Running Services without Authentication
A special account referred to as the trusted user account, can be used to provide unauthenticated access to any component of FME Server. By default, this trusted account is named guest and is assigned to the fmeguest role. By default, the fmeguest role is configured to allow unauthenticated access to the FME Server Web Services. This means it is possible to invoke a service URL without providing any credentials.
|FME Lizard says...|
|If you want all of the FME Server Web Services to prompt for authentication, remove the guest account after you configure your own set of users and access control for your server.|
The trusted user account is configured in the propertiesFile.properties file for each web service. If your FME Server installation uses the built-in Apache Tomcat servlet, these files are located under:
...where <service> should be replaced by one of the various services located in the webapps folder.
To change the username and password of the trusted account for a service, configure the DEFAULT_USER_ID and DEFAULT_PASSWORD parameters:
You may need to restart the FME Server Web Application service to see these changes take effect.