A master password (also called an owner password or
permissions password) controls the ability to change the permissions on a document. When you specify a master password, you can specify permissions that restrict the operations users can perform, such as the ability to print a document, make changes to its content, and extract contents.
An open password (also called a user password or
document open password) controls the ability to open a document. If this password is set for a document, a user is required to provide the password in order to open the document:
In DDX, you specify password encryption for a document by setting the encryption attribute of the
PDF result element. The value of this attribute must match the
name attribute of a
PasswordEncryptionProfile element, which provides the encryption information.
In this example, the PasswordEncryptionProfile element whose
name attribute is "userProtect" specifies an open password that is used to encrypt the
PDF result document doc2.
<PDF result="doc2" encryption="userProtect">
<PDF source="doc"/>
</PDF>
<PasswordEncryptionProfile name="userProtect">
<OpenPassword>opensesame</OpenPassword>
</PasswordEncryptionProfile>
If you specify None for the
encryption attribute of the
PDF result element, the document is not encrypted, regardless of whether or not the base source document was encrypted. If you do not specify a value for
encryption, the result will be encrypted with the same settings as the base document, as long as you did not specify a full save for the document (see
Saving PDF documents).
A PasswordEncryptionProfile element must be at the root of the DDX document; that is, it must be a child of the
DDX element. A DDX document can contain any number of
PasswordEncryptionProfile elements. More than one
PDF result element can refer to the same
PasswordEncryptionProfile element.
The PasswordEncryptionProfile element has two additional attributes that you may want to set:
|
•
|
compatibilityLevel specifies backward compatibility with previous PDF versions. A value of Acrobat3 uses 40-bit RC4 encryption. Acrobat5 and later use 128-bit RC4 encryption. Acrobat6 allows metadata to be unencrypted in an encrypted document and Acrobat7 allows file attachments only to be encrypted (see encryptionLevel below).
|
|
•
|
encryptionLevel allows you to do selective encryption on the document and depends on the value of compatibilityLevel. The default value, All, means that the entire document is encrypted. NotMetadata means that the document metadata remains unencrypted while the rest of the document is encrypted. OnlyFileAttachments means that the file attachments are encrypted while the rest of the document is unencrypted.
|
You specify the permission settings associated with the document by using the Permissions element. Its child element
MasterPassword specifies the master password. The attributes
copy,
edit,
print, and
screenReading specify different categories of permissions and are available only when
compatibilityLevel is
Acrobat5 or greater. (See
Permissions.)
The following example specifies both an open and master password. The permissions indicate that the document cannot be printed and copying of content is not allowed, but users can fill in forms and add comments and digital signatures.
<PDF result="doc" encryption="limit">
<PDF source="doc1"/>
</PDF>
<PasswordEncryptionProfile name="limit"
<OpenPassword>opensesame</OpenPassword>
<Permissions print="No" edit="CommentsFormFillinSign" copy="No">
<MasterPassword>docmaster</MasterPassword>
</Permissions>
</PasswordEncryptionProfile>
<PDF result="doc2.pdf" encryption="limit">
<PDF source="doc1.pdf">
</PDF>
<PasswordEncryptionProfile name="limit" compatibilityLevel="Acrobat6"
encryptionLevel="NotMetadata">
<Permissions print="No" edit="CommentsFormFillinSign" copy="No">
< MasterPassword>letmein</MasterPassword>
</Permissions>
</PasswordEncryptionProfile>
