I think that I solved it. The script protocol that seems to be working is this:
It seems important to NOT use the "%20" to cover spaces in the account name or password; it didn't work when I used that.
Also, Apply configurator automatically edited the script protocol when I save the configuration profile; I had to re-open-it and edit it and re-save it in order to make it stick.
It's only gone through 10 minutes of testing, but it seems to work. If anyone has any further thoughts, I'd much appreciate it, but this seems to be working : )
I'm aware that if the IOS device falls into the wrong hands it's possible the database could be compromised;
What about the account details being sent across the wire in plain text. Is that OK too?
Couldn't say. I'd much appreciate your thoughts on that. Would you say that the majority of top Filemaker developers would never adopt this practice? Say, platinum level folks? I'd not like to do anything that would jeopardize the database, or that wouldn't be in keeping with the standards of the top developers. Thanks!
Lots of users complain about having to type their credentials, however, they are usually being paid to do so.
You will need clear instructions from a person who has responsibility before you proceed to over-ride the built-in security mechanisms provided by the software.
If you do get the go-ahead try to create a secure shortcut:
Deliver a fmpro file which is used solely as an opener for the remote file. Your web config file can point to this file. It can be delivered empty. On first run it prompts for a user name / password. It then creates a user account within itself and uses that to open the remote file. Subsequently, it will open up the remote file using the credentials stored within it.