You can create external authorization handlers for the Rights Management service. External authorization handlers provide centralized access control for documents in your organization. The Rights Management service controls access to policy-protected documents by performing a policy evaluation when determining whether a user can access a policy-protected document. For example, the Rights Management service decides whether a user can print a policy-protected document.By creating an external authorization handler, you can use an access control mechanism that your content management system uses, in addition to the standard policy evaluation process. As a result, document access can be controlled by the same control mechanism that your content management system uses. For example, when the Rights Management service determines whether a user can print a policy-protected document, it uses the standard policy evaluation process and the access control mechanism that your content management system uses.As part of the policy evaluation process, the Rights Management service requires the identifier value of both the principal that is requesting access to the policy-protected document and the policy-protected document. After the Rights Management service receives these values, it generates a set of permissions. When an external authorization handler is registered with the Rights Management service, it passes the set of permissions to the external authorization handler. The external authorization handler can then add permissions to or remove permissions from the set of permissions.After an external authorization handler removes or adds permissions, it returns the set of permissions and an optional expiration date to the Rights Management service. The Rights Management service then creates a voucher that specifies the permissions that control access to a policy-protected document. If the voucher contains an expiration date, then the voucher is returned to the client, where it is stored and used. If the voucher located on the client has expired, the Rights Management service generates the appropriate permissions that control access to the policy-protected document.Although it is possible to completely replace the Rights Management service policy evaluation process with an external authorization handler, it is recommended that you use an external authorization handler in conjunction with the policy evaluation process.After you deploy a component to LiveCycle ES, you can use it to create a process using Workbench ES or you can invoke the component’s service using an invocation method. For example, you can invoke the service using the Java API. (See Introducing Invocation.)Note: An External Authorization Handler is a LiveCycle ES component. Before you create an External Authorization Handler, it is recommended that you become familiar with creating components. (See Creating Your First Component.)This section creates a Java class that corresponds to the PrintServiceSPISample.java file that can be located in the [install directory]\Adobe\LiveCycle8\LiveCycle_ES_SDK\samples\RightsManagement\ExternalAuthorization\Java\PrintOnce folder, where [install directory] is the LiveCycle ES installation location. As you are reading through this section, it is recommended that you also refer to this JAVA file.
| Programming with LiveCycle ES (LiveDocs) |
| Adobe LiveCycle ES Update 1 |
Send me an e-mail when comments are added to this page | Comment Report
Current page: http://livedocs.adobe.com/livecycle/8.2/programLC/programmer/help/000910.html