Planning for Access to Web Services
If you plan to run workspaces from FME Server that access OAuth 2.0 web services (for example, Google BigQuery), you may need to perform additional configurations, depending on your FME Server installation:
- Private: Your FME Server installation is entirely behind your network's private firewall. A public DNS entry directs traffic to FME Server.
- Public/Private: Your private FME Server installation is complemented by a custom installation of the FME Server fmeoauth web service in a DMZ.
- Public: FME Server is installed on a public network (for example, FME Cloud). No additional configuration is required.
The diagram below shows all scenarios.
To enable web services using the Private option
- Install FME Server on your private network.
- Enable SSL on the web application server. For more information, see Configuring for HTTPS.
- Set up an entry to a public DNS service. Note the Redirect URI that is produced.
- To use the Redirect URI, see "Setting Up Web Services", below.
To enable web services using the Public/Private option
- Install FME Server on your private network.
- Install the FME Server Web Services on a separate machine on a public subnetwork, such as a DMZ. Note the following:
- The path you specify for the FME Server System Share.
- The hostname of the machine on which you are performing the installation, and the port number if different from port 80 (Windows) or port 8080 (Linux). This will be used as part of the redirect URI:
https://<host>:<port>/fmeoauth
- On the public machine, remove all web services that were installed, except fmeoauth. To remove, navigate to the web services install directory. (For example, if an Apache Tomcat servlet was installed: <FMEServerDir>/utilities/tomcat/webapps) Delete all .war files, except fmeoauth.war. Additionally, delete the folders corresponding to the .war files that were deleted. Do not delete the fmeoauth directory.
- From the FME Server System Share directory on the private network installation, copy the \localization directory to the System Share directory on the public machine.
- Enable SSL on the web application server on the public machine. For more information, see Configuring for HTTPS.
- To use your custom installation of the fmeoauth web service to connect to OAuth web services, see "Setting Up Web Services", below.
Setting Up Web Services
When you upload a workspace from FME Desktop that contains a web connection, a reference to the associated web service is also uploaded. If you are using the Public configuration described above, then the web service is defined correctly and no further configuration is required.
If you are using the private or public/private configuration, you must update the Redirect URI in the web service. The Redirect URI to use will be generated either from a public DNS service (Public), or from a custom installation of the fmeoauth web service on a public subnet (Public/Private). To update the Redirect URI in the web service, see Managing Web Services.