[Html2PdfConverter] PDF password protection?

[Html2PdfConverter] PDF password protection?

  
Forge Component
(48)
Published on 20 Mar by Guilherme Pereira
48 votes
Published on 20 Mar by Guilherme Pereira

Hi, is it possible to password-protect the generated PDF?

I have use case for bank email statement generation, nowadays it's a standard practice to password protect the emailed statement.

Thanks.

Solution

Hi Harlin,


It is not possible because wkhtmltopdf (the underlying library) does not support it. You could potentially do that extending the component to execute qpdf but you’d have to implement that functionality from scratch.


Hope it helps,

Guilherme



Solution

Harlin Setiadarma wrote:

Hi, is it possible to password-protect the generated PDF?

I have use case for bank email statement generation, nowadays it's a standard practice to password protect the emailed statement.

Thanks.

As Guilherme Pereira stated, you can't secure it directly. I had the same need so what I did was secure it myself by creating a token and passing it in:

1) When user requests a PDF, before sending them to the PDF page, generate a GUID and save in a table for this user.

2) Pass the GUID to the PDF page

3) In the preparation on the PDF page, check and validate the GUID. If invalid, redirect to the login page

4) For even more security, add a datestamp to the GUID token and when validating check that it is only say 30 seconds old

This worked for me.


Guilherme Pereira wrote:

Hi Harlin,


It is not possible because wkhtmltopdf (the underlying library) does not support it. You could potentially do that extending the component to execute qpdf but you’d have to implement that functionality from scratch.


Hope it helps,

Guilherme



Thanks, I will look into qpdf.

Any tips how to execute .exe file on host (Platform Server)?


Bruce Buttles wrote:

Harlin Setiadarma wrote:

Hi, is it possible to password-protect the generated PDF?

I have use case for bank email statement generation, nowadays it's a standard practice to password protect the emailed statement.

Thanks.

As Guilherme Pereira stated, you can't secure it directly. I had the same need so what I did was secure it myself by creating a token and passing it in:

1) When user requests a PDF, before sending them to the PDF page, generate a GUID and save in a table for this user.

2) Pass the GUID to the PDF page

3) In the preparation on the PDF page, check and validate the GUID. If invalid, redirect to the login page

4) For even more security, add a datestamp to the GUID token and when validating check that it is only say 30 seconds old

This worked for me.


Thanks, but I want to secure pdf sent via email, not an online pdf.

Harlin Setiadarma wrote:

Guilherme Pereira wrote:

Hi Harlin,


It is not possible because wkhtmltopdf (the underlying library) does not support it. You could potentially do that extending the component to execute qpdf but you’d have to implement that functionality from scratch.


Hope it helps,

Guilherme



Thanks, I will look into qpdf.

Any tips how to execute .exe file on host (Platform Server)?


You can analyze htmltopdf componente and the included extension module because it works by running an executable.


Cheers,

Guilherme