12 FileMaker Pro Web Publishing Security Guidelines
http:///FMPro? db=abc.fp5& format= fmp_xml& layoutnames
You should only see the names of the layouts you intend to expose for that database.
To personalize the above examples for your testing environment, substitute your IP address or
localhost
for , and the actual name of your database for abc.fp5.
Note
If you are interested in creating a secure data environment and do not have the experience or
skills to ensure complete security, contact a FileMaker Solutions Alliance (FSA) member who
specializes in security. For more information on FSA developers see www.filemaker.com/
developers/fsa_members.html.
Securing data for web publishing within FileMaker Pro
FileMaker Pro provides two methods of web publishing: Instant Web Publishing and Custom Web
Publishing.
FileMaker Pro also provides two primary methods of web security: access privileges and the Web
Security Database.
Databases published with Instant Web Publishing must use FileMaker Pro access privileges to
provide web security.
Databases published with Custom Web Publishing may use either access privileges or the Web
Security Database.
Access privileges and the Web Security Database differ as follows:
Supported by FileMaker Pro Supported by FileMaker Pro
Feature
access privileges
Web Security Database
Password protection
Yes
Yes
User ID/User name verification
No
Yes
Disallow searching using a specific field
No
Yes
Administer security privileges remotely
No
Yes
Security for a field across an entire database Yes
Yes
Security for a particular record
Yes
Yes
Security for a field by password
Yes
No
Scripting
Indirectly Scripting capabilities Yes Scripting capabilities are
reflect the privileges associated
Boolean. For example, you can
with a particular password. For
either enable or prevent a user
example, if a password permits
from performing all scripts.
creating new records, then
scripted creation of new records
is allowed.
Control browsing of records
Yes
Yes