Access control and Tracking with Javelin/Sitelok
Access control to secured documents can be provided via username/password entry. Users ("members of the service") can be pre-registered (manually or via file upload) and passwords issued by the publisher to their own customers, or users can be allowed to self-register, e.g. as guests or for specific services. After entering their username and password they would then have access to the document or documents for which access permission has been granted. Login access can be automated and managed via a hidden link or iframe on your own site, if this is a a preferred option, thereby hiding the link and/or the login details from the end user
A screenshot of the basic "SubAdmin" user management facility is shown below, with more details and screenshots provided further down this page.
Access to a specific document or documents for a specific user is controlled by:
- providing the user with the specific URL for that document (directly or via a menu or via an iframe or page re-direction that has the link defined within it)
- defining whether the document itself is set for PUBLIC access (no login required) or PRIVATE access (Login required). Private access is defined and controlled by what Group or Groups of registered users are permitted to access that particular document. The Group setting for a converted document can be specified as ALL (the pre-defined default), which allows access by any logged in user, or restricted to a specific named Group, e.g. TEST01, as in the screenshot above. This Group name must be specified for the document in question - this can be enabled manually (by our team) or automatically based on the publisher's registered details - selection of the Group or Groups associated with a document is made via the FILES menu (File Management) facility for logged in Corporate and Enterprise users. If the registered user is assigned as a member of Group TEST01 then they will be permitted to view that document, otherwise access will not be permitted. See further the "Scenario" provided at the bottom of this page
- users can also be instantly enabled/disabled, and/or have date/time restrictions placed on their user group membership so that their access to documents assigned to those particular user groups automatically expires on a specified date
Groups are created by the overall System Administrator - in general this is carried out by our own team, depending on the service level you subscribe to. Each of your users can then be associated with the Group or Groups that you specify for them and as a result, will potentially have access to all documents that are members of that Group.
The screenshots below show some of the Javelin/Sitelok web-based administration facilities for publishers who wish to manage their own user registrations for access control. This is a session-based security facility, with many selectable options. The screens show (i) the main Dashboard and function menus, with details of registered users - this is the full User Management Dashboard - the reduced version illustrated above is provided for Corporate and Enterprise subscribers as standard (the full version is only available for dedicated private Enterprise systems); (ii) the Add User facility, where users can be manually registered one at a time, plus a screenshot of the Import Users facility. Importing of username/password lists and other user-related data is supported for fast loading of large userlists and is available as a bespoke service and for dedicated Enterprise services; and (iii) a screen showing some of the log file details that are collected - log data can be viewed and exported for separate analysis. More details about Javelin/Sitelok are available on request. The User Management section of the Javelin/Sitelok manual is available here - note that many advanced features of the user management software are only available for bespoke/managed service projects, typically handled via our WEBDOXX service. The facilities provided on our automated PDF2HTML5 service are a subset of those described in this extracted section of the manual. IMPORTANT: When adding a new user you must assign them membership of at least one of the usergroups that have been assigned to you in order for you to be able to edit and manage that user in the future. Ask us for assistance if you have an problems in setting up users and the associated usergroup membership.
The small icons to the left of each user entry in the screenshot below allow the following functions: Edit user, Email user, Delete user, and view user recent activity - as illustrated at the top of this page:
|The minimum requirement for importing from a text/csv file is: name,username,email (use these as a header row to map the file to the correct fields) - other fields, such as the password, enabled status and user group membership can be specified to be automatically created as part of the import process
The user management system includes features for self-registration by end users ("members"), amendment of user profiles by end users, guest access and more. These can be made available within the "members" area of the service to meet bespoke requirements as part of a broader project requirement.
This scenario shows how you can use the service to offer a subscription service to your own customers and control their access. This is just one scenario and others may be more appropriate depending on the way in which you decide to manage your target customers and the various documents you wish to make available on a subscription payment basis:
- A company called ABC Inc with 100 branches subscribes to your publication(s) service on March 1st 2019. The subscription is for 12 months. You register a single new user, abcuser, with a concurrency count of 100 devices and membership of your usergroup "ABC". You specify that their membership of the ABC usergroup is set to expire on 28th Feb 2020
- you upload the 2019 manual and set the user group for this publication to ABC via the FILE menu (file management facility)
- you provide ABC Inc with the link to your publication and the username and password for their organization (this could be more than one username/password of course, e.g. one for head office with 10 devices permitted, plus another for their 100 branches with perhaps 120 devices permitted - to allow for device changes in the branches). Note that the link could be provided via email or via your own website (and could be "hidden" on your site, with or without auto-login to the service, or even embedded on your site via an iframe).
- ABC Inc and their branch network use the service and all is fine, but then you issue the 2020 manual in January 2020. As with the 2019 manual you upload it, use the FILES menu to set the usergroup to ABC and let all your clients (including ABC Inc) know that a new version of the manual is available and provide them with the new links. ABC Inc is just one of these clients and they let their users/branches know the new link (or this is handled automatically via your own website links/iframe setup), and continue as before
- ABC Inc fail to pay for the next year's subscription and think they can continue using the service, but from 1st March 2019 they will not be able to because their usergroup membership has expired.
- Another subscriber, DEF Inc, say, has done exactly the same but subscribed in Jan 2019, does pay for the 2020 subscription so you change their group expiry date to 1st Feb 2021 and their users will be able to access the 2019 and 2020 manuals throughout the period to the end of their 2019/20 subscription
- ABC Inc relent and pay up - you amend their subscription expiry date and their access springs into life again for all their users and both versions of the manual
- In addition to the above, you can simply enable/disable any user at any time, for example if you detect misuse of the service or non-payment of a monthly subscription within a year' subscription window
Sessions and logins/logouts
The PDF2HTML5 service uses session IDs to identify logged in users. Whilst a browser is open and the user remains logged in, they can access the document or documents for which access has been enabled without repeatedly having to login for each document or after closing and opening tabs, UNLESS either they explicitly logout via a logout button, or a logout is forced upon them as a result of a timeout or programmatically generated logout event. A timeout occurs if there is no activity for 1200 seconds (20 minutes) or the web server overall session time is reached. With services hosted on our managed services via the webdoxx server these settings can be amended if required. It is also possibly to remotely force the current session to end as a programmatically generated logout event by accessing the service logout php function. Ask us for details if you think you need to use this facility.