Jump to content
Sign in to follow this  
Darren Emery

How to create a "secure" opener file?

Recommended Posts

Our in-house solution is growing and adding end users left and right, and I think it's time for an opener file that can be shared with new end users. I've hit a roadblock with this simple idea, and either its pointing to my lack of understanding of FM security, or perhaps what I want to do is not possible.

 

The FileMaker Support article on this issue indicates that an opener file is for guest access.  I would like to use an opener file for all end users, and allow them to enter name and password once they reach the server hosted file.  But - every way I try to set this system up results in a 661 error message.

 

My logic (internal - certainly could be flawed!) tells me I should be able to create a simple file for each desktop, that opens a hosted DB and then closes.  The problem seems to be that the opener file wants a user name of some type, or guest, and then passes along this info to the hosted DB. The hosted DB kicks out an error message when FM tries to automatically open the file with the stored user name. 

 

I can solve this by creating an opener file with everyone's user name and password, but I'd rather not have to do this with every new end user!

 

What am I missing here?  How is everyone setting up their solutions to start at the end user level?  I can't imagine that solutions are shipped with the instructions to "open remote"?

 

Darren

Share this post


Link to post
Share on other sites

Are you certain you don't mean an opener script rather than file?

Share this post


Link to post
Share on other sites

If I understand you correctly. You should be able to set the opener file to open without a login request. Go to file option (file menu I think) and check login as guest.

Share this post


Link to post
Share on other sites

Don't use the Opener File.  Use a snapshot link instead.  The scenario you describe is the intended purpose of the snapshot link.  When the user clicks it, he or she will receive a credentials challenge (assuming the hosted file is open on the server).  After entering correct credentials, the user is admitted to the file with appropriate privileges.

 

Steven

Share this post


Link to post
Share on other sites

Two options that I employ, 

 

when the file is open go to the File Menu and choose "Send... Link to database." from there you should have you email client open with the URL to the file.

you can copy and paste that url in to your browser and at least on mac before hitting enter you can grab the favorite icon and drag that to the desktop.

this creates a shortcut to the database - were you are challenged for the password.

 

Alternatively you can create a very basic database that lives on the local computers desktop - there you could add basic branding when it opens then its startup

script is to OPEN URL with the same URL from above then closes the file.

 

The latter version the file name is .fmp12 vs some browser extension .webloc - and the ICON is a FMP icon vs a url shortcut icon.

Share this post


Link to post
Share on other sites

Re: "I can solve this by creating an opener file with everyone's user name and password, but I'd rather not have to do this with every new end user!"

 

Every new end user will have to have credentials set up—or at least assigned, if you use shared credentials such as Staff, or Accounts Staff—for the target file anyway, so I'm not sure I see the problem. The opener file should have the same set of accounts as the target file, and should be where users actually log in—your log in script will then carry over the credentials they enter, log them into the target file, and lastly close the opener file.

Share this post


Link to post
Share on other sites

Don't use the Opener File.  Use a snapshot link instead.  The scenario you describe is the intended purpose of the snapshot link.  When the user clicks it, he or she will receive a credentials challenge (assuming the hosted file is open on the server).  After entering correct credentials, the user is admitted to the file with appropriate privileges.

 

Steven

 

This sounds like a great solution - however - when I try this, I still get a FMServer error message, indicatiing authorization failed, before I try to log in:

 

FileMaker Server 13.0v5 on COMV3FM reported the following event:

2015-01-12 08:34:54.088 -0600 Warning 661 COMV3FM Client "Emery (ID2444) [172.zzzz]" authentication failed on database "Launch Pad.fmp12" using "Emery [fmapp]".

 

It seem like the system is logging me in automaticly, with incorrect information.  Any ideas?

Re: "I can solve this by creating an opener file with everyone's user name and password, but I'd rather not have to do this with every new end user!"

 

Every new end user will have to have credentials set up—or at least assigned, if you use shared credentials such as Staff, or Accounts Staff—for the target file anyway, so I'm not sure I see the problem. The opener file should have the same set of accounts as the target file, and should be where users actually log in—your log in script will then carry over the credentials they enter, log them into the target file, and lastly close the opener file.

 

The issue is that this opener file is not a hosted DB, it lives on each user's desktop, so every time we add a user, I have to send out a new file, with new credintials, AND add the new user to all of the hosted files.  I'd like to limit my work where possible. 

If I understand you correctly. You should be able to set the opener file to open without a login request. Go to file option (file menu I think) and check login as guest.

This is exactly what I would like to do, but it seems that I have to have the users log in somehow, even if "log in using" is not checked.  If they log in as guest, that info is sent upstream, and an error message kicks back when they try to log into the hosted solution as guest. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Who Viewed the Topic

    1 member has viewed this topic:
    anteas 
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.