Page Extraction security restriction

Similar Messages

• Remove 'Page Extraction' security restriction in PDF generated by ADS

  Hello Experts,
  I am currently working on a SAP CRM project where we are using Adobe Document Services (ADS) to generate some PDF documents from SAP.
  I have an issue with the Page Extraction security restriction associated to PDF generated by ADS.
  This cause a problem to us since we are expecting the PDF to be processed by Streamserve later on. Streamserve is then 'converting' the PDF in its proprietary format (.lxf) and is preparing a Post Script file for our printing partner.
  I have understood that Streamserve cannot processed our PDF because of the Page Extraction restriction (out from ADS, value is set to Not Allowed by default).
  I have seen the following posts in SDN:
  Page extraction property in PDF document  is set to 'not allowed'
  Document Restriction Interactive Form
  I am then getting concerned since it does not look as straightforward as I would have expected.
  --> Can anyone confirm if there is a way to set the Page Extraction restriction as Allowed?
  Via ADS configuration? Via code? Via some work in SAP (SFP, output device config...)?
  In the above SDN posts, I can read things about buying a policy server, using Adobe Acrobat Pro or Reader Extensions.
  Does anyone have a clear cut?
  Thanks a lot.
  Brice.

  Hello,
  I don´t know how to make this work. I would open the OSS message for this and want SAP to give a workaround or say clearly this cannot be done. Well... in one of the mentioned threads it is mentioned that SAP said this is the right behavior but there was not a word about if that can be changed.
  Otto
  p.s.: probably it would be better for you to send only RAW data (i mean only XML data) and make the partner work with it. If the PDF is converted to "something" by a machine, then you don´t need PDF (what is a user GUI), to send only the data should suffice, or not?

• I need to restrict printing but keep the Content Type and Page Extraction allowed. How do I keep both the content type and page extraction displaying allowed?

  When I change the settings to allow for the content type and page extraction and save it, it shows allowed.  When I close the pdf, reopen it, review the security properties, it shows the content type as allowed and the page extraction as disallowed. I need both to stay at allowed, how do make this happen?

  The moment that you select not to allow any kind of change done to the file then pages extraction is automatically not allowed as well. There's no way around that.

• PDFL - How do you secure a document's permissions AND allow page extraction?

  I was directed here by Adobe technical support.
  I am currently using PDFL 10.1.1 to try to secure a new document's permissions.
  Most of the pdPerm flags work as advertised, and enable/disable given permissions. However, for every possible combination of flags, the permission to "extract pages" remains locked. Even pdPermAll, which is documented as "all permissions," yields a document with page extraction locked.
  Is there a way to secure a document's permissions AND allow page extraction?
  Thanks in advance for your help!

  Hi SarahL,
  According to your post, my understanding is that you want to display a document library with different view as web part on some sites’ pages.
  I recommend that you can follow the steps as below to implement it in your environment.
  Go to your site, create a main document library, create different views on the document library.
  Go to “Library Settings” of the current document library, click “Save document library as template” under the “Permissions and Management” section, check “Include Content” and click “OK”.
  Go to your other sites, create new document libraries based on the new template, create new pages to insert the new document libraries web part, then respectively edit the list view web parts to select different views based on your needs and save the changes
  of the pages.
  Then, the new pages will be like below:
  Best Regards,
  Yumi Fu

• Extracting secured content?

  I know this might be a touchy question, but I thought I'd ask it anyhow. More fool I .
  I recently needed to extract high-resolution images from a PDF document that was secured against Page Extraction. This was a public filing with a local municipality (so the information was unambiguously free) obtained from that municipality, but the company that filed the electronic version chose to secure it. There's no question in my mind that I should have had full access to the images. Furthermore, I was on a deadline, so attempting to get a better format from the original source was not viable.
  What's the best approach here?
  On a very short timeframe, I ended up blowing up the images on a very large screen and taking screenshots. Lame but adequate.
  Looking a second time more recently, I see that if I open the PDF in Preview.app and choose Export as PDF, it removes those restrictions, and then I can extract the images using Acrobat Pro.
  Is there a better way? I'm always way of using Preview in any kind of critical workflow.
  One imagines I could print to Postscript from Acrobat Pro and then Distill. I don't know that this would be better, and I could imagine I'd have to fight to defeat security encoding in the Postscript, if memory is a proper guide.
  I guess I could patch pdftk to help me remove passwords. I could use ghostscript to do so. I could use qpdf.
  I dunno.
  Tangent:
  Another problem I ended up with was how to extract an image that was stitched together from two rectangular portions (top and bottom). It would have been nice to select the two with the Edit Object tool and hit Edit Image, but that doesn't work. I can get them both in Illustrator as seperate images but that's not helpful. I can Save as Image the whole page and crop it in Photoshop. But ultimately easiest seemed to extract the two images and recomposit them in Photoshop. Which just seemed wrong. Thoughts?

  Dave: I certainly respect the forum moderators' preference to not discuss certain techniques, but your justification is incorrect
  Sorry, but irrespective of the assumed status of the document, bypassing copyright protection measures is a breach of DMCA s1201.
  That may be true, but the document in question is not copyrighted. It is in the public domain. As such, the Digital Millenium Copyright Act does not apply, and it is not a 17 USC 1201 circumvention. Indeed, §1201(a) is quite explicit:
  (A) No person shall circumvent a technological measure that effectively controls access to a work protected under this title.
  Public domain documents are not such works. And in this municipality, such documents are public domain.
  In answer to your second question about image fragments, there is a Preflight fixup to detect and merge them.
  Thanks.

• Page Extraction is showing as Not Allowed in Adobe Reader XI

  I open one of my pdf files in Adobe Reader XI. When I look at the Document Properties -> Security -> Document Restrictions Summary, Page Extraction is showing as Not Allowed.
  But when I open the same pdf file in Reader X, Page Extraction is showing as Allowed.
  Any Idea what could be the reason? Why is it like that?

  If what you are saying is YES, then Page Extraction should be always Not Allowed for all the pdf files in Reader versions. I have many other files, when I open them in Reader it shows Page Extraction as Allowed.

• Allowing page extraction with a change permissions password enforced

  How can I enforce a change permission password for my PDF and still allow for page extraction?  All settings I have tried result in page extraction being not allowed.  I've seen on another discussion site that enabling printing and selecting any option other than the last two for the configuration Changes Allowed should allow for page extraction.

  As I understand it, all security settings (except "None") will have that effect. New documents wouldn't have security, so it would be pointless to have the security. You can delete all unwanted pages, however, if document editing is permitted.

• Security restriction in LoginModule?

  I have implemented my own LoginModule. In the module, I try to reference an
  EJB.
  When I call PortableRemoteObject.narrow(), I get the following error:
  java.lang.ClassCastException: Cannot narrow remote object to
  net.lm.uams.service.ejb.UserAccountManagementServiceRemoteHome
  Is this because of some security restriction related to the LoginModule, or
  do you think that the problem stems from having two copies of the same EJB
  classes? If the problem is related to having two copies of the classes, how
  would I go about referencing the classes from the LoginModule without having
  them in that .jar file?
  Note that this problem isn't at weblogic startup - I have written code to
  handle this initial administrator authentication. The problem occurs later
  during form-based authentication. The publicly available pages/EJBs work
  fine.
  using WLS 7.0 on win2000.
  I'd appreciate any pointers.
  thanks
  Sean

  Bill,
  I haven't added anything at all to the classpath in my startup script. WL
  just picks up my jar in WL_HOME/server/lib/mbeantypes. I've done a
  System.getProperty() for the classpath at runtime, and it doesn't include my
  ejb.jar.
  Yesterday, I re-wrote my class to do a straight JDBC lookup to the database
  for username/pwd/roles. It's not the solution I'd prefer, because it
  introduces a reliance on the underlying database schema into the
  LoginModule. But, I don't really have time at the moment to spend
  experimenting with my original idea. Hopefully I can come back to it in the
  future.
  thanks again,
  Sean
  "William Kemp" <[email protected]> wrote in message
  news:[email protected]...
  Each enterprise application has it's own classloader hierarchy, whichmeans the
  ejbs and webapps in an EAR file are loaded by a classloader hierarchy thatis
  parented by the boot, system, and application classloaders that load theboot
  classes, java core classes, and weblogic.jar classes, and any classes thatyou
  put in the classpath when you start weblogic. The EAR file classes areloaded
  below these, hierarchically speaking.
  I am assuming that you have put your LoginModule classfile in the javaclasspath
  when you start the server. Are you perhaps putting the jar file generatedby the
  ejbc process in the java classpath when you start the server, too? Couldyou
  post your start script? Also, remember that the start script that comeswith
  weblogic prepends it's jars and what not to the existing classpath. So,that
  while you may not be explicitly adding the ejb jar file to the classpathin the
  start script, it may be already in the classpath in the currentenvironment and
  the start script is tacking that on at the end.
  Just a guess.
  Bill
  Sean Ryan wrote:
  Thanks for the response William. I have tried what you suggested, but
  the
  problem is still the same.
  If I do the jndi lookup without the narrow() part, I can execute methodson
  the resultant object using reflection. This is a bit of a hack, and not
  really a satisfactory solution.
  I have written a main() method in my class, and when I execute it (fromthe
  .jar), it can do the lookup and narrow without any difficulty.
  As I understand it, each container has its own classloader, however myclass
  is essentially executing from within weblogic. Is there a bit of a greyarea
  here in relation to class loading? Because, as I said my class worksfine
  when it is executing in a separate jvm.
  again, I would appreciate any input you can offer.
  Sean
  "William Kemp" <[email protected]> wrote in message
  news:[email protected]...
  If this was because of a security restriction, you would see a
  different
  Exception. Try putting just the compiled Home and Remote interfaces inthe
  classpath used by the LoginModule and not the jar file with thegenerated
  and
  compiled code for the stubs. You don't need them in the client becuase
  you
  are
  coding to the inteface, not the stubs.
  Bill
  Sean Ryan wrote:
  I have implemented my own LoginModule. In the module, I try to
  reference
  an
  EJB.
  When I call PortableRemoteObject.narrow(), I get the following
  error:
  >>>>
  java.lang.ClassCastException: Cannot narrow remote object to
  net.lm.uams.service.ejb.UserAccountManagementServiceRemoteHome
  Is this because of some security restriction related to theLoginModule,
  or
  do you think that the problem stems from having two copies of the
  same
  EJB
  classes? If the problem is related to having two copies of the
  classes,
  how
  would I go about referencing the classes from the LoginModule
  without
  having
  them in that .jar file?
  Note that this problem isn't at weblogic startup - I have written
  code
  to
  handle this initial administrator authentication. The problem occurslater
  during form-based authentication. The publicly available pages/EJBs
  work
  fine.
  using WLS 7.0 on win2000.
  I'd appreciate any pointers.
  thanks
  Sean

• Page Level Security

  Hi,
  My company generate report using  "Actuate" reporting tool. Now they want to migrate from Actuate to Business object. Actuate can do Page level security" . How can I provide Page level security in BO ( In Designer or in Webi). Thank for your help.

  HI Vamsee ,
  Reports we can designed in such a manner like main report and sub report.
  so that subreport can be viewed in hyperlink...
  so that hyperlink can be restricted to some user and allowed to some user.
  (consider main report and subreport as page)
  Regards,
  Kannan.B

• How can I tell if a page is secure

  How can I tell if a page is secure? There used to be an option to view a security certificate although this has been removed from the toolbar?
  Also, how can I refresh a page now that the button has been deleted from the toolbar?
  Thanks

  It has been changed. Please read this article:
  https://support.mozilla.com/en-US/kb/Site%20Identity%20Button
  You can use this add-on to get the classic icon back:
  https://addons.mozilla.org/en-US/firefox/addon/padlock-icon/
  Refresh Button:
  It has been incorporated into the far right end of the Address Bar. When you load a page, it is a "Stop" button, when it finished loading, it turns into a "Reload" button.
  If you want it to be somewhere else in the Toolbar, you can drag it out to wherever you want. If that doesn't work, try this:
  View > Toolbars > Customize and drag the Refresh/Stop icon into the window, then drag it back out to wherever you prefer.

• Security restrictions , how to read access a txt file supplied in a jar

  I had written a simple application which uses file handling to display random line from a file on a swing window
  but I do not know how to give my web application permission to access a file
  when I set security permission to all, then error says the application cannot load because the code require unrestricted acess to system resources and is unsigned, I don't know how to get that certificate and I am only doing it for learning purposes.
  when I remove security permissions then it says
  access denied java.io.FilePermissions geekjoskes.txt readPlease help
  I locally signed the jar file, and give my jnlp fiel all permissions, worked fine in my system but when I access same file from local lan it sho errors ,
  please help, I have my txt file stored in my jar file with main class
  the whole jnlp file is
  <?xml version="1.0" encoding="utf-8"?>
  <!-- JNLP File for geek jokes -->     
  <jnlp spec="1.0+"
         codebase="http://localhost/javasoft/webstart/"
        href="geekjokes.jnlp">
     <information>
        <title>Geek Jokes</title>
        <vendor>Vaibhav Mishra</vendor>
        <description>Geeky jokes</description>
        <homepage href="http://scjpbeginner.blogspot.com"/>
        <description kind="short">shows random jokes</description>
        <offline-allowed/>
     </information>
     <resources>    
          <jar href="GeekJokes0.1.jar"/>  
       <j2se version="1.6+"
             href="http://java.sun.com/products/autodl/j2se"/>
       <icon href="geekjokes.gif"/>
     <icon kind="splash" href = "geekjokes.gif"/>
     </resources>
     <security>
        <all-permissions/>
     </security>
     <offline-allowed/>  
     <application-desc main-class="GeekJokes"/>
  </jnlp>Edited by: 76jsr on Aug 7, 2008 3:45 PM
  Edited by: 76jsr on Aug 7, 2008 3:49 PM

  >
  I am extremely thankful to you and finally my first little app is working thanks to you,
  here is it's link
  [http://profile.iiita.ac.in/IIT2006117/javasoft/webstart/geekjokes/geekjokes.jnlp|http://profile.iiita.ac.in/IIT2006117/javasoft/webstart/geekjokes/geekjokes.jnlp] >
  I am glad you got it working! But that launch file is still slightly invalid.
  Here is a corrected, and slightly optimized (you can leave the prefix off the href, if it is the same as the codebase), version of it.
  <?xml version="1.0" encoding="utf-8"?>
  <!-- JNLP File for GeekJokes 0.3 app -->
  <jnlp spec="1.0+"
        codebase="http://profile.iiita.ac.in/IIT2006117/javasoft/webstart/geekjokes"
        href="geekjokes.jnlp">
     <information>
        <title>GeekJokes App</title>
        <vendor>Vaibhav Mishra</vendor>
        <homepage href="http://scjpbeginner.blogspot.com"/>
        <description>Geeky Jokes</description>
        <description kind="short">Cshows random jokes</description>
        <offline-allowed/>
     </information>
     <resources>
         <j2se version="1.6+"
             href="http://java.sun.com/products/autodl/j2se"/>
         <jar href="GeekJokes0.3.jar"/>
     </resources>
     <application-desc main-class="Process"/>
  </jnlp>Very 'Geeky', BTW. ;-)
  Another few things I noted when I looked at it.
  1) There is a stray thread going after the JOptionPane is dismissed. The VM does not end, and the console (if you have it configured to pop-up for JWS apps.) stays on-screen.
  2) If all the jokes are prefixed by '* ' I would recommend removing it from every line of the source file and either re-adding it at runtime, or (preferably) not adding it at all (since it is redundant).
  3) Reconfigure the app. into a loop, and offer the user a JOptionPane with "Another Joke"/"End" instead of "OK".
  4) You can always remove that debugging line I inserted in the code to show the path to the Jar - it was just intended as a 'sanity check' during testing.
  5) Why is it Java 1.6+? JOptionPane was introduced in Java 1.2 with the first Swing implementations, and the I/O is compatible with Java 1.1.
  >
  Thanks again!!!!>Thanks are best expressed (to me) in the notation of a helpful/correct answer (which you have done), and the assignation of (the remaining) dukes*. ;-)
  * After all - checks the title - we have gotten entirely around those 'security restrictions' in a sandboxed application. The reason being that File objects are rarely the correct choice, for applets or JWS apps.

• Ebay sign in page does not have padlock-states only partially encrypted..IE has padlock. Why is ebay's sign in page not secure in Firefox? FF Version 14.0.1

  When signing into ebay, the page starts to load with the green padlock, but when page is fully loaded there is no padlock. I can use Internet Explorer and so to the sign in page and it has the green padlock.
  Why in Firefox is this sign in page not secure? Thanks

  Firefox 18 will have this.
  It currently applies #identity-box[class="unknownIdentity mixedContent"] or #identity-box[class="unknownIdentity mixedActiveContent"], so that part is working, but the icon and UI (notification bar) hasn't been implemented yet.
  *resource:///chrome/browser/skin/classic/browser/
  (Bug 782654 - Implement Mixed Content Blocker UI)
  This code in userChrome.css works in Firefox 15 and later.
  <br />
  <pre><nowiki>@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"); /* only needed once */
  #urlbar[pageproxystate="valid"] > #identity-box.unknownIdentity.mixedContent #page-proxy-favicon,
  #urlbar[pageproxystate="valid"] > #identity-box.unknownIdentity.mixedActiveContent #page-proxy-favicon {
  list-style-image: url("chrome://browser/skin/Security-broken.png")!important;
  -moz-image-region: auto!important;
  #urlbar[pageproxystate="valid"] > #identity-box.unknownIdentity.mixedActiveContent {
  background-image: -moz-linear-gradient(hsl(1,90%,88%), hsl(3,80%,80%))!important;
  box-shadow: 0 1px 0 hsla(2,81%,16%,.05) inset!important;
  -moz-border-end-color: hsla(2,81%,16%,.2)!important;
  color: hsl(2,81%,16%)!important;
  </nowiki></pre>
  The customization files userChrome.css (interface) and userContent.css (websites) are located in the chrome folder in the user profile folder.
  *http://kb.mozillazine.org/Editing_configuration

• Security Restrictions disappear when webi is modified

  Hello,
  I have the following problem with Security restrictions.
  I have created a business security profile, and assign this profile to a user directly (I have tested the same assign the profile to a group and the problem occurs too).
  The business security profile is defined this way:
  1. At the first tap (Create query), I grant all the views of the business layer and all the objects.
  2. At the second tap (Data) all objects are granted.
  3. At the filter tap, I defined the row restrictions of the profile (3 conditions with and).
  4. I assign the business profile to the user.
  The steps to reproduce the problem are:
  1.  I create a webi (with an administrator user) that uses the universe that contains the business security profile
  2. The user that have the business security profile restrictions assign, open the webi refresh and show only his data.
      The SQL of the webi query shows the security restrictions (profile filters).
  3. I modify the report (for instance, I drag a dimension on it). Save the report.
  4. The user that have the business security profile restrictions, open the modified webi refresh and show all the data (as he was an administrator user).
      The SQL of the webi query does not show the security restrictions (filters). The restrictions desappear of the SQL.
  Please, could you help me?
  Thanks
  Pilar

  Enable the following auditing on the server either through domain
  policy or local policy:
  Audit logon events - Success
  Audit Object Access  - Success
  On the Auditing tab, add Everyone with the following audit settings.

• How to provide page-level security..

  HI,
  I have a requirnment that a single report having multiple pages is generated such that each or some of the pages have security tags that are compared to a security identifier list of a particular user that acts as a security clearance for that user. How to do this programatically.
  Through this comparison, a subset of pages from the report is formed which makes up a "report" from the user's point of view that contains only data the user is allowed to see. This allows multiple users to view only authorized portions of a single report having page-level security determined by level breaks in the data.How to do this also programatically.
  including both the task is one requirnment. if any one know how to do this using java program or xml, please reply as soon as possible.
  thanks in advance.

  How does you post have anything to do with SQLJ/JDBC? If this is an Oracle Report then post it to the Oracle Reports forum. Otherwise, look at the JDeveloper forum.

• Security restrictions on offline form

  In my application, I have a form with a submit button of control type 'regular'. It can be downloaded on local hard disk filled and saved. But for the same form, I changed the control type of submit button to 'submit' and ran the application again. Now when I download the form and fill it, I cant save any of the form data. I see that the security restrictions on the form now have changed. Any idea if I can set these security restrictions so that I can still save the form data?

  Marlon,
  We also have similar requirement. So we logged an SR with Oracle. We got response as
  =============================================================================================================================
  No but there is an enhancement request
  OER does not provide the ability to enforce assignment of specific asset tabs to specific users/roles. 
  True need to file enhancement request
  Oracle® Fusion Middleware Configuration Guide for Oracle Enterprise Repository
  11g Release 1 (11.1.1)
  Part Number E16580-04
  http://docs.oracle.com/cd/E14571_01/doc.1111/e16580/rbac.htm
  10309159 - TAB LEVEL SECURITY - AUTHORISATION
  Use Case
  If I give a user with Tester Role and a user with Lead Developer Role
  approval capability (ie. Tester Role should only approve "Testing" tab and
  Lead Developer Role should only approve "Technical" tab).  They should only
  be able to see the other tabs but not approve anything. e.g. the Lead
  developer should only approve the "Technical" tab.
  ================================================================================================================================