Since v8 FileMaker® Server Advanced got a new IWP login page.
It's better than the previous authentication scheme in a number of ways. The most important one is that you can use non-romanized account names for non-English applications. If you application is entirely in Russian or Japanese, romanized account names look quite awkward. With FileMaker 8 romanized ‘Petrov’ and ‘Ueda’ can be changed to real ‘Петров’ and ‘上田’.
Yet it also has some disadvantages. Though you can customize the IWP home page, there's no instructions on how you can place the authentication form on this page and save your users a few clicks. If you want to allow both guests and authenticated users, guests will have to go through the same authentication page as well. The form is implemented in such a way that users can no longer have their browsers to remember the login and password. Unless they use some other password management utility like KeePass, they will have to type both their login and password every time. As I see this is intentional (the form has the autocomplete attribute explicitly set to off), but such a strict policy is not always necessary.
On FileMaker Forums I've seen some requests about this problem. There are also answers, but none of them gives a complete solution and some suggestions are a bit too complex. So here are exact recipes that work.
In all the examples I used the FMServer_Sample file that comes with FileMaker Server as the sample file to log in to. The HTML internals are shown on screenshots, but, of course, I have a sample file with all the code.
Log in to a file via form
As [Guest]:
As an authenticated user:
In both cases the file name is in the dbpath param:
Change it if you need to log in to another file.
Log in to a file via link
As [Guest]:
As an (predefined) authenticated user:
As you see it's simply a mechanical transformation of the forms. The only thing that requires special attention is the dbpath parameter: you have to encode reserved, non-ASCII and “unsafe” characters.
Check this if you need more information on URL encoding.
Don't forget to grab the sample file :) Next post (Dec 22, 2006): Miscellaneous development tips.
Thanks for your examples. They use a couple of special terms like "-startsession" and "-authdb". Do you know which part of the FileMaker Web Publishing system interprets this terms - and which other terms are available, their syntax etc? Maybe they could be used for some control of the web publishing system?
Best regards Mogens Brun
FM Integrator
Posted by: Mogens Brun | March 27, 2007 at 02:53 PM
I extracted these parameters from the source code of the IWP login page with some help of Firefox DOM Inspector, I think. There can be some other parameters, but I have no idea where to get them :) except that from other IWP pages maybe. This would be a rather tedious job though.
Posted by: m.edoshin | March 27, 2007 at 10:32 PM
Thanks for this explanation but is there some way to make this url emailable?
I've gotten my direct login test url working in a web page but when I copy the url to an email (or a web browser address bar) it does not work.
Ive tried the unencoded and encoded (%2F, etc.) versions and neither work.
I don't understand why this will work as a clickable link but not a direct url.
Posted by: icarux | May 23, 2007 at 05:21 AM
This is great! Thanks so much for the help, this is working so well for our users to more easiliy access the databases.
The only issue we have found is if a user tries to access a 2nd database during the same browser session; they end up back in the original database. I'm guessing this is a cookie-related issue? Is there any way to force clearing the cookies and starting a new session?
Thanks again for your help!
-Rob McLear
Posted by: Rob McLear | June 01, 2007 at 04:23 AM
Did anyone manage to get round the cookie problem?
Posted by: Nick | June 13, 2007 at 12:30 PM
To icarux: try replace in the URL with actual ampersands.
To Rob and Nick: if the user logs out the first database using the button on the status area then he/she will be able to connect to another just fine. Does this solve the problem?
Posted by: m.edoshin | June 16, 2007 at 02:44 PM
I've used some Lasso code in custom login pages before to clear out the cookies - works great!
Here it is:
[cookie_set: 'http-session'='', -expires='-1', -path='/fmi/iwp']
[cookie_set: 'fmi-cookie'='', -expires='-1', -path='/']
- John
Posted by: John May | June 20, 2007 at 05:55 AM
With regards to the cookie solution, how is this code implemented? Where abouts in my html page do I use this code?
Posted by: Shaun Kilbride | July 31, 2007 at 02:21 PM
Does this login bypass solution still work in FMSA 9? I keep ending up on the IWP home page.
Posted by: Steve St-Laurent | October 14, 2007 at 03:47 AM
It works! Absolutely brilliant, Mikhail!
Someone from Technet directed me here when I asked how to do this. Thanks so much!
Paul
Posted by: Paul Spafford | March 25, 2008 at 07:20 PM
I tried implementing this technique to login as a guest and a user with an account. It worked great when I tried to connect to only one database, but when I created links to two separate databases odd things happened. whichever database link I used first in a session was the one I was redirected to when I clicked on the 2nd link. If I switched to a different browser and started w/ the 2nd link, that was the database that was opened when I clicked on the first link. Any help on insight will be appreciated. Here are pages w/ the links to the Video Resource Database and the Claims Database:
http://www.montgomeryschoolsmd.org/departments/development/index.shtm
http://www.montgomeryschoolsmd.org/departments/development/teams/admin/admin1.shtm
Posted by: David Kreisberg | May 23, 2008 at 07:45 PM
Hi David,
Sorry, I tried to see why this may happen and what could be the remedy, but didn't spot anything.
Since these links appear to be public, why not to simply allow guest access to these files?
Posted by: m.edoshin | May 26, 2008 at 08:31 PM
Thank you so much for sharing this neat workaround Mikhail. It has solved a problem for a new shared database in one go!
Posted by: Chris Attkins | May 27, 2008 at 04:53 PM
We originally had both database set for guest access, but we still had the problem of the 2nd link redirecting to the 1st database. Very puzzling.
Posted by: David Kreisberg | May 28, 2008 at 03:22 AM
Great work around! I am using this with Filemaker 9 Advanced Server (OS 10.5) and it works as advertised. The only issue I can't seem to get right is on Logout from IWP, I am returned to the iwp_home.html page. So I replaced the default page with the new page based on your schema. This works great, but I can't display any graphics on this page. I've tried hard coding the path to the image, but this doesn't work either. Any idea how to code an img src (or where to locate the image file) to show on the iwp_home.html custom page?
Your solution is much better than the other ideas that are out there. Thanks for sharing this.
Posted by: bharvey | July 01, 2008 at 08:03 AM
I cannot Log in to a file as an (predefined) authenticated user via link. This is what I am using:
http://localhost/fmi/iwp/cgi?dbpath=%2Ffmi%2Fiwp%2Fcgi%3F-db%3DEstimate_Tracker%26-startsession&acct=account&name=test&password=&login=test&-authdb
For local host I am using our internal ip address of the filemaker server
Account Name = test
Password = test
Any thoughts?
Posted by: Omar Cabello | July 09, 2008 at 08:16 AM
I think what's missing is the “test” password. It should be right after “password=”.
Posted by: m.edoshin | July 09, 2008 at 09:31 PM
We would like to be able to pass other parameters to an IWP application, such as a record number, so that users can be dynamically directed to a record when they log in. Does anyone have any ideas on how this might be done via a URL?
Posted by: Jenifer Bracewell | September 16, 2008 at 08:18 PM
Thanks Mikhail! I've been agonizing over how to do this. You are awesome!
Jenifer, not sure how you'd do it via URL, but you can set a start script in the FMP database to take users to a particular record when they log in. You can even make it send a particular user to a particular record depending on info in your database or based on group privileges.
Posted by: Aaron | September 19, 2008 at 04:28 PM
Thanks, a great page you are running.
What if I want at link to force the username, but not the password?
Posted by: Jacob Nicolaisen | December 12, 2008 at 01:30 AM
You can hardcode only one option and let user fill in another. It's a bit harder to do with a link, but with a form it's simple: you hide the “name” input using the "hidden" attribute (cannot post HTML codes here) and leave only the password. With a link it would require some JavaScript to work, I think.
Posted by: m.edoshin | December 12, 2008 at 02:16 PM
Hi,
I would like to know, how to pass a script parameter in an IWP URL ???
I need that my opening script, would analyse the script parameter.
Sincerely, Joel.
Posted by: Joel Englander | December 29, 2008 at 12:53 PM
Hi Joel,
I don't think its possible. That is opening IWP is roughly same as opening a file in FileMaker itself. It can run a startup script, but cannot accept a parameter for it. You'd need something CWP-like for this.
Kind regards, Mikhail.
Posted by: m.edoshin | December 29, 2008 at 09:15 PM
Mikhail,
If I do something in CWP,
how do I get back in my IWP Site with my parameter ???
I have tried to make an other IWP FM File, with an opening script, that execute an external script with the parameter, and that is suppose to put me on the correct layout (on the regular FM File); but on the web it doesn't switch from on page to another !!!
Have you ever try to do that ??? Do you know the Solution ???
Sincerely, Joel.
Posted by: Joel Englander | December 30, 2008 at 09:00 AM
No, I don't know how to solve this. What kind of parameter is it? Is it something that can be deduced from the user name or something else that can be read with Get() functions (e.g. different layouts for FM and web clients)?
Posted by: m.edoshin | December 30, 2008 at 07:24 PM