JP2006163696A - Proxy server device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a proxy server device for disclosing only files and folders that may be opened to the outside accumulated in a device connected to an intranet. <P>SOLUTION: The proxy server device 1 comprises a file extraction means for extracting files conforming to the conditions of a file registered at a table T1 from the tables T1, T2 for registering the conditions of a file permitting an access and the position information of a device 4 or 6 or a folder in a LAN 2 for permitting an access and a file stored in the device or folder of position information registered at the table T2; and a transmitting means for generating Web pages W1, W2 for describing a URL for accessing the extracted file and transmitting them to the request source other than LAN for requesting an access to the file in LAN. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a proxy server device that accepts access from outside a LAN (local area network) on behalf of a device in the LAN.

  In recent years, network multifunction devices having a plurality of functions such as a facsimile communication function, a network printer function, and a copying function have become widespread. Some of these network multifunction peripherals can store an original image file transmitted / received by facsimile communication, an original image file read by a scanner, and the like, and allow a client PC to browse the image file. There is also a network multifunction device that can store image files stored in its own device in a plurality of folders.

  Files stored in the network multifunction device are not supposed to be viewed on a client PC on an in-house network (in-house LAN) and released outside the company. Of course, it is possible to make it public.

Many network multifunction peripherals currently used or on the market are premised on use in an in-house network, and have a weak security mechanism against attacks from the outside through the network. In order to protect the server device connected to the corporate network from external threats, a network configuration may be adopted in which a proxy server device is installed and incoming access from outside the corporate network is accepted through the proxy server device. (For example, refer to Patent Document 1).
JP 2003-186664 A

  However, even if the conventional proxy server device including the proxy server device according to Patent Document 1 is installed, the files stored in the network multifunction peripheral are often stored in-house, If all the files stored in the network MFP are disclosed outside the company, confidential company information may be leaked outside.

  When a sales employee or a business trip employee can access a file in the network MFP from a remote location by remote access or the like, it is convenient if a mobile terminal device such as a mobile phone can be used as a communication device for access. However, since the browser of the mobile terminal device is functionally inferior to the browser of the desktop PC, there is a problem that the file in the network multifunction peripheral cannot be displayed on the display device of the mobile terminal device.

  The present invention has been made in view of the above-described problems, and discloses only files and folders stored in devices connected to an in-house network that can be disclosed to the outside. More preferably, it is an object of the present invention to provide a proxy server device that can access a device of an in-house network from outside the company using a mobile terminal device such as a mobile phone.

  In order to achieve the above object, the proxy server device according to claim 1 is registered with registration means for registering file conditions permitting access and location information of devices or folders in the LAN permitting access. A file extraction unit that extracts a file that matches the registered file condition from the files stored in the location information device or folder, and a WEB that describes a URL for accessing the file extracted by the unit And transmitting means for generating a page and transmitting it to a request source outside the LAN that requests access to a file in the LAN.

  The proxy server device according to claim 2 is the proxy server device according to claim 1, wherein a client software detection unit that detects a type of client software that is a request source of the access, and a WEB page that is transmitted by the transmission unit And a means suitable for the client software detected by the client software detection means.

  The proxy server device according to claim 3 is the proxy server device according to claim 1 or 2, wherein the condition of the file registered by the registration unit is a character string included in the file, and the extraction unit includes: A file including the registered character string is extracted.

  According to the proxy server device of the first aspect, by registering a device or folder in which a file to be disclosed outside the LAN is stored, only files and folders that can be disclosed are disclosed outside the LAN. Can do. Also, by setting the file conditions, it is possible to further narrow down the files to be disclosed outside the LAN from among the files stored in the device or folder.

  According to the proxy server device of the second aspect, a mobile terminal or the like can be used when a sales employee or a business traveler remotely accesses an object in the company network from outside the company.

  According to the proxy server device of the third aspect, since the files to be disclosed can be narrowed down by the character string included in the file, the user selects the contents etc. based on the contents of the files and publishes them outside the LAN. Can be set.

  The proxy server device according to the embodiment of the present invention will be described below. FIG. 1 shows a configuration example of a LAN 2 to which a proxy server device 1 according to an embodiment of the present invention is connected. In addition to the proxy server device 1, a router device 3, a network multifunction device 4, a file server device 5, a PC (personal computer) 6 and the like are connected to the LAN 2. The proxy server device 1 is directly connected to the router 6 so that all data entering the LAN 2 from outside the LAN 2 (Internet) through the router 3 can be monitored.

  As shown in FIG. 2, the proxy server device 1 includes a control unit 7, a communication unit 8, a file format conversion unit 9, a cache memory 10, a display unit 11, an operation unit 12, an auxiliary storage device 13, and the like. The control unit 7 includes a CPU (Central Processing Unit), a ROM (Read Only Memory), a RAM (Random Access Memory), etc. (not shown), and in accordance with a command issued by the CPU based on a control program stored in the ROM. The operation of each part constituting the proxy server device 1 is controlled. The communication unit 8 includes a NIC (network interface card) and communicates with the devices 4 to 6 and the router 3 connected in the LAN 2.

  The file format conversion unit 9 converts a file acquired from a shared folder of the network MFP 4 in the LAN 2 or a device such as the file server device 5 or the PC 6 into a format suitable for various browsers based on a table 15 described later. It is. For example, when the acquired file is an HTML file, the image icon of the HTML file is converted so that it can be displayed on a mobile phone browser, converted into a CHHTML (Compact HTML) file, or displayed on a PDA browser. Is converted to an HTML file in which the display of is omitted. In addition to browser-compatible files, other formats are also converted.

  The cache memory 10 temporarily stores files acquired by accessing the shared folder of the network multifunction peripheral 4 in the LAN 2 or the file server device 5 in response to a request from outside the LAN 2. Further, a URL list described later is temporarily stored. When there is a request for an object specifying a URL from a client device outside the LAN 2, and the URL matches the URL of a file stored in the cache memory 10, the access operation to the devices 4 to 6 in the LAN 2 is omitted. Then, the file stored in the cache memory 10 is transmitted to the request source. This enables a quick response to the request source.

  The display unit 11 is composed of, for example, an LCD (Liquid Crystal Display), and displays information held by the proxy server device 1, such as registration information and device setting information. The operation unit 12 includes an input device such as a keyboard and a mouse. The auxiliary storage device 13 is composed of a hard disk device or the like. The auxiliary storage device 13 stores an access information log file 13a, which will be described later, and the like.

  The network multifunction device 4 is a multifunction device having various functions such as a shared folder function, a scan function, a WEB server function, and a facsimile communication function. The shared folder contains document image files and files created by application software. Examples of files created by application software include image files of various originals, PDF (Portable Document Format) files, files created by spreadsheet software, files created by word processing software, and the like. The shared folder has a hierarchical structure, and each folder can accommodate a file and a folder in a lower hierarchy. The same applies to the folder of the device described later.

  The file server device 5 is a file server dedicated device and accommodates hierarchical folders and files. The PC 6 also contains shared folders and files.

  The proxy server device 1 stores in the RAM the file conditions that permit access from outside the LAN 2 and the location information of devices and folders in the LAN 2 that allow access from outside the LAN 2. The information is registered by a predetermined operation of the operation unit 12 by the operator. The proxy server device 1 stores, for example, a character string that should be included in the file as a condition for a file that is permitted to be accessed from outside the LAN 2, and processes a file that includes the character string as being matched with the condition. Here, the character string is not limited to kanji or hiragana, but may be alphabetic characters, katakana, numbers, symbols, or the like. The location information is information such as an IP address and a path necessary for the proxy server device 1 to specify the location of a resource such as a file, folder, or device.

  FIG. 3 shows an example of a character string registered as a file condition for permitting access from outside the LAN 2. The registered character strings are stored in the file condition management table T1 shown in the figure, and each character string is registered in association with a portion to be described in the file. As a portion to be described, for example, a file name, a file body, a file name extension, and the like can be registered. Of course, you may enable it to register the location in a file other than these. When the character string specified in the file condition management table T1 is described in the location specified in the table T1, the proxy server device 1 matches the acquired file with the condition. It is determined that the file is to be processed.

  FIG. 4 shows an example of information registered as location information of a device or folder in the LAN 2 that permits access from outside the LAN 2. The registered location information of the device or folder in the LAN 2 is stored in the illustrated file path management table T2. In the table T2, location information such as an IP address and a path necessary for accessing a device or folder in the LAN 2 that permits access is stored. The position information of the device containing the file and the position information of the folder are not limited to the format shown in the figure as long as the location of the file can be specified.

  As illustrated in FIG. 5, the proxy server device 1 also includes types of access request source browsers and terminal devices and formats suitable for these browsers and terminal devices (that is, suitable for the client software of the access request source). The format correspondence table 15 for storing the file format in association with each other is stored in the RAM. When the proxy server device 1 receives a request for access to a file in the LAN 2 from outside the LAN 2, for example, based on information received together with the access request, the proxy server device 1 determines the type of browser or terminal device that is the access request source. When the file is transmitted to the access request source, the file is converted into a file format associated with the type of browser or terminal device that is the access request source with reference to the format correspondence table 15.

  The format correspondence table 15 illustrated in FIG. 5 associates the access request source browser and terminal device type (illustrated “browser / terminal type”) with various format conversion methods (first to third conversion methods illustrated). I remember it. The contents of the format correspondence table 15 can be registered by operating the operation unit 12 by the operator. The first conversion method is referred to when the proxy server device 1 is requested to access from outside the LAN 2 as an HTML file. In the illustrated registration example, information “HTML to CHTML” designating conversion from an HTML file to a CHTML (Compact HTML) file is registered in association with “browser for mobile phone”. In association with the “PDA browser”, information “HTML to HTML / no image icon” is registered that specifies conversion from an HTML file to a format in which the link setting from the HTML file to the image icon is canceled. Information “default” designating that format conversion is not performed is registered in association with information “other” designating the type of browser and terminal device other than the above.

  The second conversion method is referred to when the proxy server device 1 is requested to access from outside the LAN 2 and is a file created by predetermined word processing software. In the specific example shown in the figure, information “word processor format A to word processor format a” that specifies conversion from a file format created by a predetermined word processor software to another word processor software format in association with “browser for mobile phone”. "Is registered. Similarly, “word processor format A to word processor format b” is also registered in “PDA browser”. In addition, information “default” specifying that format conversion is not performed is registered in association with information “others” specifying the type of browser and terminal device other than the above. “Word processor format a” corresponds to word processor software that can be mounted on a mobile phone, and “word processor format b” corresponds to word processor software that can be mounted on a PDA.

  The third conversion method is referred to when the proxy server device 1 is requested to access from outside the LAN 2 and is a file created by predetermined spreadsheet software. In the specific example shown in the figure, information “spreadsheet format B to” that specifies conversion from a file format created by a predetermined spreadsheet software to a format for other spreadsheet software in association with “browser for mobile phone”. A spreadsheet format “a” is registered. Similarly, “Spreadsheet format B to Spreadsheet format b” is registered in association with “PDA browser”. In addition, information “default” specifying that format conversion is not performed is registered in association with information “others” specifying the type of browser and terminal device other than the above. “Spreadsheet format a” corresponds to spreadsheet software that can be mounted on a mobile phone, and “Spreadsheet format b” corresponds to spreadsheet software that can be mounted on a PDA.

  In the present embodiment, the file to be converted is an HTML file, a file created by a predetermined word processing software, and a file created by a spreadsheet software, but the file format to be converted and the file after conversion The type of format, the number of registrations, etc. are not limited to the above.

  Next, processing operations executed when the proxy server device 1 having the above-described configuration and functions is requested to access an object in the LAN 2 from outside the LAN 2 will be described based on a flowchart shown in FIG.

  The control unit 7 of the proxy server device 1 repeatedly monitors whether or not a predetermined HTTP request (for example, GET) has been received from outside the LAN 2 through the communication unit 8 (S1). When a predetermined HTTP request is received as a request for access to a file in the LAN 2 from outside the LAN 2 (S1: YES), the received HTTP request is analyzed to detect a URL for which access is requested (S2). It is determined whether or not the detected URL corresponds to a predetermined URL, that is, an initial screen URL to be described later. If the detected URL does not correspond to the initial screen URL (S3: NO), access to the request source is denied. An HTTP response is returned (S4).

  In S3, when the detected URL corresponds to the URL of the initial screen (S3: YES), user authentication is requested to the request source. For example, user authentication is requested by transmitting an HTTP status code “401” to the request source. Subsequently, when the control unit 7 receives the user ID and password input at the request source, the control unit 7 compares the user ID and password information (not shown) registered in the proxy server device 1 in advance to perform authentication processing. . If the authentication fails (S5: NO), an HTTP response that denies access is returned to the request source (S4).

  If the authentication is successful (S5: YES), the type of browser implemented by the access request source and the model information of the terminal device are retrieved from the information included in the HTTP request received in S2, such as the User-Agent header. . When the type of browser implemented by the access request source and the model information of the terminal device can be acquired (S6: YES), it is determined whether or not the request source is the browser of the mobile phone terminal (S7), and the mobile phone terminal (S7: YES), the file conversion method is set to the conversion method associated with the “mobile phone browser” based on the format correspondence table 15 (S8). Note that the determination as to whether or not the mobile phone terminal is the mobile phone terminal in S7 is, for example, a list of browser and device types described in the User-Agent header when the access request source is a browser of the mobile phone terminal (for example, , Browser type, browser version, subscriber ID, terminal serial number, etc.) are registered in advance in the external storage device 13 of the proxy server 1 and the information actually detected from the User-Agent header is collated. Is done by doing. Further, as a method for determining whether or not the browser of the mobile phone terminal in S7, a correspondence table (not shown) of the user ID specified at the time of authentication and the type of browser and terminal device is stored in advance in the proxy server device 1 in advance. It may be registered in the device 13 or the like, and it may be determined whether or not the mobile phone terminal is in S7 according to information indicating the type of browser or terminal device associated with the user ID acquired in S5.

  If it is determined in S7 that the browser is not a mobile phone terminal (S7: NO), it is determined whether the access request source is a PDA browser (S9), and it is determined that the browser is a PDA browser (S9: YES), based on the format correspondence table 15, the file conversion method is set to the conversion method associated with the “PDA browser” (S10). Whether the browser is a PDA browser in S9, as described above, when the access request source is a PDA browser, a list of browser and device types described in the User-Agent header is also provided. (For example, browser type, browser version, subscriber ID, terminal serial number, etc.) are registered in advance in the external storage device 13 of the proxy server device 1 and the information actually detected from the User-Agent header. Is done by matching. Further, as a method for determining whether or not the browser is a PDA of S9, a correspondence table (not shown) of the user ID specified at the time of authentication and the type of browser or terminal device is previously stored in the external storage device 13 of the proxy server device 1. It may be determined whether the browser is a PDA browser in S9 according to information indicating the type of browser or terminal device associated with the user ID acquired in S5.

  On the other hand, if a negative determination is made in S6 or S9, based on the format correspondence table 15, the file conversion method is set to the conversion method associated with “others”, that is, “default” (S11). .

  Following the processing operation of S8, S10 or S11, the URL list of the format after conversion designated by the first conversion method set in S8, S10 or S11 in the cache memory 10 (details of the URL list will be described later). ) Is stored (S12). If stored (S12: YES), the URL list is transmitted to the request source of S1 (S13), and the process proceeds to S20. On the other hand, if the URL list is not stored in the cache memory 10 (S12: NO), the location information device and folder registered in the file path management table T2 are accessed to obtain file information ( S14). Then, a file matching the condition registered in the file condition management table T1 is extracted from the acquired file information (S15). For example, in the proxy server device 1, when the file condition management table T1 as shown in FIG. 3 and the file path management table T2 as shown in FIG. 4 are formed, the proxy server device 1 uses the file path management table. Access the device in LAN 2 to which the IP address “192.168.1.1” registered in T2 is assigned, and obtain information on all the files accommodated by the device. If there is a file that matches the file condition registered in the file condition management table T1, it is extracted. In other words, if there is a file in which the information “estimate” registered as “character string to be included in the file” is included in “file name” which is “the place where the character string should be described”, The file is extracted as a file that matches the conditions. In addition, if there is a file in which the information “specifications” registered as “character string to be included in the file” is included in the “file body” that is “the location where the character string should be described” The file is extracted as a file that matches the conditions. In addition, there is a file in which the information “XLS” registered as “character string to be included in the file” is included in “file name extension” that is “location where the character string should be described” Extracts the file as a file that matches the conditions. The proxy server device 1 also searches for devices and folders in other location information registered in the file path management table T2 whether there is a file that matches the conditions registered in the file condition management table T1, If a file that matches the conditions exists, it is extracted.

  Next, a WEB page (hereinafter referred to as “URL list”) in which a URL (Uniform Resource Locators) for accessing the file extracted in S15 and a folder in the same hierarchy as the file is described is generated. The format of the WEB page to be generated follows the format after conversion specified by the conversion method set in S8, S10 or S11 (S16). Here, the URL described in the URL list is a URL that permits access to an access request source outside the LAN 2.

  For example, a URL list W1 as illustrated in FIG. 7 is generated and transmitted to the request source of S1 as an initial screen for accessing an object in LAN2 from outside LAN2 (S17). Then, the URL for the initial screen is assigned to the transmitted URL list W1 and temporarily stored in the cache memory 10 (S18). The correspondence between the URL described in the URL list and the location information of the resource in the LAN 2 to which the URL is assigned (the file extracted in S15 and the folder at the same level as the file) is stored in the auxiliary storage device 13, for example. Store (S19). In the URL list W1 shown in FIG. 7, the folder name and the file name are displayed by the browser, and URLs corresponding to the folder name and the file name are set as hyperlinks, and the URL itself is not displayed. However, a URL list that directly displays URLs may be used.

  Next, when an HTTP request is received from the same request source as the access request source in S1 (S20: YES), the received HTTP request is analyzed to detect a URL for which access is requested (S21).

  Reissue URL list to which the URL detected in S21 is assigned (details of the reissue URL list will be described later) or file, and a format after conversion designated by the conversion method set in S8, S10 or S11 Is stored in the cache memory 10 (S22), and if it is stored (S22: YES), the reissue URL list or file is transmitted to the request source of S1. Access information is recorded in the log file 13a (S23). Thereafter, the process returns to S20.

  On the other hand, when the reissue URL list and file to which the URL detected in S21 is assigned are not stored in the cache memory 10 (S22: NO), the URL stored in the auxiliary storage device 13 and the LAN 2 The file or folder in the LAN 2 to which the URL is assigned is accessed by referring to the correspondence relationship of the location information of the file or folder. If the access target to which the URL is assigned is a folder (S24: YES), information on the file accommodated in the folder is acquired (S25). Then, a file matching the conditions registered in the file condition management table T1 is extracted from the acquired file information (S26), and the extracted file and a folder accommodated in the same hierarchy as the file are accessed. A WEB page (hereinafter referred to as “reissue URL list”) in which URLs (Uniform Resource Locators) are described is generated. Here, the URL described in the reissue URL list is a URL that permits access to an access request source outside the LAN 2. The format of the WEB page to be generated follows the format after conversion of the first conversion method set in S8, S10 or S11. Then, for example, a reissue URL list W2 as shown in FIG. 7 is generated and transmitted to the request source of S1 (S27), and a URL is assigned to the transmitted reissue URL list W2 and temporarily stored in the cache memory 10. (S28). Then, the correspondence relationship between the URL described in the reissue URL list and the positional information of the resources in the LAN 2 to which the URL is assigned (the file extracted in S26 and the folder in the same hierarchy as the file) is, for example, the auxiliary storage device 13 (S29). In the reissue URL list W2 shown in FIG. 7, the folder name and the file name are displayed by the browser, and the URL corresponding to the folder name and the file name is set as a hyperlink, and the URL itself is displayed. Although not intended, a URL list that directly displays URLs may be applied.

  On the other hand, when the access target to which the URL detected in S21 is assigned is a file (S24: NO), the file is acquired and the format conversion is performed according to the file conversion method set in S8, S10 or S11. (However, if the file conversion method is “default”, the conversion is not performed.) The data is transmitted to the request source of S1 (S30), and the file and the URL of the file are temporarily stored in the cache memory 10. (S31). Thereafter, the access information is recorded in the log file 13a (S32), and the process returns to S20.

  When there is no access request in S20 and a logout operation is performed at the access request source in S1 and information to be logged out is received from the request source (S33: YES), logout processing is performed to release the session, and The settings of S8, S10, and S11 are canceled (S34). If a negative determination is made in S33, the process returns to S20.

  Next, a modification of the proxy server device according to the embodiment described above will be described. The proxy server device according to the modified example stores the file condition management table T1 and the file path management table T2 for each browser type and terminal device model information implemented by a request source requesting access to the LAN 2. Specifically, as shown in FIG. 8, in the table T3, the correspondence between the browser type and terminal device model information, the file condition management table, and the file path management table is stored. At the same time, as shown in the flowchart of FIG. 9, after the process of S8, S10, and S11 (or before the process of S8, S10, and S11), the table T3 is referred to and the process is performed in S6. The file condition management table and the file path management table corresponding to the browser type and terminal device model information implemented by the acquired access request source are set as tables to be applied (S101). Then, when referring to the file condition management table and the file path management table (S14, S15, S25, S26, etc.), the file condition management table and the file path management table set in S101 are referred to.

  In the proxy server device 1 described above, the proxy server device 1 has an encryption function, encrypts data to be transmitted to and received from the access request source, and communicates with the access request source through the encrypted communication path. You may make it perform communication between. Thereby, communication safety can be further ensured.

  If the proxy server device 1 is installed in the LAN 2 to secure security against unauthorized attacks from outside the LAN 2, a secure communication protocol is implemented in the proxy server device 1 or an authentication mechanism such as a password is provided. You just have to have it. As a result, it is not necessary for each terminal device in the LAN 2 to have a security mechanism or an authentication mechanism, and the security monitoring or management burden is reduced.

  According to the proxy server apparatus 1 demonstrated above, the following advantages are acquired. In other words, by registering only the URLs of files and folders in the devices in the LAN 2 that can be disclosed outside the company network, only the files and folders can be disclosed to the outside. Of course, the client PC 6 or the like in the LAN 2 can access all files and folders as usual unless there is a restriction on the access right in the operation of the LAN 2. Further, the proxy server device 1 can detect the type of the terminal device that requests access to the file in the LAN 2 from outside the LAN 2 and the type of the browser, and can provide the file in a format suitable for this, for example, In addition, a mobile terminal or the like can be used when a sales employee or a business traveler remotely accesses a file in the company network from outside the company.

  In addition, once generated, the URL list, reissue URL list, file, etc. provided to the access request source are temporarily stored in the cache memory 10 and reused. If so, a quick response is possible. There is also an advantage that the control load of the control unit can be reduced when there are a large number of access requests from the outside at the same time. In addition, since the URL list, reissue URL list, file, etc. stored in the cache memory 10 are deleted after a predetermined time, the contents of the provided URL list, file, folder are updated appropriately. At the same time, a quick response to an external access request can be ensured.

  Further, if there are many files in the LAN 2 that are open to the outside, it becomes difficult to find the target file when accessed from outside the LAN 2, but according to the proxy server device 1, the URL list and the reissue URL list are displayed. Since a hierarchical structure such as a folder is set as link information, the user can easily find a target file even if there are many files.

  In general, setting the firewall 2 in the router 3 as to whether or not to open the file in the LAN 2 to the outside makes the setting operation complicated, but the proxy server device 1 according to the present embodiment is connected to the router 3 and the LAN 2. By placing the firewall in between, it is only necessary to set the firewall for the proxy server apparatus 1, so that the firewall setting operation is simplified, and troubles due to setting mistakes can be reduced.

  The present invention can be applied to, for example, a proxy server device that accepts access from outside the LAN on behalf of a device in the LAN.

It is the figure which showed the structural example etc. of LAN with which the proxy server apparatus which concerns on embodiment of this invention is connected. It is the block diagram which showed the structural example etc. of the proxy server apparatus concerning embodiment of this invention. It is the figure which showed an example of the file condition management table. It is the figure which showed an example of the file path management table. It is a figure showing an example of a format correspondence table. It is the flowchart which showed the processing operation performed when a proxy server apparatus receives the access request to the file in LAN from the outside of LAN. It is the figure which showed the example of a display by the browser of the WEB page (URL list, reissue URL list) which described URL for accessing a file. It is a table that stores the correspondence between browser types and terminal device model information, file condition management tables, and file path management tables implemented by requesters that request access to files in the LAN. 10 is a flowchart showing a modification of the processing operation executed when the proxy server apparatus receives a request for access to a file in the LAN from outside the LAN.

Explanation of symbols

T1 file condition management table T2 file path management table W1 URL list (WEB page describing URL for accessing file)
W2 reissue URL list (WEB page describing URL to access file)
1 Proxy server device 2 LAN
4 Network multifunction device 5 File server device 6 PC
7 Control unit 9 File format conversion unit 13 Auxiliary storage device 15 Format correspondence table

Claims (3)

  Registered from the file stored in the registered device or folder of the registered location information and the registration means for registering the condition of the file permitting access and the location information of the device or folder in the LAN permitting access A LAN that requests file access in the LAN by generating a file extraction unit that extracts a file that matches the file conditions and a URL for accessing the file extracted by the unit. A proxy server apparatus comprising: a transmission unit configured to transmit to an external request source.   Client software detection means for detecting the type of client software requesting access, and a WEB page transmitted by the transmission means in a format suitable for the client software detected by the client software detection means The proxy server apparatus according to claim 1, further comprising means for providing the proxy server.   The condition of the file registered by the registration unit is a character string included in the file, and the extraction unit extracts a file including the registered character string. The proxy server device described in 1.

Images