Overview of Securing FME Server
In FME Server, users are assigned to roles. Roles are granted permissions to FME Server services and resources.
When FME Server is installed initially, the following security resources are pre-configured:
- A set of default user accounts and passwords.
- A set of default roles and permissions.
As an administrator, you can configure users, roles, and permissions on the Security page of the FME Server Web User Interface.
Configuring your security framework depends primarily on who will be using FME Server resources. For example, if you are creating Internet applications and your web users are not in your Active Directory, you might want to use the default FME Server framework. However, if you are building applications to be deployed on your intranet, you might want to leverage your existing Active Directory to grant access to FME Server resources.
All security information is stored in the FME Server database.
By default, FME Server uses basic authentication to provide the username and password to the server. This authentication is not encrypted. To ensure that sensitive information is encrypted, we recommend that you use a Secure Sockets Layer (SSL) connection. SSL encrypts the data, protecting user names and passwords from malicious interception of transactions.