3 Replies Latest reply on Jan 25, 2012 3:07 PM by Stephen Huston

    security in a data separation model


      I have just launched a separated-model system with a UI file and a Data file. Currently I have security on both files, with each user account duplicated in UI and Data files.


      This presents a problem if the user changes their password, and then I supply a new UI file to upgrade the system, thus overwriting the new passwords that users created. the users want to be able to create their own passwords.


      Perhaps I should have no security in the UI file and only authenticate in the data file?


      Darren Burgess

        • 1. Re: security in a data separation model

          Absolutely not. Security password change can be scripted. Use that instead of no security on any file.


          -- sent from my iPhone4 --

          Beverly Voth


          • 2. Re: security in a data separation model


            I have my UI files open by default with an anonymous login account and at the first scrip step that touches the data file, the user is asked to enter username / pw.

            When this step passes, the privilege set in the UI is set to the level that that user is assigned to in the data file, when it fails (after 3 attempts), FileMaker will quit.

            This allows me to upload new UI files without any hassle.


            Escapes are built in:

            • when started with CTRL-ALT to start the login popup in the UI and I can enter full access credentials.

            • when opening empty clones, subscript to relogin as developer, using login popup in UI

            • above subscript also has a NIC check to allow direct entry for developers via a locally hosted file.

            1 of 1 people found this helpful
            • 3. Re: security in a data separation model
              Stephen Huston

              Hi Darren,


              I use a similar system to what psijmons describes.


              Set an auto-login account with restricted permissions in the Interface file for your general users. Do all of the data-restrictions in the real individual accounts in the Data file. That way the credentials travel with the Data.


              The only credentials you need in the Interface are a Full Access account for you and a User Account that is used for the auto-login by others.


              You don't want to lose the advantage of the Separation model, being able to substitute a new Interface as needed. If you had to rebuild individual credentials in the interface, it would easily get out of sync if you need to update via an off-site copy of the interface and then swap that file. This is especially critical in vertical market solutions where you have multiple sites using their own copies, and you want them all to swap to an updated interface file as part of your upgrade.


              Stephen Huston

              1 of 1 people found this helpful