Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

pdf being opened in case of invalid password | livecycle server

Avatar

Level 1

Hi,

I am working on a project which requires pdfs to be password protected. I am securing these pdfs using livecycle server. Now, when authenticated cq user logs in then while opening pdf livecycle server asks for username and password but the pdf is being opened in case of invalid password as well.

We have following scenarios:

1) Invalid username -PDF not opening

2) Invalid password - PDF is being open

Please provide help

1 Accepted Solution

Avatar

Correct answer by
Level 8

I need more information, as mentioned above it would be helpful to know what you're doing to protect the document.  LiveCycle Rights Management prompts for a userid/password otherwise the server is not requesting a password it's the PDF viewer that challenges for a userid/password.  Are you using an Adobe Reader/Acrobat to view the document or is another product being utilized?  Rights Management will not allow any other application to view the document, using document based password protection is less secure and other applications may bypass that security.

View solution in original post

4 Replies

Avatar

Level 10

Are you using the LiveCycle ES Encryption service to encrypt the PDF with a password? Once you do so -- you should not be able to open the PDF and view it without specifying the correct password. 

Avatar

Correct answer by
Level 8

I need more information, as mentioned above it would be helpful to know what you're doing to protect the document.  LiveCycle Rights Management prompts for a userid/password otherwise the server is not requesting a password it's the PDF viewer that challenges for a userid/password.  Are you using an Adobe Reader/Acrobat to view the document or is another product being utilized?  Rights Management will not allow any other application to view the document, using document based password protection is less secure and other applications may bypass that security.

Avatar

Level 1

yes I am using PDF viewer. But, the password prompt is from LiveCycle when we choose to view PDFs in Adobe Reader. The prompt asks for user-id and password but opens PDFs in case of invalid password as well. I found out that it was because we are not saving users password in LiveCycle server. But, if we want to then should we create passwords for all users defined in CQ and then check against LiveCycle passwords or is there any way in which LiveCycle can check for password from CRX only as the user viewing the PDFs is an authenticated CQ user who has logged into the website. Whats the best approach? To have LiveCycle server to check password from CQ or storing it in LiveCycle server itself.

Avatar

Level 8

This is confusing to me, can you open one of the protected PDFs and go to File>Properties and click the security tab and let me know what it says beside Security Method?