileges. And if record locked the portal rows still can be created and deleted. So the record not fully protected. I can't set portal rows creation and deletion to limited because available possibilities just 'yes' and 'no'.

If record is locked existing portal rows edit is disabled too (it's good).The question:
How can I disable portal rows creation and deletion if any field is fully protected?
(just in locked records, new records must have full acces)

Thank you in advance.

If you a portal professionals please read my question in 'portal to portal' topic because the problem still exsist.
http://fmforums.com/forum/showpost.php?post/349769/

Quick question on RLA functions

Fri, 05 Feb 2010 18:37:04 GMT

Hi,

I'm totally a newbie in Access & Privileges. Is there a function that checks if the user can create a record of a given table?

Something like Get (RecordCreationAccess)

Thanks

Data Encryption Question

Wed, 03 Feb 2010 19:03:31 GMT

We are looking at a couple of plugins for encrypting a client's data. The Blowfish plugin from Sky Dancer looks promising.

I'm wondering where folks choose to store the encryption key. We can't have the operators having to type in a key each time they need access to the data.

I'm sure there are resources that I should look at for best practices. Any advice or direction for what should be read for this would be much appreciated.

Thanks.

Lock Record After Status Change

Wed, 03 Feb 2010 15:18:06 GMT

I've got an order entry system in Filemaker 8.5. Each order has a status. After the status is changed to "billed", I'd like to be able to lock the record so it is viewable only and cannot be edited.

I do have 2 privilege sets created -- Staff and Admin. I'd like the Admin to be able to still edit the record if necessary, but it to be totally locked by the Staff.

Is there a way to lock the record based on the status of the order?

Record Level Access

Tue, 02 Feb 2010 13:57:03 GMT

Hi Everyone,

Not to beat this topic to death, but I keep hitting the wall on this one. I understand using the auto-entered Get(AccountName) with the Extended Privileges to allow the record creator to view, edit and delete their own records. Here is where I am am stuck.

Let's say Allison, Ann and Alexander are in Group A, and Bob, Brandon and Bailey are in Group B.

Is it possible for Allison to create a record that can also be viewed or edited by the two other members of her group (Ann and Alexander), while restricting access to all members of Group B? In other words, I wanted each user to be able to create, edit and view their own records, but also flag the record with their appropriate group so that it can be viewed or edited by anyone in the same group.

I have experimented with a Users Table, but have read here that it's not a good idea to use one for this purpose. It would not be used for authentication, but possibly RLA. Is this the route to take?

Not sure if it complicates matters or not, but I will be using External Authentication as well.

Suggestions, anyone?

David

PS (I have search the forum for Record Level Access, and have read the discussions)