Access control and Tracking with Javelin/Sitelok

Access control to secured documents can be provided via username/password entry. Users ("members of the service") can be pre-registered (manually or via file upload) and passwords issued by the publisher to their own customers, or users can be allowed to self-register, e.g. as guests or for specific services. After entering their username and password they would then have access to the document or documents for which access permission has been granted. A screenshot of the basic "SubAdmin" user management facility is shown below, with more details and screenshots provided further down this page.


Access to a specific document or documents for a specific user is controlled by:

  • providing the user with the specific URL for that document (directly or via a menu or via an iframe or page re-direction that has the link defined within it)
  • defining whether the document itself is set for PUBLIC access (no login required) or PRIVATE access (Login required). Private access is defined and controlled by what Group or Groups of registered users are permitted to access that particular document. The Group setting for a converted document can be specified as ALL (the pre-defined default), which allows access by any logged in user, or restricted to a specific named Group, e.g. TEST01, as in the screenshot above. This Group name must be specified for the document in question - this can be enabled manually (by our team) or automatically based on the publisher's registered details - selection of the Group or Groups associated with a document is made via the FILES menu (File Management) facility for logged in Corporate and Enterprise users. If the registered user is assigned as a member of Group TEST01 then they will be permitted to view that document, otherwise access will not be permitted
  • users can also be instantly enabled/disabled, and/or have date/time restrictions placed on them so that their access to any facilities automatically expires on a specified date

Groups are created by the overall System Administrator - in general this is carried out by our own team, depending on the service level you subscribe to. Each of your users can then be associated with the Group or Groups that you specify for them and as a result, will have access to all documents that are members of that Group.

The screenshots below show some of the Javelin/Sitelok web-based administration facilities for publishers who wish to manage their own user registrations for access control. This is a session-based security facility, with many selectable options. The screens show (i) the main Dashboard and function menus, with details of registered users - this is the full User Management Dashboard - the reduced version illustrated above is provided for Corporate and Enterprise subscribers as standard (the full version is only available for dedicated private Enterprise systems); (ii) the Add User facility, where users can be manually registered one at a time, plus a screenshot of the Import Users facility. Importing of username/password lists and other user-related data is supported for fast loading of large userlists and is available as a bespoke service and for dedicated Enterprise services; and (iii) a screen showing some of the log file details that are collected - log data can be viewed and exported for separate analysis. More details about Javelin/Sitelok are available on request.

The small icons to the left of each user entry in the screenshot below allow the following functions: Edit user, Email user, Delete user, and view user recent activity - as illustrated at the top of this page:


The user management system includes features for self-registration by end users ("members"), amendment of user profiles by end users, guest access and more. These can be made available within the "members" area of the service to meet bespoke requirements as part of a broader project requirement.

The default service arrangement permits multiple logins on the same username/password, with all logins events tracked. Unique (non-concurrent) service access can be provided via our managed service,, using a dedicated user management database and console. Note that the concept of concurrent and non-concurrent logins is far from straightforward in a web-based application environment, as in almost all cases users do not log out of a service they simply exit the browser or current tab, or just leave themselves logged in. The Javelin/Sitelok system with non-concurrent logins works in a similar manner to banking systems and if a second valid login is made, e.g. on a separate device, the first login event is automatically logged out.