7 Replies Latest reply on Aug 6, 2014 11:49 PM by steve_ssh

    Secure XML Imports in Filemaker pro

    apsturk

      Does anyone have any thoughts on this. It's a new area for me and I have 2 database that are in big need to add this ability. 1 is for banking and the other is in the HR feild.

      Thanks a bunch

        • 1. Re: Secure XML Imports in Filemaker pro
          databuzz

          I'm not sure what you asking about specifically but FileMaker Pro v13 lets you import via an HTTP request and supports http and https if that's what you asking?

          • 2. Re: Secure XML Imports in Filemaker pro
            apsturk

            Hey thanks. I read and was told that XML import will not do https and that that is one of the big problems with it. I sure hope I can. It wouldbe like  buying a car only to find out that it has no motor. Most any biz to biz data exchange will be Secure https. So I guess I need to find out for sure if it can in fact Filemaker will do that. Thanks much

            • 3. Re: Secure XML Imports in Filemaker pro
              wimdecorte

              Many ways to skin the cat... The Import script step shows onnly HTTP as an option, but that one assumes that either the receiving XML is already in one of the FM grammars or that you will apply an XSLT on the way in.

               

              The "insert from URL" script step supports HTTPS and lets you receive the XML into a FM field.  From here you can parse it, re-export it to a local location for the import,...

               

              Or you can use one of the plugins to interact with the remote web service.

              • 4. Re: Secure XML Imports in Filemaker pro
                beverly

                Yes, the Insert from URL is the way to go. Once you have the XML (which is only a differently-formatted text), you can do as Wim says.

                 

                Lot's of lovely plug-ins that do some of this for you, especially if you need to do any SOAP transmission (request-response).

                Beverly

                • 5. Re: Secure XML Imports in Filemaker pro
                  steve_ssh

                  Hello,

                   

                  The Insert from URL script step does allow you to specify a HTTPS url.

                   

                  My understanding is that, while the transmission of the HTTPS request/response will be encrypted, FM does not perform a certificate check on the target server to protect against "man-in-the-middle" attacks.

                   

                   

                  Reference:

                   

                  The docs at http://www.filemaker.com/help/13/fmp/en/html/scripts_ref1.36.50.html#1095981  read as follows:

                   

                  https, httpspost, and ftps. FileMaker cannot perform a certificate check to verify that the server that you specify is the server that replies.

                   

                   

                   

                  HTH & Best,

                   

                  -steve

                   


                  • 6. Re: Secure XML Imports in Filemaker pro
                    apsturk

                    Thanks everone for the information, it's been a big help. Ok so about the "man-in-the-midd" thing. What way can I get https xml information that is secure as in perform a certificate check. secure and safe information is a must!!. Also do I need to "drop" this XML into a field before running a style sheet. I will need to do a exchange as all the XML information we will be working with will not be ready for the Filemaker gramer.  Does it have to be in a field of can it be saved to a folder before we work with it. Thanks again, this is a first for me to use XML in Filemaker, so there is lots to read to get prepared for like XSML style sheets and Filemaker gramer. Thanks to all of you I am getting a small head start so I can start with all the stuff I will NEED to look at first.

                    • 7. Re: Secure XML Imports in Filemaker pro
                      steve_ssh

                      Hello Apsturk,

                       

                      Below are a couple of partial answers to your questions which I hope will give you enough information to formulate your next steps/questions.

                       

                      HTH & Best,

                       

                      -steve

                       

                       

                      apsturk wrote:

                       

                      What way can I get https xml information that is secure as in perform a certificate check. secure and safe information is a must!!.

                       

                      A plugin should be able to get the job done securely, including performing the certificate check.

                       

                      One example of a great plugin which can do this is the BaseElements plugin by Goya:  http://www.goya.com.au/baseelements/plugin

                       

                       

                       

                      do I need to "drop" this XML into a field before running a style sheet.   ...   Does it have to be in a field of can it be saved to a folder before we work with it.

                       

                      It is not necessarily the case that you must write the data to a field in one of your tables, though doing so would be a reasonable step in setting up the import scenario. This is because, once the data is saved to a field, you could then use FM scripting to export that data to a local file which could be then be read in as the import data source (as Wim mentioned in his post above).

                       

                      Alternatively, if you are already using a plugin such as BaseElements, you might be able to use other plugin functionality to write to a local file directly, without ever having to store the data in a field.

                       

                       

                       

                      Additional Suggestion Regarding Transactions:

                       

                      If you have not already done so, I'd like to encourage you to do a little research comparing bulk imports of data using the FileMaker import capabilities versus implementing a transactional system.  I mention this because I believe that a transactional approach is likely to offer you more robustness in terms of allowing you to better detect, diagnose, and handle errors which may occur during the import process.  If you were to opt to use a transactional system, you might very well skip the FM import step altogether, and, instead, use scripting/calcs to parse the XML that you have received through your HTTPS request, and update/create records programatically, using transactions.

                       

                      I'd suggest the following resources for gaining some familiarity with FileMaker transactions:

                       

                           https://www.geistinteractive.com/filemaker-transactions/

                       

                           http://www.modularfilemaker.org/module/transactions/