While testing the OpenC Documentor for Claris Connect, which generates PDF and Word documents from Word templates, I needed a public URL to the template document.
Fortunately, Claris FileMaker returns public URLs to container field contents when queried through the Data API. And to make things even more easy, Claris Connect contains a helpful action that does exactly this.
Cool, so I should now have a nice public URL to my file…
Oof, that celebration was a little premature.
The solution
I spent an hour trying to fix this, but the solution was straightforward. It all has to do with the AuthenticatedStream option of Claris FileMaker Server, which turned out to be perfectly documented:
TheAuthenticatedStreamparameter controls whether Claris Connect [and any other Data API client] can access container field data. Claris Connect will be able to access container field data if you change the default setting for theAuthenticatedStreamparameter. By default, theAuthenticatedStreamparameter is set to 1, which restricts access. Setting the parameter to 2 allows connectors to use container field data without explicit authentication.
It cannot be changed via the Admin Console, so we need terminal access on our server in order to set it by running this command:
fmsadmin set serverprefs AuthenticatedStream=2
“Without authentication” ?!
As we have read:
Setting the parameter to 2 allows connectors to use container field data without explicit authentication.
“Doesn’t this allow anyone to access our container fields?” you ask rightly. In theory, the answer is “yes, it does.” That was the whole point: expose container content through a public URL, which, honestly, is quite predictable:
https://myfmserver.com/Streaming_SSL/MainDB/<ID_OF_THE_FILE>.pdf?RCType=EmbeddedRCFileProcessor
“But you only have to guess the file’s ID in order to access any file in my FileMaker app!”
It’s a 64-byte random hexadecimal string. Hence, you would have to try all 115,792,089,200,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 possible combinations, so please rest assured (or accept the challenge!).
Have you ever faced a similar issue with Claris FileMaker Server for which you did or did not find a solution? Please share your experience in the comments below.