Skip to main content
  • EN

Good afternoon everyone,

I have one question regarding FME Server security. I am using FME Server 2014 with an Oracle database.

Normally when we create a user in FME Server, the user is create in table FME_USERACCOUNT with an encrypted password.

Now I have an issue that one of my web services have to access FME Job so my web services need username / password for basic authentication.

Now I have two options either I store password in some local storage with my web service or my web service access Oracle schema fmeserver and get password for user. If i can have decrypted password, the management will be very simple for me.

Can anyone guide me, may be I am missing some basic point over here.

I don't have AD in my infrastructure.

Can you please guide me ?

Regards

Rather than using basic auth, you should look into using a security token for your API access.

Here are a couple of starting points:

https://docs.safe.com/fme/html/FME_Server_Documentation/Content/ReferenceManual/service_token.htm

https://playground.fmeserver.com/getting-started/authentication/

Rather than using basic auth, you should look into using a security token for your API access.

Here are a couple of starting points:

https://docs.safe.com/fme/html/FME_Server_Documentation/Content/ReferenceManual/service_token.htm

https://playground.fmeserver.com/getting-started/authentication/

Thanks David, but even for that I need a password. I look at the documentation and to generate a token as well I need to have password for user.

 

It all depends on the security level that's necessary for your environment.

One solution could be to manually generate a security token with an "indefinite" validity and store the token in your database. The security token should be generated for an "API-only" user with extremely limited rights.

Some arguments for this solution:

  • More convenient, as you can easily expire or regenerate tokens without affecting the API user's account password.
  • A secure password (as in Basic Auth) is basically identical to a secure token. Using the token you don't need to store the username in your database, one less thing to worry about
Thanks David, but even for that I need a password. I look at the documentation and to generate a token as well I need to have password for user.

 

Hi @ayyaz_paracha,

 

Do you know the password for this user?

 

Once you've generated the token you wouldn't need the password.

 

Another thing you could look at is using the Guest User

 

Reply


Community Stats

30,159
Posts
114,480
Replies
37,806
Members
Terms & ConditionsCookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.