newObjects Active Label Security settings

The Active Label security settings cannot be changed programmatically. This is intentional, if they were this would mean that any program would be able to change them and thus override them. The settings are accessible only through the Security property page in the general settings dialog (which can be shown by calling the VisiLabel.ShowProperties method).

The settings are kept into the registry:
Key: HKEY_LOCAL_MACHINE\Software\newObjects\ActiveLabel
Value(DWORD): SecurityLevel
Depending on the user's privileges the settings are saved in the HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER or in the HKEY_CURRENT_USER only. Thus the administrators are able to set security level for all the users. The value is checked in this order:
the ActiveX first checks the HKEY_CURRENT_USER, if the value is not there it is read from the HKEY_LOCAL_MACHINE. If the value is not found anywhere the Medium level is assumed (value 1).

The levels are 0 - Low, 1 - Medium, 2 - High

Effect of the security level:

Level Low (0): All the upload operations are silently permitted. Unattended printing (to the default printer) is also silently permitted.
Level Medium (1): All the upload operations to sites listed in the privileged sites are silently permitted. Uploads to other sites invoke a pop-up dialog asking the user for permission. The unattended printing attempts invoke pop-up dialog asking for permission as well.
Level High (2): All the upload operations to sites listed in the privileged sites are silently permitted. Upload attempts to other sites are silently forbidden - no indication is shown, wherever the methods/properties invoking them can return errors an error is returned. Unattended printing is also forbidden.

The privileged sites:

Remark: Below we use the term protocol to refer to any asynchronous pluggable protocol installed on the machine. You can read a short explanation about what this is in How to Download and Upload

Through this dialog the user can add list of sites to which upload is always permitted no matter the security level. To add a site you need to add only the beginning of the URL. For example by adding http://server/path/path1 you allow upload to any URL under this one - http://server/path/path1/path2/script.asp or http://server/path/path1/script2.asp etc. To add an entire site add its URL up to the server name for example It is also possible to add all the URL for a given protocol. 

The local protocols - i.e. the protocols that do not use network are always permitted and this do not need to be listed in the privileged sites list. For example you do not need to list alp://C:/myapp/script.asp in order to upload to it because ALP is local protocol that acts in HTTP like manner but only on the local machine. However, you should know that some custom local protocols that allow upload are not declared as such and you may need to list them or certain sites reached through them in order to work with them. This concerns only custom 3-d party protocols you may obtain only by explicitly installing certain software products from vendors other than us and Microsoft, as the documentation may not include a clear statement it is recommended to perform a test in order to determine if the protocol is declared as local. To do so change the security to medium and try to upload through the protocol, if a query permission dialog appears then the protocol is not declared as local.




newObjects Copyright 2001-2006 newObjects [ ]