Although Apryse SDK offers an extension mechanism through which users can register custom security handlers, it also provides a standard security handler.
This built-in security handler is the Standard Security Handler (StdSecurityHandler). The Standard Security Handler supports two passwords:
A user password that permits a user to open and read a protected document only with whatever permissions the owner chose.
An owner password can grant a document owner free reign over what permissions are granted to users.
An application can also create its own implementation of SecurityHandler. For example, a custom SecurityHandler could perform user authorization requiring the presence of a hardware dongle or even feedback from a biometric system.
A Security Handler is used when:
A document is opened. The security handler must determine whether a user is authorized to open the file. It must also set up the RC4 decryption key used to decrypt the file.
A document is saved. The security handler must set up the RC4 encryption key and write security information into the PDF file's encryption dictionary.
A user tries to change a document's security settings. Note that the Standard Security Handler in Apryse SDK does not enforce a document's permissions. For example, it is possible to edit a document although document modification permission is not granted. Therefore, it is up to the application to respect PDF permissions.
The number of security handlers associated with a document change over time. When the document is first opened it isn't associated with any security handlers. When InitSecurityHandler (or InitStdSecurityHandler) is called on the document, that security handler is associated with the document. And when SetSecurityHandler is called on a document, that security handler is also associated with the document—albeit in a pending state until the document is saved. Until the document is saved with the new security handler, the old security handler rules the document's security.
Custom security
Besides providing full support for standard PDF security, Apryse SDK allows users to work with custom security handlers and proprietary encryption algorithms. For most use cases where the extra security of custom encryption is desired, it is recommended to use the Apryse Custom Security Handler . However, it is also possible to create a user-defined custom security handler by deriving a class from SecurityHandler and implementing its interface.