简体繁体 English

如何使用用户名和密码保护PDF？

[英]How to protect a PDF with a username and password?

原文 2014-05-01 06:18:17 8 1 php/ pdf/ password-protection/ copy-protection

I think this is a bit complicated and probably impossible, but it would be helpful to know if there is any way to do it... 我认为这有点复杂并且可能是不可能的，但是了解是否有任何方法可以这样做……

Let's say I have a private teaching forum, where each user (paid account) has a username and an encrypted password, and there's a DOWNLOAD section where pdf files can be downloaded by users only. 假设我有一个私人教学论坛，其中每个用户（付费帐户）都有一个用户名和一个加密密码，还有一个“下载”部分，其中pdf文件只能由用户下载。

Here's the question: When the file is downloaded, it will be protected by username and password/ password only that match with the username and password of the user himself... in other words, the password is taken from the user's account and added to the pdf file, then a download link is generated for that file. 问题是：下载文件时，该文件将仅受与用户本人的用户名和密码匹配的用户名和密码/密码保护...换句话说，该密码是从用户帐户中获取并添加到pdf文件，然后为该文件生成下载链接。

This way, copying the pdf file to others would force the "copier" to give out his username and password... 这样，将pdf文件复制给其他人将迫使“复印机”提供他的用户名和密码...

EDIT : the password is for OPENING the file not editing or printing it, I want users to be able to highlight the text and add their own notes 编辑：密码用于打开文件而不是编辑或打印文件，我希望用户能够突出显示文本并添加自己的注释

1 个解决方案

You can't achieve what you want with PDF. 使用PDF无法实现所需的功能。

There are two ways to encrypt a PDF document: 有两种方法来加密PDF文档：

Using passwords. 使用密码。 You can define two passwords: a user password and an owner password. 您可以定义两个密码： 用户密码和所有者密码。 A document that is encrypted with an owner password can be opened by every one who receives the document. 每位收到文档的人都可以打开使用所有者密码加密的文档。 The owner password is there to define permissions (for instance: the document can be viewed, but not printed). 所有者密码可用于定义权限（例如：可以查看但不能打印文档）。 Removing the restrictions without knowing the owner password is fairly easy. 在不知道所有者密码的情况下删除限制非常容易。 It used to be illegal when Adobe still owned the copyright on the PDF reference, but since PDF is now an ISO standard, it's not entirely clear if applying the spec to remove the owner password is allowed. 当Adobe仍然拥有PDF参考文献上的版权时，它曾经是非法的，但是由于PDF现在是ISO标准，因此尚不清楚是否允许应用规范删除所有者密码。 If a document is encrypted using a user password, everybody who knows the user password can open the file. 如果使用用户密码对文档进行加密，则知道用户密码的所有人都可以打开该文件。 There is no username, only a user password. 没有用户名，只有用户密码。
Using certificates. 使用证书。 You could ask your users to create a public/private key pair. 您可以要求您的用户创建一个公钥/私钥对。 You could then ask them to keep their private key private and ask them to give you their public key. 然后，您可以要求他们将私钥保持私密，并要求他们给您公钥。 When you encrypt your PDF using their public certificate, you can then encrypt the document with their public key. 当使用他们的公共证书加密PDF时，您可以使用他们的公共密钥加密文档。 From that moment on, only the owner of the corresponding private key can read the document. 从那时起，只有相应私钥的所有者才能阅读文档。 However: the owner of the corresponding private key can also decrypt the document so that it can be shared. 但是：相应私钥的所有者也可以解密文档，以便可以共享它。

Neither of both cases serve your purpose (read ISO-32000-1 for the full details). 两种情况都不符合您的目的（有关详细信息，请阅读ISO-32000-1）。 The only alternative is to buy an expensive DRM solution. 唯一的选择是购买昂贵的DRM解决方案。