Skip to main content

Password Protection

  • 4 minutes to read

The PDF Viewer control has built-in support for password-protected PDF document files encrypted with the RC4 or AES algorithm. The OpenDocument end-user command or a LoadFromFile procedure call invokes the “Enter Password“ dialog to prompt a user to enter a password required to open a protected document.

The control loads the document if the specified password is correct. Otherwise, the “Enter Password” dialog appears again, up to the allowed number of attempts. An exception occurs once the last attempt fails.

Note that a user can execute the OpenDocument command again to load the same file after the last failed attempt. You can set the PDF Viewer control’s PasswordAttemptsLimit property to 0 to remove the restriction on the number of attempts.

If you need to load a password-protected PDF document without end-user interaction, handle the PDF Viewer’s OnGetPassword event and assign the required password to the Password parameter in an event handler:

function TMyForm.dxPDFDocumentGetPassword(Sender: TObject; var Password: string): Boolean;
begin
  Password := '123';  // Specifies the password required to open a file
  Result := True;  // Confirms the protected PDF document load operation
end;

How to Protect a Document with a Password

You can protect a PDF document with a user and owner password. The user password prevents unauthorized access to a document and imposes restrictions on various actions. The optional owner password allows a user to work with a document without limitations.

To encrypt a document and enforce password protection, assign a password to a PDF document container’s SecurityOptions.UserPassword property and set the SecurityOptions.Enabled property to True. A subsequent SaveToFile or SaveToStream procedure call protects the saved document.

var
  ADocument: TdxPDFDocument;
  ADataPath: string;
begin
  ADataPath := TPath.GetDirectoryName(Application.ExeName) + '\Data\';
  ADocument := TdxPDFDocument.Create;  // Creates a PDF document container
  try
    ADocument.LoadFromFile(ADataPath + 'source.pdf');  // Loads a source PDF file
    ADocument.SecurityOptions.Enabled := True;  // Enables document encryption
    ADocument.SecurityOptions.Algorithm := eatRC128Bit;  // Selects the Rivest Cipher 4 encryption algorithm with a 128-bit key
    ADocument.SecurityOptions.Permissions := ADocument.SecurityOptions.Permissions - [pdpAllowPrint, pdpAllowPrintHighResolution, pdpAllowCopyContent, pdpAllowExtractContent];  // Removes all content print and copy permission flags
    ADocument.SecurityOptions.OwnerPassword := 'owner';  // Sets the owner access password
    ADocument.SecurityOptions.UserPassword := 'user';  // Sets the user access password
    ADocument.SaveToFile(ADataPath +'protected.pdf', True);  // Saves the protected document to a different file
  finally
    ADocument.Free;  // Releases the document container to free up reserved memory
end;

Limitations

The current implementations of the PDF Document container’s SaveToFile and SaveToStream procedures cannot use the Advanced Encryption Standard (AES) algorithm and raises an exception if the SecurityOptions.Algorithm property is set to eatAES and the SecurityOptions.Enabled property is set to True. Note that all document load methods can open documents encrypted with the AES algorithm.

See Also