How it works

When used for ScriptX.Services On Premise or ScriptX Server, the license is installed on the server device and when used with an application the license is always processed without any intervention from the user.

When utilised within a browser, MeadCo's Security Manager works like this

  1. Development
    • Reference Security Manager on the HTML page.
    • Provide the detail of the MeadCo publishing license: where it can be downloaded from, its GUID and revision.
  2. Run-time

    The license file is downloaded, verified and code on the HTML Page can enquire on claims provided by the license.

Development

ScriptX.Add-on

MeadCo's Security Manager component is installed on the user's machine as part of the ScriptX.Add-on installation process.

The Security Manager add-on is embedded into a page of web content by the page author. It references the MeadCo publishing license which has been issued to the publisher of the document, and which is located on the publisher's web server.

GUID
Your unique MeadCo publishing license provided by MeadCo.
Path
The location of the license file (.mlf).
Revision
The current revision of the license. If this value is later than the currently cached license the the download will be forced - in otherwords this is the means to ensure a valid updated license is used.
PerUser
For those who remember the days of Windows 98 or Windows 2000 everything was installed as "administrator" and this was a default in ScriptX too until ScriptX 7. This parameter forced the use of 'PerUser' acceptance of licenses when the value is "true", but this has been the default since ScriptX 7 and so the value of "false" is required to force 'per machine' acceptance of the license. On Windows XP and later this will give rise to an elevation prompt.
ScriptX.Services for Windows PC

The license to use must be passed to the service by an Ajax POST call to the the service license API.

This can be done with your own Ajax code, or if the  ScriptX.Services Client Library is being used then one of a number of approaches may be taken.

Call the appropriate API:

First include the library, for example from a CDN:

<script src="//cdn.jsdelivr.net/npm/scriptxprint-html@1.6.2/dist/meadco-scriptxservices.min.js"></script>

 

The libraries implement an API that wrap passing the required license details to the service:

or, as synchronous behaviour is deprecated in all browsers, use an asynchronous connection to the server with a callback function to be called when the server connection is completed. Asynchronous initialisation does not block the browser UI.

The API calls must occur in the order illustrated as the license must be available before the HTML.connect() call can succeed.

Use attributes

The attributes can be applied to any script element on the page, but logically belongs with including the  ScriptX.Services Client Library

data-meadco-license
Your unique MeadCo publishing license provided by MeadCo. The presense of this attribute signals to the library that ScriptX.Services for Windows PC is being used, rather than for Cloud or for On Premise Devices.
data-meadco-server
The url to the ScriptX.Services for Windows PC server. Typically this value is http://127.0.0.1:41191
data-meadco-license-path
The location of the license file (.mlf). The special value "warehouse" signifies the license should be downloaded from the MeadCo Licenses store on the public internet (https://licenses.meadroid.com ).
data-meadco-license-revision
The current revision of the license. If this value is later than the currently cached license the the download will be forced - in otherwords this is the means to ensure a valid updated license is used.
data-meadco-syncinit
Default true. If false then asynchronous calls are made to the server to verify and if required download and cache the license.

License Processing

The first time a user accesses a document that uses a particular license, as uniquely identified by its GUID, Security Manager 'looks' for (downloads) a valid .MLF publishing license file and checks these three parameters:

  • Is the root URL from on or under which the content is being served identical to one whose address is bound into the license?
  • Is the license current, or has it expired?
  • Has the license been properly signed with a valid signing certificate? (Confirmation that the license file itself is original and intact, as issued).

If Security Manager can confirm all three checks, then the license containing details of the publisher and the publisher's domain(s) -- together with the control(s) and other functions it may verify -- is presented to the user for acceptance.

Accept License

Naturally it is for the user to chose whether or not to trust the publisher and agree or decline to accept the licensed content ... but such comprehensive validation by Security Manager has been proved to make acceptance much more likely.

Once accepted, the license is stored locally and the license file is not downloaded again until the license needs to be updated due to some reason such as expiry or change in permissions.

ScriptX.Services for Windows PC

If you re-use a ScriptX.Add-on license and the license has not already been accepted then a blocking dialogue will be created and the user asked to approve that ScriptX.Services for Windows PC can be used by content delivered from the domains listed in the license. The dialogue may not be obvious and for this reason we recommend an upgrade to the license to enable silent use which by-passes the need for a dialog.

All licenses purchased for use with ScriptX.Services for Windows PC have silent use enabled.

Errors

If Security Manager cannot find a valid publishing license, or if any of the three security requirements are not met, then the user is informed accordingly and any functionality requiring a license will not work. For example, the following dialog is displayed when a license has expired:

Expired License

MeadCo's user-centric publishing licenses have proved to be 100% functional and secure over ten+ years of wide-scale corporate deployment.

License revisions

A license may be revised for a number of reasons, for example, it has been renewed or new licensed URLs added, or the license URLs changed.

Whenever a license is revised, its revision number is incremented. The revision number is included as a parameter to the Security Manager component and will force the download of the revised license.

The unique indentifier for a license (its GUID) is never changed so, if a user has already accepted a license that has been revised then the (downloaded) license will not be displayed again for them to accept. The revised license will be cached in the registry automatically. Please note that if a license is removed from the machine and then referenced, the user will be asked to accept it.

Silent installation of a license

The silent license installation option minimises support calls by auto-installing licenses within the enterprise, without the need for the user to become involved; there is no prompt to accept the license.

The silent license installation option is a cost option and should be chosen when you order a license.