A very very determined user can also find a way to intercept the stream going to the applet in the browser and make a copy of it, so the stream would need to be encrypted, however since the applet needs to decode it, it will need to have the key, which imples that a very^3 user could decompile the applet and pull it out.
So I agree with Peter, basically by sending the document to thier computer you are giving them the document. This problem is better solved with wetware policy. If you don't trust them, don't give them the documents. Computers and the Internet are NOT there to give you additional control over people (despite Micro$oft$ EULA). In fact to my thinking the opposite is true. They are there to give all people more power and freedom. > -----Original Message----- > From: Peter Dolukhanov [SMTP:[EMAIL PROTECTED]] > Sent: 01 November 2002 11:40 > To: [EMAIL PROTECTED] > Subject: Re: Document Security > > I think that this is almost an impossible task. The only near > conceivable way, is perhaps by containing the information within a Java > Applet on your page. This would require a Java PDF reader, which would > then access the file from an undisclosed location, without any options > to save or print. But a very determined user could take screen shots and > print those out. So, you can try to control access in a very round-about > way, but I don't think you can ever fully prevent unwanted access. > > Regards, > Peter Dolukhanov > > -----Original Message----- > From: A mailing list about Java Server Pages specification and reference > [mailto:JSP-INTEREST@;JAVA.SUN.COM] On Behalf Of Vibha Jindal > Sent: 01 November 2002 05:20 > To: [EMAIL PROTECTED] > Subject: Document Security > > Hi, > > This is off-topic, but I would appreciate if someone can guide me... > > I have certain documents, say pdf, on the server, and I want to allow > certain users to access my documents and view them... > The user should not be able to save, print etc. the document. > Also, he should not be able to use/manipulate the temporary file that is > created. > > Can someone please guide me? > > Thanks & Regards, > Vibha > > ======================================================================== > === > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff > JSP-INTEREST". > For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST > DIGEST". > Some relevant FAQs on JSP/Servlets can be found at: > > http://archives.java.sun.com/jsp-interest.html > http://java.sun.com/products/jsp/faq.html > http://www.esperanto.org.nz/jsp/jspfaq.jsp > http://www.jguru.com/faq/index.jsp > http://www.jspinsider.com > > ========================================================================== > = > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff > JSP-INTEREST". > For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST > DIGEST". > Some relevant FAQs on JSP/Servlets can be found at: > > http://archives.java.sun.com/jsp-interest.html > http://java.sun.com/products/jsp/faq.html > http://www.esperanto.org.nz/jsp/jspfaq.jsp > http://www.jguru.com/faq/index.jsp > http://www.jspinsider.com -- It is the strict policy of Truworths that its e-mail facility and all e-mail communications emanating therefrom, should be utilised for business purposes only and should conform to high professional and business standards. Truworths has stipulated certain regulations in terms whereof strict guidelines relating to the use and content of e-mail communications are laid down. The use of the Truworths e-mail facility is not permitted for the distribution of chain letters or offensive mail of any nature whatsoever. Truworths hereby distances itself from and accepts no liability in respect of the unauthorised use of its e-mail facility or the sending of e-mail communications for other than strictly business purposes. Truworths furthermore disclaims liability for any unauthorised instruction for which permission was not granted. Truworths Limited accepts no liability for any consequences arising from or as a result of reliance on this message unless it is in respect of bona fide Truworths business for which proper authorisation has been granted. Any recipient of an unacceptable communication, a chain letter or offensive material of any nature is requested to notify the Truworths e-mail administrator ([EMAIL PROTECTED]) immediately in order that appropriate action can be taken against the individual concerned. =========================================================================== To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
