Introduction

The Security Manager Object

How it works

Testing for a valid license

License Expiry

Deploying a license revision

About the .MLF License File

How it works

When used for server side/remote printing, the license is pre-installed and when used with an application the license is always processed without any intervention from the user.

MeadCo's Security Manager works like this when utilised within a browser:

Internet Explorer

MeadCo's Security Manager component is installed on the user's machine as part of the ScriptX installation process.

The Security Manager add-on is embedded into a page of web content by the page author. It references the MeadCo publishing license which has been issued to the publisher of the document, and which is located on the publisher's web server.

<!-- MeadCo Security Manager -->
<object id="secmgr" style="display:none"
 classid="clsid:5445be81-b796-11d2-b931-002018654e2e"
 codebase="http:// [your path here]/smsx.cab#Version=8,3,0,4
">
 <param name="GUID" value="{YOUR_LICENSE_GUID}" />
 <param name="Path" value=http://[your path here]/sxlic.mlf />
 <param name="Revision" value="[YOUR_LICENSE_REVISION]" />
 <param name="PerUser" value="true" />
</object>

ScriptXtra

MeadCo's Security Manager component is included in the NPAPI compatible browser plugin. The plugin is authored on a document with the <embed /> tag and attributes of that tag reference the MeadCo publishing license which has been issued to the publisher of the document, and which is located on the publisher's web server:

<embed width="100%" height="100%"
  type="application/x-meadco-scriptxtra-ax"
  href="http://mywebapp/login.aspx" 
  LicenseGUID="{YOUR_LICENSE_GUID}"
  LicensePath="http://[your path here]/sxlic.mlf"
  LicenseRevision="[YOUR_LICENSE_REVISION]"
  LicensePerUser="true"
 />

License Processing

The first time a user accesses a document that uses a particular license, as uniquely identified by its GUID, Security Manager 'looks' for (downloads) a valid .MLF publishing license file and checks these three parameters:

  • Is the root URL from on or under which the content is being served identical to one whose address is bound into the license?
  • Is the license current, or has it expired?
  • Has the license been properly signed with a valid signing certificate? (Confirmation that the license file itself is original and intact, as issued).

If Security Manager can confirm all three checks, then the license containing details of the publisher and the publisher's domain(s) -- together with the control(s) and other functions it may verify -- is presented to the user for acceptance.

Accept License

Naturally it is for the user to chose whether or not to trust the publisher and agree or decline to accept the licensed content (except in the special 'silent' case of corporate intranet content) ... but such comprehensive validation by Security Manager has been proved to make acceptance much more likely.

Once accepted by the user, the license is stored locally and the license file is not downloaded again until the license needs to be updated due to some reason such as expiry or change in permissions.

If Security Manager cannot find a valid publishing license, or if any of the three security requirements are not met, then the user is informed accordingly and any functionality requiring a license will not work. For example, the following dialog is displayed when a license has expired:

Expired License

MeadCo's user-centric publishing licenses have proved to be 100% functional and secure over ten+ years of wide-scale corporate deployment.

License revisions

A license may be revised for a number of reasons, for example, it has been renewed or new licensed URLs added, or the license URLs changed.

Whenever a license is revised, its revision number is incremented. The revision number is included as a parameter to the Security Manager component and will force the download of the revised license.

The unique indentifier for a license (its GUID) is never changed so, if a user has already accepted a license that has been revised then the (downloaded) license will not be displayed again for them to accept. The revised license will be cached in the registry automatically. Please note that if a license is removed from the machine and then referenced, the user will be asked to accept it.

Silent installation of a license

The silent license installation option minimises support calls by auto-installing licenses within the enterprise, without the need for the user to become involved; there is no prompt to accept the license.

The silent license installation option is a cost option and should be chosen when you order a license.