10 Replies Latest reply on Feb 21, 2017 3:39 AM by trilogy1000

    WebDirect Login by URL

    ChristofferRexen_1

      Hello everyone

       

      So, currently battling my way through a new request from a customer.

       

      I set up a database, available through WebDirect, which the customer would like to log into through an unique loop, although is this possible?

       

      I know it is possible if the client has installed FM, through lets' say an URL created like this:

      FMP://Test:Friend123456@192.168.2.8/DATABASESAMPLE

       

      Although, how does this URL look like, if I want the client to open the database through a browser / WebDirect?

       

      I testet some, but all I seem to get is this message.

       

      "Database not available"..

       

      Could someone point me in the right direction?

        • 1. Re: WebDirect Login by URL
          user19752

          User:password@ part is not supported in the URL of WebD.

          There may be example that implement auto-login using script parameter.

          3 of 3 people found this helpful
          • 2. Re: WebDirect Login by URL
            Johan Hedman

            http(s)://<host>/fmi/webd#<Database Name>?script=<Script Name>&param=<Script Parameter>&<$Variable Name>=<Value>

             

            Are all things you can add to a login to WebDirect. You can not use password and username to get in directly to your WebDirect solution. You can login as Guest without login, but that is not a secure way to store your data.

             

            There is different ways to login as a Guest and then show users a layout where they enter Username and Password into a two different fields that you then check towards a table inside your solution of you grant them access or not. That is still not something I would recommend

            1 of 1 people found this helpful
            • 3. Re: WebDirect Login by URL
              ChristofferRexen_1

              Thanks for the quick replies both of you.

               

              Now, since User:Password@ is not supported for a direct login to WebDirect, is there a better and recommended 'safe' approach to this?

               

              If even possible?

              • 4. Re: WebDirect Login by URL
                Johan Hedman

                There is no 100% save alternative if you do not want to use FileMakers own login and get directly into your database. You should always have a safe solution using WebDirect with preferably unique username and password for each user.

                • 5. Re: WebDirect Login by URL
                  mikebeargie

                  I want to reiterate Johan's comment that there is no 100% "safe and secure" method of doing an auto-login via URL.

                   

                  That said, there ARE ways of doing an auto-login. The least secure and definitely NOT recommended way is to pass the plaintext username and password as parameters in the URL that are handled by the login script.

                   

                  Currently, my preferred method is to use PHP-based CWP to create a "handshake" by:

                  1) Writing an encrypted packet into FileMaker via CWP (I use AES256)

                  2) receive the UUID of the newly created FileMaker record back to CWP

                  3) redirect to FileMaker WebDirect using the UUID as a URL parameter

                  4) FileMaker takes UUID, decrypts matching packet, and performs re-login action. (plugin required to decrypt AES256)

                   

                  Using this method I can handshake either a generic user account, or support multiple accounts.

                  1 of 1 people found this helpful
                  • 6. Re: WebDirect Login by URL
                    trilogy1000

                    "The least secure and definitely NOT recommended way is to pass the plaintext username and password as parameters in the URL that are handled by the login script."

                     

                    I understand the risks involved with this but I'm still interested in how you write a script which can accept a username/password as parameters and login to a solution.

                    I'm currently working on an internal system for which an auto-login is my preferred option. Passing parameters to an opening script and getting to the correct layout are straightforward but I don't see any script step which could bypass the FMP login dialog.

                    • 7. Re: WebDirect Login by URL
                      mikebeargie

                      you set the file to auto-login with a guest account or other account, then have the OnFirstWindowOpen script run the re-login script step.

                      1 of 1 people found this helpful
                      • 8. Re: WebDirect Login by URL
                        user19752

                        The trigger won't take script parameter, so need script=reloginscript in URL.

                        1 of 1 people found this helpful
                        • 9. Re: WebDirect Login by URL
                          mikebeargie

                          https://fmhelp.filemaker.com/docs/15/en/fm15_webdirect_guide.pdf

                           

                          Page 28 of the guide.

                           

                          Sorry, instead of OnFirstWindowOpen, specify a script to run and pass parameters to it.

                           

                          script=reloginscript

                           

                          he did not specify that “reloginscript” is the name of the script you have to log in.

                          1 of 1 people found this helpful
                          • 10. Re: WebDirect Login by URL
                            trilogy1000

                            Yes, I understand with regards passing the parameters to a designated script via the URL, thanks. I have a test project here which works fine passing parameters to scripts.

                             

                            Having looked a little deeper at the available security options, the fact the Guest access can be locked down so granularly really sorts the problem for me anyway. It is good to know about this though in case it arises again (I can see about a million instances where it may).