Jump to content
Sign in to follow this  
erostratus

Passing user/password credentials through URL query?

Recommended Posts

I have some CWP pages that need to be accessed via authentication and others that need to be anonymously accessible. The way I understand FileMaker security, I can only accomplish this if I make all CWP access authenticated. Thus, I'd like to submit the username/password for the anonymous CWP pages for the user (so that they do not have to enter this information), but I'm not sure how to do it. I was hoping there was a way to do it directly in the URL query (we don't care if people can read this information), as I don't understand how to pass the data between XSL pages. If anyone has any tips, it would be greatly appreciated.

Share this post


Link to post
Share on other sites

The way I understand FileMaker security, I can only accomplish this if I make all CWP access authenticated.

Well, not exactly. If the Guest Account is the only Account allowed CWP access then the user is never challenged for credentials from the initial web page link. However, if other Accounts are allowed CWP access, then the user would have to make a selection.

One way to address this is to have two separate gateways to the web hosted files. One has only the Guest Account enabled. The other has the Guest Account disabled. Use the former for the Guest link (e.g. Click here to access the database). Use the latter for the authenticated link (e.g. Members log on here).

There is also a short White Paper found here that might assist you.

HTH

Steven

Share this post


Link to post
Share on other sites

Huge help. Thanks. I finally got it.

The page I had to worry about is just an XML wrapper for an HTML form page that submits new records. After reading the white paper, I found that if I changed $authenticated-xml-base-uri to 'http://user:pass@localhost' within the layout-uri variable, then I could bypass the default FMP Server authentication. That's all I needed.

Thanks again for your help.

Share this post


Link to post
Share on other sites

Very welcome.

Be careful of the security implications of this. And please note that some browsers may behave diffrently.

Steven

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

By using this site, you agree to our Terms of Use.