SECURITY MANAGER TECHNICAL DATA
Copyright 1998 - 2010 Mead & Co Limited
feedback@meadroid.com

~ Lifetime Management ~

The Security Manager object:

Security Manager is a non-visual object and should be instantiated in the <HEAD> or <BODY>section of a document as early as possible. Here is an example of a Security Manager object which validates ScriptX's advanced printing:

<!-- MeadCo Security Manager -->
<OBJECT ID="secmgr"
  CLASSID="CLSID:5445be81-b796-11d2-b931-002018654e2e"
  codebase="smsx.cab#Version=6,5,439,65">
  <param name="GUID" value="{unique value assigned by MeadCo}">
  <param name="Path" value="sxlic.mlf">
  <param name="Revision" value="0">
</OBJECT>
Note that the only parameters taken by the Security Manager object are the Globally Unique ID of the publishing license (which is issued by Mead & Company), the relative or absolute path to the .MLF license file itself, and a Revision value.

About the .MLF license file:

The unique attributes of each publishing license are written out as XML and 'wrapped' in a container which is then signed by Mead & Company's own Verisign keys. Security Manager checks the validity of that signing, and if it is found to be corrupt (i.e. if the contents of the license file have been changed or tampered with) then Security Manager will warn the user and not allow the protected content to be run.

Here is an example of an MLF file with all tags and attributes shown:
<LICENSE GUID="{66dad620-f085-11d2-b933-002018654e2e}"
   PUBLISHER="Mead & Company"
   URL="http://www.meadroid.com/"
   FROM="1/1/1999" TO="1/2/2007"
   REVISION="0"
   AUTO="false">
   <TITLE INFO="info.htm"
	  URL="http://www.meadroid.com/superapp/intro.htm"><b>Super</b> App</TITLE>
   <DOMAINS ZONES="7" SUBDIRS="true">
      <DOMAIN ZONES="1" NAME="file://{mapping}"/>
      <DOMAIN NAME="http://local-server/"/>
      <DOMAIN SUBDIRS="false" NAME="http://www.public-server.com/superapp/"/>
   </DOMAINS>
   <PERMISSION XACCESS="true" BROWSER="true" SHELLEXEC="false" PRINTING="true">
      <!-- DHTML Edit -->
      <OBJECT CLASSID="{2d360200-fff5-11d1-8d03-00a0c959bc0a}"/>
   </PERMISSION>
</LICENSE>
Key to MLF tags and attributes:

<LICENSE> General license information. Contains <TITLE>, <DOMAINS> and <PERMISSION>. Attributes are: <TITLE> Information on the web application (if appropriate) licensed by SM. The inner text of the <TITLE> container is the name of the product title. Attributes are: <DOMAINS> The requested domain(s) to which the content will be bound. Contains zero or any number of <DOMAIN> tags. Attributes (which define the default values for the inner <DOMAIN> tags) are: <DOMAIN> A single domain. Attributes are: <PERMISSION> The objects and system access that this license is asking a user to accept. Contains zero or any number of <OBJECT> tags. Attributes are: <OBJECT> A single, potentially 'unsafe' ActiveX object to bind to the requested domain(s). Attributes are:

Important Note:

Above we list details of all current MLF tags and attributes to indicate the power and potential of Security Manager's publishing license schema. Please note, though, that none of these tags or attributes can be directly modified by a licensee. Each SM-based publishing license is generated individually to meet the specific requirements of a named customer, and is signed before issue with Mead & Company's own Verisign keys. As such, each license is unique and inherently secure.


        SM technical data
        Copyright 1998 - 2010 Mead & Co Limited

Contact us at:  feedback@meadroid.com