Working with the Viewer > Customizing the Viewer > Configuration Options > Enabling Content Encryption |
This topic contains the following information:
The goal of content encryption is to provide an obscured transfer of data from the PCC Services to the client website, preventing unauthorized agents to discern the content being transmitted. Additional security can be enabled by configuring the client and server to communicate over the Secured Socket Layer (SSL), https protocol, rather than standard non-secure http protocol. In cases where this is not viable or enough protection, the content encryption adds a strong measure of privacy to the document content. When content encryption is enabled, the web data images and document text strings sent to the client will be encrypted and then decrypted by the Viewer.
This feature is not supported in IE8. |
Content encryption must be enabled in the Prizm Responsive Viewer and in the Prizm Services; it is disabled by default. Enabling content encryption in the viewer is straightforward and performed by an option passed to the viewer constructor or jQuery plugin. This process is documented below.
There are two options for enabling content encryption on the server:
These options are both documented below.
For the security conscious, toggling content encryption per viewing session is not permitted in the out of box product configuration. It must be explicitly allowed via the ServiceHost pcc.config file. |
Finally, it’s important to note it must be enabled or disabled on both the client and server, or unexpected behavior will occur. If encryption is enabled on the server but not for the viewer, then the content will not be rendered correctly. If encryption is enabled for the viewer but not on the server, then the content will not be encrypted during transit, however, it will be rendered correctly in the viewer.
In summary:
To enable Content Encryption follow the steps below:
Encrypted Transmission: Copy Code<!-- Indicates whether to encrypt pages which are sent to the client. --> <EncryptPageContent>true</EncryptPageContent>
Encrypted Transmission Copy Code < ViewingSessionPropertyPageContentEncryption>any</ ViewingSessionPropertyPageContentEncryption>
Example Copy Code viewingSessionProperties.pageContentEncryption = "enabled"; .... // Serialize document properties as JSON which will go into the body of the request string requestBody = serializer.Serialize(viewingSessionProperties); requestStream.Write(requestBody);
To enable encryption in the Viewer, provide encryption option in the viewerControlOptions parameter as follows so that the client can handle encrypted data:
Example |
Copy Code
|
---|---|
var viewerControlOptions = {documentIdentifier: ‘xxxx... ‘ imageHandler:’pcc.ashx’, . . . encryption : true }; $("#mydiv").pccViewer(viewerControlOptions); // returns PCCViewer.ResponsiveViewer instance with encryption enabled. |
Enabling the encryption will not work without setting the configuration parameter as described above. Also, if the Prizm Services configuration setting is either not set or the Prizm Services is not restarted, the data will arrive unencrypted. |
Refer to these topics for additional information:
To disable Content Encryption in the Prizm Services, follow the steps below:
Unencrypted Transmission: Copy Code<!-- Indicates whether to encrypt pages which are sent to the client. --> <EncryptPageContent>false</EncryptPageContent>
To disable encryption in the Viewer, use the Viewer's default behavior without providing the encryption option. By default, the Viewer sets the encryption value to 'false'. Should you wish to use the encryption in the viewerControlOptions parameter, set the encryption option to false as shown below:
Example |
Copy Code
|
---|---|
var viewerControlOptions = {documentIdentifier: ‘xxxx... ‘ imageHandler:’pcc.ashx’, . . . encryption : false }; |
Enabling/disabling the encryption will not work without appropriately setting the Prizm Services configuration. |