When a PDF document is protected with a security policy from LiveCycle ES or AEM Forms, it can only be opened by Adobe Reader. Here's what it looks like when you try to open it in another PDF viewer.
Microsoft Edge:
Firefox (internally uses PDF.js):
But I have seen secured PDF documents that in other viewers show customised content - e.g. instructions to download and install Adobe Reader. So there must be a way to add unprotected content to protected PDF files, which other PDF viewers will display. How can I do it?
Solved! Go to Solution.
I think you are talking about adding a Cover Page to policy protected documents [1]
[1] AEM forms * Add cover page to policy protected documents
Views
Replies
Total Likes
I am fairly certain, most 3rd party viewers do not support the security libraries required to view a policy protected document. You would need Acrobat Professional, Acrobat Reader, or Acrobat Reader mobile.There is supporting documentation here, on the architecture and clients supported at [1].
[1] Adobe Experience Manager Help | Document security offerings
Views
Replies
Total Likes
Correct, none of 3rd-part viewers will show the document content. But apparently you can add some unprotected content that will be displayed by 3rd-party viewers. While Adobe Reader does not display it and instead asks you to log in to AEM Forms.
Views
Replies
Total Likes
I believe you can leave the document's metadata unencrypted. This is an option when protecting the document.
Views
Replies
Total Likes
Yes, but I think what I'm talking about is not metadata. That's what I'm trying to figure out - what is it? Have a look here: How to display custom content in protected PDF files? - Stack Overflow . I posted screenshots of such document when opened by Adobe Reader and by 3rd-party viewer.
Views
Replies
Total Likes
I think you are talking about adding a Cover Page to policy protected documents [1]
[1] AEM forms * Add cover page to policy protected documents
Views
Replies
Total Likes
DarrenBiz Thank you so much! I really cannot thank you enough!
In my code, I literally replaced a call to .protectDocument() with a call to .protectDocumentWithCoverPage(), and everything worked out of the box.
DarrenBiz Maybe you could help me with something else please?
We use External Authorizer with AEM Forms, so as per documentation we implemented public class MyExternalAuthorizer implements ExternalAuthorizer { … }, which has a method @Override public ExternalAuthResultDTO evaluate(ExternalAuthDTO authDto) { … }. In the method, we create new instance of ExternalAuthResultDTO class and call .setPermissions() on it to apply permissions as needed if the user is allowed to view the document.
But if the user is not allowed to view the doc, we just return the instance of ExternalAuthResultDTO without setting any permissions. As a result, the user sees this in Adobe Reader:
Is there a way to customise this message?
Views
Replies
Total Likes
I haven't actually used the functionality that you are describing, but I took a quick look at the ExternalAuthResultDTO API and it has a method public void setAccessDeniedErrorMessage(java.lang.String accessDeniedErrorMessage) [1] . This looks like it should customise the error message that is returned if the user doesn't get any permissions set.
The method says it sets the error message during the evaluate() method so if you override this method (as you are) I expect you can set your own message to be returned.
[1] ExternalAuthResultDTO (AEM forms on JEE Java API Reference)
Views
Replies
Total Likes
Thanks DarrenBiz, I do not know how I missed that method! Unless it was not there yet when I developed the External Authorizer, it was 3 years ago.
Unfortunately it did not work, calling the method did not change the error message in Adobe Reader. But at least now I have something to go to Adobe support with.
Views
Replies
Total Likes