span8
span4
span8
span4
This article is forFME Server 2013and older versions.For current information on FME Server Authentication visit theDocumentation
Authentication is the process used to determine that a user is who they say.
If you elect to enable FME Server security you will be required to authenticate to access all of the services which ship with FME Server.This will include the Web User Interface and the Web Administrator User Interface which will have login and logout capabilities.The REST API will also be secured but it uses a slightly different method which I will discuss later.
The FME Server services (except the REST API) usebasic authenticationto limit access.Basic authentication does not encrypt the password sent to the server as it is sent as plain text.Basic authentication is therefore good if the connection between the client and server computers is secure and can be trusted (i.e.local intranets).
If you interact with a URL that requires authentication,the user will be prompted to enter their username and password.If you wish to share a link or bookmark a page you can also include the username/password in the URL so it authenticates automatically.Simply construct a URL similar to this:
http://username:password@www.example.com…
e.g.
http://admin:admin@: /fmedatadownload/Samples/austinDownload.fmwNote: this is not supported in IE.
If you wish to deploy a more secure setup,FME Server supports SSL.Details on how to do this are located in theFME Server Admin Guide.
http://: /fmedatadownload/Samples/austinDownload.fmw
http://: /fmeserver/services
To do this,you need to ensure the resource (service) is assigned to the built in guest account.
Authorization – also known as Access Control – is the process used to determine what activities a user is permitted to undertake.
FME Server includes a role-based control framework so that administrators can assign each user to a different role with different permissions.That way,they can specify exactly which users have permission to carry out which tasks.You configure this by accessing the Security tab in the FME Server admin area.
The FME REST service uses token-based security.The token service allows the developer to generate a token,which then acts as a key for accessing the secure REST interface.The token is a string of encrypted information sent between client and server.
Within FME Server you can generate a token for a set period of time using the user's credentials.The token will be valid for the duration specified and should be used whenever accessing the REST API.
Token security is not as secure as certain other methods,such as Integrated Windows authentication as the security of the system depends on controlling access to the tokens.
PKIX Path Issues when Configuring HTTPS/SSL for FME Server
Problem Publishing to FME Server using Web Connection
Problem Manually Enabling Security (FME Server 2015 or Older)
3 Machine Distributed Installation
X-Frame-Options header | FME Server Clickjacking prevention
Authorization Fails Using Active Directory with FME Server
Invalid keystore format prevents accessing FME Server over SSL
FME Server Fails to Start When Configured to Use Active Directory
© 2019 亚搏在线Safe Software Inc |Legal