Looking For Security Advice

[Teutonic_Night]

I need to develop a timeclock solution in FileMaker. We have multiple sites, with one primary site with approximately 500 users and 2 remote sites with approximately 50 users each. The network connections from the remote sites to the primary site are relatively low-bandwidth and high lag.

What I'm leaning towards is setting up a client side file that would be distributed to each user's computer. When opened, this file would connect to the appropriate server and import any updated information. The user would enter their time and associated details, and when closing the file and/or via a button, copy the records they've created back to the server.

So far, so good. Where I'm having problems planning this is in handling the security. Our employee list changes relatively frequently, and I need to keep track of who each employee's manager is, as well as other information (department, location, etc.)

I want to use a separate username and password for every user, with the majority of users having identical priviledges. And I need this to be manageable from a central location, with updates pushed out the client every time it opens. So keeping user info in the client file is not feasible, unless I can force updates to it whenever the file is opened.

Does anyone have any suggestions? I can use a table that's kept current on the server, and then have that information pushed to the client whenever the client is opened. That let's me use all the related data along with the username, but I'm really not sure how to authenticate users in this scenario.

[Ender]

I don't really see a good reason here for trying to keep a data file on the client computers. It's much easier to manage everything if it's all kept in a central database. This way you can manage the accounts (either within FileMaker, or using an external authentication server), and make tweeks to the scripts and structure without having to push out a new version to the client workstations. Just setup a simple opener file on the client workstations that opens the main file on the Server.

The main trouble I see you running into is that Server 8 is limited to 250 concurrent sessions. If you have more than 250 computers out there, some of them could have trouble logging in.

[Teutonic_Night]

The user limit is exactly the reason I'm leaning towards having a client file. With this method, the only connection to the "master" database on the server is when the client is opened (to get updates) and when the user needs to "save" their entered time, either forcing it by clicking on a button or closing the file.

The userbase demands that they be able to leave the application open all day, and if I leave everything on the server, we'll very quickly run into problems of some users not being to connect.

I don't expect many updates to the UI or logic in the client side of the system- it would mainly be just data that changes, and those updates seem to go quick enough over a network based on a few test that I've run.

[Steven H. Blackwell]

Interesting.

I am not sure what you're trying to keep track of here, what type time. But you may need to use FileMaker Server so you can base times on the Server's clock and not the workstation clock that the user can manipulate.

If you employ FileMaker® Server 8 Advanced, you can get 100 additional connections via Instant Web Publishing. That will of course put a heavy load on the Server; however it is doable.

Please keep us posted here.

Steven

[Teutonic_Night]

We are using FM Server 8 Advanced.

Though I just realized that I don't know how to implement my original plan, assuming it's possible. I realized that my initial plan was flawed regarding getting data from the client file to the server. Since there will be hundreds of client files, I can't realistically set up file references for them all and maintain them. I can have the client file pull an update from the server, but I can't find a way to have it push an update *TO* the server. I was originally thinking of having a script in the client run a script on the server to import from the client, but realized that I don't know of a way to define the connection on the server to tell it where to get the data from (since there will be hundreds of clients).

As far as what this whole tool is supposed to capture, it's simply time an employee worked on a given project, and what they did for that time. This data is then formatted into a specific string, and exported into my company's accounting tool. A simplfied example of a record would be something along this lines:

John Doe, 09/20/2006, 12345, 987, 1.5

Where 12345 is the project number, 987 is the activity code, and 1.5 is the time in hours worked.

So, unless some one can instruct me on a way to have the server pull data from the client, I'm back to just using a separation model (which I have not done before). I'm hoping that doing this will at least lighten the load on the server a bit, since the client would be executing scripts and what-not locally. I will end up needing to run 2 servers in my location, plus the 2 remote servers, and plan on having the data on all of them synch overnight. The server at my location will be the "main" server, and most administrative tasks will be handled on it (updating certain records such as user records, job records, etc.) as well as running the export to our accounting system.

On a side note, I may try to have this FileMaker tool push the data directly to the accounting package we use via ODBC. That's fairly low on the list of features, though.

[Steven H. Blackwell]

This has moved out of the security realm and into the architecture realm.

I would generally say that I believe the concept of having all these files on the client machine is not a good architectural construct for this system. And this has nothing directly to do with The Separation Model™ as that cosntruct refers to the separation of logic and presentation from data, not to the physical separation of files between client and server.

Simply have the time records in a table in a file on the server. User authenticates and enters a new time record. You can set this up so that it logs the date, time, IP address, AMC address, account name, etc. etc. of the user. Authentication can be managed via Active Directory.

Each time record has fields for your required data elements: project number, task code, time, etc.

When user is through with logging time, they either log out or they create a new time record for a different project, task, etc.

I really believe you are making this far more complex than it needs to be. You can have up to 250 FMP clients and 100 IWP clients all accessing this simultaneously. Or you can set up Custom Web clients.

Steven