How to display custom unprotected content in protected PDF files?

AndrewS1 14-08-2018

When a PDF document is protected with a security policy from LiveCycle ES or AEM Forms, it can only be opened by Adobe Reader. Here's what it looks like when you try to open it in another PDF viewer.

Microsoft Edge:


Firefox (internally uses PDF.js):


But I have seen secured PDF documents that in other viewers show customised content - e.g. instructions to download and install Adobe Reader. So there must be a way to add unprotected content to protected PDF files, which other PDF viewers will display. How can I do it?

Answers (8)

Answers (8)

AndrewS1 20-08-2018

DarrenBiz​ Thank you so much! I really cannot thank you enough!

In my code, I literally replaced a call to .protectDocument() with a call to .protectDocumentWithCoverPage(), and everything worked out of the box.

AndrewS1 22-08-2018

Thanks DarrenBiz, I do not know how I missed that method! Unless it was not there yet when I developed the External Authorizer, it was 3 years ago.

Unfortunately it did not work, calling the method did not change the error message in Adobe Reader. But at least now I have something to go to Adobe support with.

DarrenBiz 22-08-2018

I haven't actually used the functionality that you are describing, but I took a quick look at the ExternalAuthResultDTO API and it has a method public void setAccessDeniedErrorMessage(java.lang.String accessDeniedErrorMessage) [1] . This looks like it should customise the error message that is returned if the user doesn't get any permissions set.

The method says it sets the error message during the evaluate() method so if you override this method (as you are) I expect you can set your own message to be returned.

[1] ExternalAuthResultDTO (AEM forms on JEE Java API Reference)

AndrewS1 21-08-2018

DarrenBiz​ Maybe you could help me with something else please?

We use External Authorizer with AEM Forms, so as per documentation we implemented public class MyExternalAuthorizer implements ExternalAuthorizer { … }, which has a method @Override public ExternalAuthResultDTO evaluate(ExternalAuthDTO authDto) { … }. In the method, we create new instance of ExternalAuthResultDTO class and call .setPermissions() on it to apply permissions as needed if the user is allowed to view the document.

But if the user is not allowed to view the doc, we just return the instance of ExternalAuthResultDTO without setting any permissions. As a result, the user sees this in Adobe Reader:


Is there a way to customise this message?

AndrewS1 20-08-2018

Yes, but I think what I'm talking about is not metadata. That's what I'm trying to figure out - what is it? Have a look here: How to display custom content in protected PDF files? - Stack Overflow . I posted screenshots of such document when opened by Adobe Reader and by 3rd-party viewer.

AndrewS1 20-08-2018

Correct, none of 3rd-part viewers will show the document content. But apparently you can add some unprotected content that will be displayed by 3rd-party viewers. While Adobe Reader does not display it and instead asks you to log in to AEM Forms.


I am fairly certain, most 3rd party viewers do not support the security libraries required to view a policy protected document. You would need Acrobat Professional, Acrobat Reader, or Acrobat Reader mobile.There is supporting documentation here, on the architecture and clients supported at [1].

[1] Adobe Experience Manager Help | Document security offerings