JP5286232B2 - Image forming system and user manager server device - Google Patents

Description

  The present invention relates to an image forming system and a user manager server device.

  In recent years, directory services such as an active directory and an e directory have been introduced to manage users and devices in a network system. Some image forming apparatuses such as printers, copiers, and multifunction machines have a network function, and currently users and groups (departments) can be managed using such a directory service. When performing user management with a directory service, user authentication of a user who has performed a login operation on an image forming apparatus is usually performed by a server apparatus of the directory service.

  On the other hand, in the image forming apparatus, an authorization process may be performed in which only a function permitted to the login user among various functions can be used. Normally, in the authorization process, for each user, authorization information that designates a function that is permitted to be used (or a function that is prohibited to be used) is preset in the image forming apparatus, and is used by the login user in accordance with the authorization information. Function to be limited. In addition, there is also a system that provides the login user authorization information to the image forming apparatus using an intermediate server device having authorization information for each user (see, for example, Patent Document 1).

  Another technique for a network system including an image forming apparatus is private printing (see, for example, Patent Document 2). In private printing, for example, when the image forming apparatus receives print data from the host terminal device, the print job based on the print data is not executed, and the print job is executed when a predetermined user operation is performed on the image forming apparatus. To do. That is, in private printing, printing is performed by a user directly operating the image forming apparatus on the spot, and a printed matter is output. For this reason, it is not necessary for others to see the printed matter.

JP 2008-140067 A JP 2005-335281 A

  In the above-described system, the image forming apparatus inquires the intermediate server apparatus for authorization information regarding the user who executes the job. For this reason, the function use restriction process based on the authorization information is performed in the image forming apparatus. When performing private printing or the like in the above-described system, the image forming apparatus receives print data when starting a print job. Therefore, whether or not the print data conforms to the authorization information when starting the print job. It is necessary to judge. The processing performance of image forming devices is relatively low compared to host terminal devices and server devices. Therefore, especially when performing private printing, when starting a print job, processing such as print processing and authorization information conformity determination overlap. As a result, a heavy load is applied to the image forming apparatus.

  The present invention has been made in view of the above-described problem, and an image forming system and a user manager that can reduce the load on the image forming apparatus at the start of a job due to the determination of suitability of authorization information in private printing or the like The object is to obtain a server device.

  In order to solve the above problems, the present invention is configured as follows.

An image forming system according to the present invention includes a host terminal device that outputs job data to a network, a spooler that holds job data output from the host terminal device to the network, job data received from the spooler, and received job data An image forming apparatus that executes a job based on the network, a user manager server apparatus that is connected to a network and that provides authorization information for identifying a function permitted to be used in the image forming apparatus to a group or a user, and a directory service And a directory server device having registration information of domain groups and domain users . The user manager server apparatus has local user registration information separately from the domain user, and registration information of the local group including the domain user and / or the local user, and the domain group, the local group, the domain user, And authorization policy that can be set separately for local users, and based on the authorization policy, the authorization information applied to the user logged in to the host terminal device is identified, and the identified authorization information is the host terminal The host terminal device acquires authorization information, generates only job data that conforms to the acquired authorization information, transmits the generated job data to the spooler, and the spooler sends job data from the host terminal device. When received, the received job data identification information is stored in the user money. To send to the Yasaba apparatus. After the user logs in to the image forming apparatus, the image forming apparatus transmits a job data transmission request to the user manager server apparatus. When the user manager server apparatus receives the job data transmission request, the image forming apparatus is designated by the job data transmission request. The user's job data is transmitted from the spooler to the image forming apparatus.

  As a result, job data that conforms to the authorization information is generated in advance, so that it is not necessary for the image forming apparatus to determine conformity of the authorization information. For this reason, in private printing or the like, it is possible to reduce the load on the image forming apparatus at the start of the job due to the approval information conformance determination.

The user manager server device according to the present invention includes a network interface connected to the network, a local user registration information separately from the domain user of the directory service provided by the directory server device, and a domain user and / or a local user. A storage device that stores registration information of a local group that is stored, and stores an authorization policy that can be set separately for the domain group, local group, domain user, and local user of the directory service, and based on the authorization policy, identify the authorization information that applies to the user logged in the host terminal, the identified authorization information, the authorization processing unit to be transmitted to the host terminal using the network interface, network Using the interface, receiving job data identification information from a spooler that holds job data output from the host terminal device to the network, and receiving a job data transmission request sent after the user logs into the image forming device And a data delivery control unit for transmitting the job data of the user designated by the job data transmission request from the spooler to the image forming apparatus.

  As a result, job data that conforms to the authorization information is generated in advance, so that it is not necessary for the image forming apparatus to determine conformity of the authorization information. For this reason, in private printing or the like, it is possible to reduce the load on the image forming apparatus at the start of the job due to the approval information conformance determination.

  In addition to the above user manager server device, the user manager server device according to the present invention may be as follows. In this case, the data delivery control unit notifies the spooler of the network identification information of the image forming apparatus that has transmitted the job data transmission request.

  Thereby, even if there are a plurality of image forming apparatuses on the network, the job data is transmitted to the image forming apparatus operated by the user.

  The user manager server device according to the present invention may be configured as follows in addition to any of the user manager server devices described above. In this case, the data delivery control unit generates a job list corresponding to the job data held in the spooler based on the identification information of the job data, and the job data specified by the job data transmission request is included in the job list. The image data is transmitted from the spooler to the image forming apparatus.

  Thereby, the user can select a job to be executed from the job list.

  The user manager server device according to the present invention may be configured as follows in addition to any of the user manager server devices described above. In this case, the job list includes only job data for users who are logged in to the image forming apparatus.

  As a result, the jobs of other users are not included in the job list, so that it is possible to prevent other users' jobs from being erroneously executed.

  According to the present invention, in private printing or the like, it is possible to reduce the load on the image forming apparatus at the start of a job due to the determination of compliance of the authorization information.

FIG. 1 is a block diagram showing a configuration of an image forming system according to an embodiment of the present invention. FIG. 2 is a block diagram showing the configuration of the multifunction machine in FIG. FIG. 3 is a block diagram showing a configuration of the user manager server apparatus in FIG. FIG. 4 is a diagram showing a configuration example of the authorization policy data in FIG. FIG. 5 is a block diagram showing the configuration of the directory server device in FIG. FIG. 6 is a block diagram showing a configuration of the host terminal apparatus in FIG. FIG. 7 is a block diagram showing the configuration of the spooler in FIG. FIG. 8 is a sequence diagram for explaining the operation of each device when the user logs in to the multifunction machine in the system shown in FIG. FIG. 9 is a sequence diagram illustrating processing for causing the multifunction peripheral to execute a job from the host terminal device without using a spooler in the system illustrated in FIG. FIG. 10 is a sequence diagram for explaining a private printing process using a spooler in the system shown in FIG.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

Embodiment 1 FIG.

  FIG. 1 is a block diagram showing a configuration of an image forming system according to an embodiment of the present invention. In the system shown in FIG. 1, a plurality of multifunction peripherals 1A and 1B are connected to a network 2, and a user manager server device 3, a directory server device 4, a host terminal device 5, and a spooler 6 are connected to the network 2. Has been.

  The multifunction machine 1A has a printer function, a scanner function, a copy function, a facsimile function, and the like, and performs various jobs with the above-described functions in accordance with commands from the operation panel on the multifunction machine 1A, the host terminal device 5 connected to the network 2, and the like. An image forming apparatus to be executed. The multifunction machine 1A has a private printing function described later. In the private printing of this embodiment, the multifunction device 1A transmits a job data delivery request to the user manager server device 3 when a predetermined user operation is performed on the multifunction device 1A, and the user manager server device 3 causes the print data (job data) to be transmitted from the spooler 6 to the multifunction peripheral 1A. The multifunction machine 1B is a similar device.

  The user manager server device 3 is a server device that accepts user authentication requests from the multifunction peripherals 1A and 1B and provides authorization information for users logged in to the multifunction peripherals 1A and 1B. The directory server device 4 is a server device that provides directory services such as an active directory and an e directory.

  FIG. 2 is a block diagram showing a configuration of the multifunction machine 1A in FIG. The multifunction machine 1B has a similar configuration. The multi-function device 1A includes an operation panel 21, a modem 22, a network interface 23, a printer 24, a scanner 25, and a control device 26.

  The operation panel 21 is installed in the housing of the multifunction machine 1A, and includes a display device 21a that displays various types of information to the user and an input device 21b that receives user operations. The display device 21a is, for example, a liquid crystal display or various indicators. The input device 21b is, for example, a touch panel or a key switch.

  The modem 22 can be connected to a subscriber telephone network such as a public switched telephone network (PSTN), and is a communication device that transmits and receives facsimile data.

  The network interface 23 can be connected to a wired or wireless computer network 2 and performs data communication with other devices (such as the server device 3 and the host terminal device 5) connected to the network 2. It is.

  The printer 24 is an internal device that prints on a sheet according to a print request and discharges the printed matter. In the case of the electrophotographic method, after charging the photosensitive drum, the printer 24 emits a light source based on the print data to form an electrostatic latent image on the surface of the photosensitive drum, and this electrostatic latent image is Development is performed with toner, the toner image is transferred and fixed on a sheet, and the sheet is discharged as a printed matter.

  The scanner 25 irradiates light on one or both sides of a document fed by an automatic document feeder or a document placed by a user and receives reflected light or the like to read an image of the document. It is an internal device that outputs as image data.

  The control device 26 is a device that controls each unit in the multifunction peripheral 1A and performs data processing. The control device 26 is configured as a computer having, for example, a CPU (Central Processing Unit), a ROM (Read Only Memory), a RAM (Random Access Memory), and the like. In the control device 26, the CPU implements various processing units by loading a program stored in the ROM or other storage device (flash memory or the like) into the RAM and executing it. In the control device 26, a FAX communication unit 31, a network communication unit 32, a control unit 33, and a determination unit 34 are realized.

  The FAX communication unit 31 is a processing unit that controls the modem 22 and receives facsimile data. When receiving the facsimile data, the FAX communication unit 31 supplies a print request to the print control unit 34.

  The network communication unit 32 is a processing unit that controls the network interface 23 and performs data communication with devices on the network 2 using various communication protocols. For example, the network communication unit 32 transmits the user name (user ID) and password input to the operation panel 21 at the time of user login to the user manager server device 3 and receives the login user authorization information from the user manager server device 3. . For example, when the network communication unit 32 receives print data (such as PDL (Page Description Language) data), the network communication unit 32 supplies the print data to the control unit 33.

  The control unit 33 receives a job request by a user operation on the operation panel 21, or a job execution command received directly from the host terminal device 5 by the network interface 23 and the network communication unit 32 or indirectly through the spooler 6. A processing unit that receives job data, controls each unit in the multifunction peripheral 1A, and executes a job corresponding to the job request. The job execution command includes a print request, a scan request, a facsimile transmission request, and the like. When there is a login operation on the operation panel 21, the control unit 33 uses the network communication unit 32 to request user authentication, authorization information, and the like from the user manager server device 3.

  When the control unit 33 detects a private print operation by the user on the operation panel 21 after the user logs in to the multifunction peripheral 1A (that is, after successful user authentication), the control unit 33 and the network communication unit 32, a job data transmission request is transmitted to the user manager server apparatus 3, and then the requested job data is received from the spooler 6.

  Further, when the control unit 33 receives a job ticket together with a job execution command from the host terminal device 5, the control unit 33 determines whether or not the job ticket is valid, and only when the job ticket is valid, the job execution The job (printing, scanning, facsimile transmission, etc.) designated by the command is executed. The job ticket is data indicating permission of job execution in the multifunction peripherals 1A and 1B (described later). For example, the control unit 33 receives the user name (user ID) together with the job execution command, transmits the user name (user ID) and the job ticket to the user manager server device 3, and sends the user manager server device 3 with the user name (user ID). Whether or not the job ticket has been issued for the user name is verified, the verification result is received from the user manager server device 3, and whether or not the job ticket is valid based on the verification result You may make it determine. Further, the control unit 33 receives the user name (user ID) together with the job execution command, performs a predetermined calculation, and determines whether or not the job ticket has been issued to the user with the user name (user ID). You may make it determine. For example, when the job ticket is a value of a predetermined function (hash function, cryptographic function, etc.) with the user name (user ID) as a variable, the value of the same function obtained from the received user name (user ID) is If it matches the received job ticket, it may be determined that the job ticket has been issued to the user with the user name (user ID).

  Based on the authorization information about the login user received from the user manager server device 3 by the network interface 23 and the network communication unit 32, the determination unit 34 uses the login user among the functions of the MFP 1A. It is a processing unit that specifies a function to be prohibited (or a function to be permitted) and stores data indicating whether or not to permit use of each function on, for example, a RAM. The control unit 33 refers to the data and restricts the use of the MFP 1A by the login user. For example, when the use of the color copy function is restricted for the logged-in user, a copy function menu is displayed on the operation panel 21 so that the color copy cannot be selected (for example, selecting a color from monochrome / color). Button is grayed out).

  In this way, the multifunction peripherals 1A and 1B are configured.

  FIG. 3 is a block diagram showing the configuration of the user manager server device 3 in FIG. The user manager server device 3 includes a storage device 41, a network interface 42, and an arithmetic processing device 43.

  The storage device 41 is a device that stores programs and data. As the storage device 41, a nonvolatile semiconductor memory, a hard disk drive, or the like is used. The storage device 41 stores authorization policy data 51, local user data 52, and local group data 53.

  The authorization policy data 51 is data including authorization information used for specifying a function that is permitted to be used by the login user of the multifunction peripheral 1A, 1B. The authorization policy data 51 can include authorization information for users and authorization information for groups. Authorization information for a user is authorization information applied to the user, and authorization information for a group is authorization information applied to users belonging to the group. The authorization policy data 51 includes authorization information for a domain user registered in the directory server device 4 and authorization information for a local user registered in the user manager server device 3 as authorization information for the user. And can be included. The authorization policy data 51 includes authorization information for a domain group registered in the directory server device 4 and authorization information for a local group registered in the user manager server device 3 as authorization information for the group. And can be included. The authorization information for a user includes a user ID and information on a function that is permitted (or prohibited) for the user (for example, a function ID). The authorization information for a group includes a group ID and information on a function that is permitted (or prohibited) for a user belonging to the group (for example, a function ID). For example, functions permitted (or prohibited) to be used include large items such as printing, scanning, copying, and facsimile transmission, and small items (for example, a color / monochrome selection function) associated with each large item.

  FIG. 4 is a diagram showing a configuration example of the authorization policy data 51 in FIG.

  In the authorization policy data 51 shown in FIG. 4, the domain group A includes domain users A, B, C, and D, and the local group A includes local users A and B and domain users B and D. An authorization policy # 1 (policy data including authorization information) is set for the domain group A, an authorization policy # 2 is set for the domain user A belonging to the domain group A, and an authorization policy # for the local group A 3 is set, the authorization policy # 4 is set for the local user A belonging to the local group A, the authorization policy # 5 is set for the domain user B belonging to the domain group A, and the authorization for the domain user E is set. Policy # 6 is set, and authorization policy # 7 is set for local user C.

  The local user data 52 is data including registration information (user ID and password) of the local user. The local user is a user registered in the user manager device 3 separately from the domain user registered in the directory server device 4.

  The local group data 53 is data including registration information (group ID and user ID of a user belonging to the group) of the local group. The local group is a group registered in the user manager device 3 separately from the domain user registered in the directory server device 4. Local groups can include local users and domain users. That is, a local group consisting only of local users, a local group consisting only of domain users, and a local group consisting of local users and domain users can be set.

  The network interface 42 can be connected to a wired or wireless computer network 2 and performs data communication with other devices (such as the multifunction devices 1A and 1B and the server device 4) connected to the network 2. Device.

  The arithmetic processing unit 43 is configured as a computer having a CPU, a ROM, a RAM, and the like, and loads various programs stored in the ROM or the storage device 41 into the RAM and executes them by the CPU, thereby realizing various processing units. . In the arithmetic processing device 43, a network communication unit 61, a user authentication processing unit 62, an authorization processing unit 63, a ticket issue processing unit 64, and a data delivery control unit 65 are realized.

  The network communication unit 61 is a processing unit that controls the network interface 42 and performs data communication with devices on the network 2 using various communication protocols. For example, the network communication unit 61 receives a user name (user ID) and a password from the multifunction device 1A, and transmits authorization information about the user to the multifunction device 1A. For example, the network communication unit 61 transmits a user authentication request to the directory server device 4 and receives the authentication result and user information from the directory server device 4.

  The user authentication processing unit 62 is a processing unit that uses the network interface 42 to authenticate the login users of the multifunction peripherals 1A and 1B with the directory server device 4.

  When the login user of the multifunction device 1A (or multifunction device 1B) who has succeeded in user authentication belongs to the local group, the authorization processing unit 63 extracts the authorization information for the local group from the authorization policy data 51 and logs in the login information. When the login user who has transmitted user authorization information to the MFP 1A (or MFP 1B) using the network interface 42 and succeeded in user authentication does not belong to the local group, the domain group to which the login user belongs or the Processing for extracting authorization information for a user (domain user or local user) from the authorization policy data 51 and transmitting it to the MFP 1A (or MFP 1B) using the network interface 42 as authorization information for the login user. In the department That. The authorization processing unit 63 is a processing unit that uses the network interface 42 to transmit authorization information about a user who has logged in at the host terminal device 5 to the host terminal device 5.

  For example, in the case of the authorization policy data 51 shown in FIG. 4, when the domain user A logs in to the multifunction device 1A, the authorization policy # 2 and the authorization policy # 1 are transmitted to the multifunction device 1A. When there are conflicting authorization settings in the user and group authorization policies (here, authorization policy # 2 and authorization policy # 1), the setting of a predetermined authorization policy of the group or user is applied. In this case, when the domain user B logs in to the multifunction device 1A, the authorization policy # 5, the authorization policy # 3, and the authorization policy # 1 are transmitted to the multifunction device 1A. If there are conflicting authorization settings in the domain group and local group authorization policies (here, authorization policy # 1 and authorization policy # 3), the setting of the predetermined authorization policy of the domain group or local user is applied. Is done. In this case, when the domain user C logs in to the multifunction device 1A, the authorization policy # 1 is transmitted to the multifunction device 1A. In this case, when the domain user D logs in to the multifunction device 1A, the authorization policy # 1 and the authorization policy # 3 are transmitted to the multifunction device 1A. In this case, when the domain user E logs in to the multifunction device 1A, the authorization policy # 6 is transmitted to the multifunction device 1A. In this case, when the local user A logs in to the multifunction device 1A, the authorization policy # 4 and the authorization policy # 3 are transmitted to the multifunction device 1A. In this case, when the local user B logs in to the multifunction device 1A, the authorization policy # 3 is transmitted to the multifunction device 1A. In this case, when the local user C logs in to the multifunction device 1A, the authorization policy # 7 is transmitted to the multifunction device 1A.

  When there are a plurality of authorization policies to be applied to a certain login user, the authorization processing unit 63 generates a single authorization policy by combining the authorization policies in the server device 3 and transmits the generated authorization policy. You may make it do. In that case, any setting policy selected according to a predetermined rule is applied to setting items that compete with each other in a plurality of approval policies.

  The ticket issuance processing unit 64 generates a job ticket when receiving a job ticket issuance request from the host terminal device 5 operated by the logged-in user after the logged-in user of the host terminal device 5 succeeds in user authentication with the directory service. The processing unit transmits the job ticket and the authorization information applied to the login user to the host terminal device 5. Note that an issuance request from a user who has not been successfully authenticated by the directory service is rejected. Further, the authorization processing unit 63 may transmit the authorization information applied to the login user to the host terminal device 5 instead of the ticket issuing processing unit 64.

  For example, the ticket issue processing unit 64 generates a user-specific job ticket from the user name (user ID) using a predetermined function. Further, for example, the ticket issuance processing unit 64 generates a user-specific job ticket from the user name (user ID) and the one-time data (disposable information) using a predetermined function. For example, a hash function is used as the predetermined function. As the one-time data, information such as the serial number, the date / time when the issue request is received or when the job ticket is generated, which changes every time the job ticket is issued, is used.

  In the system in which the multifunction peripherals 1A and 1B inquire the user manager server device 3 about the validity of the job ticket, the ticket issue processing unit 64 sends the generated job ticket to the user name (user ID) of the issue destination of the job ticket. If the job ticket of the inquired user is stored in the storage device 41 when the inquiry is received, the verification result that the job ticket is valid is combined. In response to the machines 1A and 1B, the job ticket is deleted from the storage device 41 or invalidated. Thus, the user can use the job ticket issued to himself / herself only once for job execution in the multifunction peripherals 1A and 1B.

  The data delivery control unit 65 uses the network interface 42 and the network communication unit 61 to receive the identification information of the job data newly held in the spooler 6 from the spooler 6, and the user who issued the job data receives the job data from the MFP 1A. When a job data transmission request transmitted after logging in (or multifunction device 1B) is received, the job data of the user specified by the job data transmission request is transmitted from the spooler 6 to the multifunction device 1A (or multifunction device 1B). It is a processing part to be made.

  The data delivery control unit 65 notifies the spooler 6 of the network identification information of the multifunction device 1A (or the multifunction device 1B) that has transmitted the job data transmission request. The network identification information is the destination of job data. Further, the data delivery control unit 65 generates a job list corresponding to the job data held in the spooler 6 based on the identification information of the job data received from the spooler 6, and transmits job data in the job list. The job data specified by the request is transmitted from the spooler 6 to the multifunction device 1A (or the multifunction device 1B). This job list includes only job data for a user who has logged in to the multifunction device 1A (or multifunction device 1B).

  Thus, the user manager server device 3 is configured.

  FIG. 5 is a block diagram showing the configuration of the directory server device 4 in FIG. The directory server device 4 includes a storage device 71, a network interface 72, and an arithmetic processing device 73.

  The storage device 71 is a device that stores programs and data. As the storage device 71, a nonvolatile semiconductor memory, a hard disk drive, or the like is used. A directory service database 91 is constructed in the storage device 71, and the database 91 includes user data 91a and group data 91b. The user data 91a includes a user ID, a password, and user information (a telephone number, a facsimile number, an e-mail address, and other attribute information to be contacted). The group data 91b includes a group ID, a user ID list of users belonging to the group, and group information (contact information, responsible person, and other attribute information).

  The network interface 72 is a device that can be connected to a wired or wireless computer network 2 and performs data communication with other devices (such as the server device 3) connected to the network 2.

  The arithmetic processing unit 73 is configured as a computer having a CPU, a ROM, a RAM, and the like, and implements various processing units by loading a program stored in the ROM or the storage device 71 into the RAM and executing the program by the CPU. In this arithmetic processing unit 73, a network communication unit 81 and a directory service processing unit 82 are realized.

  The network communication unit 81 is a processing unit that controls the network interface 72 and performs data communication with devices on the network 2 using various communication protocols. For example, the network communication unit 81 receives a user authentication request and transmits the authentication result and user information.

  The directory service processing unit 82 is a processing unit that manages domain users and domain groups. The directory service processing unit 82 performs registration and deletion of domain users and domain groups, user authentication, provision of user information of domain users and group information of domain groups, and the like. For user authentication, LDAP (Lightweight Directory Access Protocol) authentication, Kerberos authentication, or the like is used. When the directory service is an active directory, the directory service processing unit 82 operates as a domain controller.

  Thus, the directory server device 4 is configured.

  FIG. 6 is a block diagram showing the configuration of the host terminal device 5 in FIG. The host terminal device 5 includes a storage device 101, a network interface 102, a display device 103, an input device 104, and an arithmetic processing device 105. The host terminal device 5 is a personal computer in which predetermined programs such as an operating system and a driver program are installed, for example.

  The storage device 101 is a device that stores programs and data. As the storage device 101, a nonvolatile semiconductor memory, a hard disk drive, or the like is used. The storage device 101 stores a driver program 101a.

  The network interface 102 can be connected to a wired or wireless computer network 2 and performs data communication with other devices (such as the multifunction devices 1A and 1B and the server devices 3 and 4) connected to the network 2. Device.

  The display device 103 is a device that displays various types of information to a user, such as a liquid crystal display. The input device 104 is a device such as a keyboard or a mouse that receives an operation and outputs an electrical signal corresponding to a user operation to the arithmetic processing device 105.

  The arithmetic processing unit 105 is configured as a computer having a CPU, a ROM, a RAM, and the like, and implements various processing units by loading a program stored in the ROM or the storage device 101 into the RAM and executing the program by the CPU. In the arithmetic processing unit 105, the network communication unit 111 and the login processing unit 112 are realized by an operating system such as Windows (registered trademark), and the driver 113 is realized by the driver program 101a. This operating system is capable of causing the host terminal device 5 to participate in a directory service by the directory server device 4.

  The network communication unit 111 is a processing unit that controls the network interface 102 and performs data communication with devices on the network 2 using various communication protocols.

  The login processing unit 112 is a processing unit that performs user authentication for the user to the host terminal device 5 by the directory server device 4 and permits operations after the login operation only to the administrator user who has succeeded in user authentication. At this time, when the operating system of the host terminal device 5 is activated, a login screen for prompting the user to input user authentication information (such as a password) is displayed on the display device 104. When the user authentication information is input to the input device 105, When the input user authentication information is specified, the user authentication request and the user authentication information are transmitted to the directory server device 4, and the user authentication result from the directory server device 4 indicates that the authentication is successful, the display screen is operated by the user. Transition to a possible screen (for example, a desktop screen, a screen with a command prompt, etc.) and enable operations after login operations (execution of applications, utilities, drivers, etc.), while user authentication from the directory server device 4 If the result indicates authentication failure, log in To continue the display of the screen, to prohibit the subsequent login operation operation.

  The driver 113 is a processing unit having a ticket processing unit 121 and a job processing unit 122. The ticket processing unit 121 obtains a job ticket and authorization information applied to the logged-in user from the user manager server device 3 after the logged-in user to the host terminal device 5 succeeds in user authentication with the directory service. Part. The job processing unit 122 generates only a job execution instruction and job data matching the authorization information acquired by the ticket processing unit 121, and the generated job execution instruction and job data together with the job ticket are combined with the multifunction device 1A (or the multifunction device 1B). To the spooler 6 via the network 2 and hold the job. Note that the job processing unit 122 transmits a user name (user ID) as necessary along with the job execution command. However, the job processing unit 122 does not transmit user authentication information (that is, confidential information such as a password necessary for login).

  In this way, the host terminal device 5 is configured.

  FIG. 7 is a block diagram showing the configuration of the spooler 6 in FIG. The spooler 6 is connected to the network 2 and is a device or processing unit that temporarily holds job data output from the host terminal device 5. In this embodiment, the spooler 6 is realized as one server device. However, the spooler 6 may be provided in the user manager server device 3, the multifunction device 1A (or the multifunction device 1B), the directory server device 4, and the like. (In that case, the network interface, the network communication unit, and the storage device may be shared with other functions). The spooler 6 illustrated in FIG. 7 includes a storage device 131, a network interface 132, and an arithmetic processing device 133.

  The storage device 131 is a device that stores programs and data. As the storage device 131, a nonvolatile semiconductor memory, a hard disk drive, or the like is used. Job data is temporarily stored in the storage device 131.

  The network interface 132 can be connected to a wired or wireless computer network 2, and data is exchanged with other devices (server device 3, host terminal device 5, multifunction device 1 </ b> A, 1 </ b> B, etc.) connected to the network 2. A device that performs communication.

  The arithmetic processing unit 133 is configured as a computer having a CPU, a ROM, a RAM, and the like, and implements various processing units by loading a program stored in the ROM or the storage device 131 into the RAM and executing the program by the CPU. In this arithmetic processing unit 133, a network communication unit 141 and a spool processing unit 142 are realized.

  The network communication unit 141 is a processing unit that controls the network interface 132 and performs data communication with devices on the network 2 using various communication protocols using various protocols.

  When the spool processing unit 142 receives job data from the host terminal device 5 via the network communication unit 141, the spool processing unit 142 transmits the received job data identification information to the user manager server device 3, and the user manager via the network communication unit 141. When the job data transmission request is received from the server device 3, the processing unit transmits the job data specified by the request to the image forming apparatus (multifunction device 1A, 1B, etc.) specified by the request. The job data identification information includes a job name (job type, etc.), user name, job ID, and spooler 6 network identification information (ID address, etc.). For example, the spool processing unit 142 transmits job data and the like to the image forming apparatus using IPP (Internet Printing Protocol).

  Thus, the spooler 6 is configured.

  Next, the operation of each device when the user logs in to the multifunction device 1A in the above system will be described. FIG. 8 is a sequence diagram for explaining the operation of each device when the user logs in to the multifunction peripheral 1A in the system shown in FIG. Each device operates in the same manner when a user logs in to the multifunction machine 1B.

  When the operation panel 21 of the multifunction peripheral 1A detects a user name (user ID) and password input operation by the user (step S1), the control unit 33 sends the user name and password to the network communication unit 32 and the network interface 23. Use to transmit to the user manager server device 3 (step S2).

  In the user manager server device 3, the user authentication processing unit 62 receives the user name and password using the network communication unit 61 and the network interface 42, and sends the user name, password, and authentication request to a predetermined protocol (LDAP LDAP). Etc.) to the directory server device 4 (step S3).

  In the directory server device 4, the directory service processing unit 82 uses the network communication unit 81 and the network interface 72 to receive the user name, password, and authentication request using a predetermined protocol, and refers to the directory database 91. It is determined whether or not the user name and password are those of a valid user (step S4).

  Then, the directory service processing unit 82 uses the network communication unit 81 and the network interface 72 to display the determination result (that is, the authentication result) and the user information of the user when the authentication is successful. As a response, it transmits to the user manager server apparatus 3 (step S5).

  In the user manager server device 3, the user authentication processing unit 62 uses the network communication unit 61 and the network interface 42 to receive the authentication result as a response to the authentication request. Receive information. When the authentication is successful, the authorization processing unit 63 refers to the authorization policy data 51, specifies the authorization information of the user (that is, the authorization policy applied to the user) (step S6), and the network Using the communication unit 61 and the network interface 42, a response indicating successful authentication is transmitted to the multi function device 1A together with the authorization information and user information (step S7).

  In the MFP 1A, the control unit 33 receives the authorization information and user information using the network communication unit 32 and the network interface 23, and provides the authorization information to the determination unit 34 (step S8). Based on the authorization information, the determination unit 34 sets, on the RAM, data indicating whether or not the use of the user is permitted for each of the predetermined functions of the multifunction peripheral 1A.

  Thereafter, the user is permitted to use the multifunction device 1A in a state where the function is restricted according to the authorization information (step S9). In the MFP 1A, the control unit 33 refers to the above-described data set by the determination unit 34 and accepts and executes only jobs that use functions permitted for the user.

  When user authentication fails, only a response indicating authentication failure is transmitted from the user manager server apparatus 3 to the multifunction device 1A. When the multifunction device 1A receives a response indicating authentication failure, the message indicating authentication failure is transmitted. Is displayed on the operation panel 21 and the use of the multifunction device 1A by the user is prohibited.

  Next, a process for supplying job data directly from the host terminal device 5 to the multi-function peripheral 1A without using the spooler 6 and causing the multi-function peripheral 1A to execute a job from the host terminal apparatus 5 will be described. . FIG. 9 is a sequence diagram for explaining processing for causing the multifunction peripheral 1A to execute a job from the host terminal device 5 in the system shown in FIG. The processing for causing the multifunction peripheral 1B to execute a job from the host terminal device 5 is the same as this.

  First, when the host terminal device 5 is activated and the operating system is activated, the login processing unit 112 displays a login screen on the display device 103. When the user operates the input device 104 to input a user name (user ID) and password on the login screen, the login processing unit 112 specifies the input user name (user ID) and password (step S21). ), Using the network communication unit 111 and the network interface 102 to access the directory server device 4 via the network 2 and request user authentication for the user name (user ID) and password based on the directory service ( Step S22). The directory server device 4 determines whether or not the user name (user ID) and password received together with the user authentication request match the user name (user ID) and password of the user registered in the directory service. Then, the directory server device 4 transmits the user authentication result to the host terminal device 5 as a response to the user authentication request (step S24).

  At this time, if the user authentication is successful, it means that the user has logged in to the directory service, and the resources registered in the directory service that are permitted to be accessed by the user can be accessed. If user authentication fails, login to the directory service has failed, and the user cannot perform operations other than the login operation again.

  Thereafter, the driver program 101a is executed in accordance with an instruction by a user operation or an application program, and when the job processing unit 122 of the driver 113 detects the occurrence of a job request (for example, a print execution request in the multifunction peripheral 1A) based on the user operation or the like (step (S25) The ticket processing unit 121 transmits a job ticket issue request to the user manager server device 3 via the network 2 (step S26). In the user manager server device 3, when the ticket issuance processing unit 64 receives the issuance request, the directory service verifies whether the issuance requesting user has logged in to the directory service (step S27), and the issuance request. Only when the original user has logged in to the directory service, a job ticket for the user is generated (step S28). Then, the ticket issuance processing unit 64 transmits the job ticket, the authorization information applied to the user (authorization policy for the user and / or the authorization policy for the group to which the user belongs), and the user via the network 2. Is sent to the host terminal device 5 in response to the issue request (step S29). Note that if the user who issued the issue request has not logged in to the directory service, the ticket issue processing unit 64 rejects the issue of the job ticket and transmits a response indicating the failure to issue the job ticket.

  When the ticket processing unit 121 receives the job ticket, authorization information, and user information, the ticket processing unit 121 temporarily stores them in a RAM or the like, and the job processing unit 122 limits the range based on the authorization information according to the job request in step S25. The job execution command and job data are generated (step S30). For example, when a print job is requested and color printing is prohibited by the authorization information and monochrome printing is permitted, monochrome print job execution instructions and job data can be generated, but color print job execution is possible. Instruction and job data cannot be generated. That is, the driver 113 prohibits the user from performing color printing in accordance with the authorization information (for example, the color printing item is selected by graying out the color printing and monochrome printing selection menu on the driver 113 screen). To prevent it).

  The job processing unit 122 transmits the generated job execution command and job data together with the job ticket to the multi-function peripheral 1A via the network 2 (step S31). In the case of a print job job execution command, for example, PDL (Page Description Language) data is also transmitted as job data. However, in the case of a scan job execution command, job data is not transmitted.

  When receiving the job execution instruction, job data, and job ticket, the control unit 33 of the multifunction peripheral 1A first makes an inquiry to, for example, the user manager server device 3 to verify the validity of the job ticket (step S32). If the job ticket has been properly issued to the user (that is, if the job ticket is valid), the control unit 33 executes the job in accordance with the job execution instruction (step S33). . When the job ticket is not valid, the control unit 33 rejects the job execution command and does not execute the job.

  When the execution of the job is completed, the control unit 33 transmits the execution result to the host terminal device 5 via the network 2 (Step S34). In the case of a print job job execution command, the execution result includes information indicating whether the job has been completed normally. In the case of a scan job execution command, the execution result includes an image data file generated by scanning. Including. The job processing unit 122 of the host terminal device 5 receives the execution result via the network 2 and displays or saves the execution result according to the job type. When the user manager server device 3 collects and aggregates the execution job logs of the MFPs 1A and 1B, the job log (user name, job type, etc.) executed here is the user manager server device 3 Sent to.

  Next, processing for supplying job data from the host terminal device 5 to the multifunction peripheral 1A via the spooler 6 and causing the multifunction peripheral 1A to execute a job in the system will be described. FIG. 10 is a sequence diagram for explaining a private printing process using a spooler in the system shown in FIG.

  First, when the host terminal device 5 is activated and the operating system is activated, a login process is executed as in steps S21 to S24 in FIG. 9 (step S41). As a result, if user authentication is successful in the directory service, the directory service is logged in. Thereafter, the driver program 101a is executed in accordance with an instruction from a user operation or an application program, and when the job processing unit 122 of the driver 113 detects the occurrence of a private print job request based on the user operation (step S42), the ticket processing unit 121 Similarly to steps S26 to S29 in FIG. 9, a job ticket, authorization information, and user information are acquired from the user manager server device 3 (step S43).

  When the ticket processing unit 121 receives the job ticket, the authorization information, and the user information, the ticket processing unit 121 temporarily stores the job ticket, the authorization information, and the user information, and the job processing unit 122 limits the range based on the authorization information according to the job request in step S42. The job execution command and job data are generated (step S44). The job processing unit 122 transmits the generated job execution command and job data together with the job ticket to the spooler 6 via the network 2 (step S45).

  In the spooler 6, when the network processing unit 141 receives the job execution command, job data, and job ticket from the host terminal device 5 through the network communication unit 141, the spool processing unit 142 stores and holds them in the storage device 131 (step S46). The job identification information of the job is transmitted to the user manager apparatus 3 together with the job information registration request (step S47). In the user manager device 3, the data delivery control unit 65 receives the job information registration request and the job identification information at the network communication unit 61 and registers them in the job list (step S48). The job list is stored in the storage device 41 and has a record for each job staying in the spooler 6. Each record includes a user name of the job issuer, a job name (job type, etc.), a job ID, and a job ID. The network identification information of the spooler 6 is associated with each other.

  Thereafter, the above-described user who has operated the host terminal device 5 moves to the installation location of the multifunction device 1A and performs a login operation on the multifunction device 1A. At this time, the login process to the multifunction machine 1A is executed in the same manner as in steps S1 to SS7 in FIG. 8 (steps S51 to S57).

  When an operation for selecting “private printing” in the operation menu displayed after login is performed on the operation panel 21 of the MFP 1A, the control unit 33 detects the operation (step S61), and the network communication unit 32 and the network interface are detected. 23, a print job list transmission request for the login user is transmitted to the user manager server apparatus 3 (step S62). In the server device 3, when the data delivery control unit 65 receives the transmission request using the network communication unit 61 and the network interface 42, the data delivery control unit 65 is registered in the job list in the storage device 41 and has not been executed for the user. Is extracted, a job list for the user is generated, and is transmitted to the multi function device 1A as a response to the transmission request (step S63). In the transmitted job list, job IDs and the like of each job are listed. In the MFP 1A, the control unit 33 receives the job list and displays it on the operation panel 21.

  Thereafter, the user selects one or a plurality of jobs to be printed from the job list for the multifunction peripheral 1A. When detecting the operation, the control unit 33 identifies the selected job or jobs, and transmits a print data transmission request specifying the job to the user manager server device 3 (step S65).

  In the user manager server device 3, when the data delivery control unit 65 receives the print data transmission request using the network communication unit 61 and the network interface 42, the data delivery control unit 65 receives the print data (job data) of the designated job. A print data transmission request for transmission to the MFP 1A that is the transmission source of the print data transmission request is transmitted to the spooler 6 together with the network identification information (IP address, etc.) of the MFP 1A (step S66). The data delivery control unit 65 deletes the job that has transmitted the print data transmission request to the spooler 6 from the job list.

  In the spooler 6, when the spool processing unit 142 receives the print data transmission request and the network identification information using the network communication unit 141 and the network interface 132, the job data (that is, the print data) of the job specified by the request is received. Data) is transmitted to the apparatus having the specified network identification information (that is, the multi-function peripheral 1A) together with the job execution command and job ticket accompanying the job data (step S67). The spool processing unit 142 deletes the job data and the like after transmitting the job data and the like to the designated device.

  In the MFP 1A, the control unit 33 receives the job data, the job execution instruction, and the job ticket using the network communication unit 32 and the network interface 23. When the control unit 33 receives the job execution command, job data, and job ticket, first, for example, the control unit 33 inquires the user manager server device 3 to verify the validity of the job ticket (step S68). If the job ticket has been properly issued to the user (that is, if the job ticket is valid), the control unit 33 executes the print job in accordance with the job execution command (step S69). ). Thereby, private printing is realized. When the job ticket is not valid, the control unit 33 rejects the job execution command and does not execute the print job.

  Then, when the execution of the job is completed, the control unit 33 transmits the execution result to the host terminal device 5 via the network 2 as in the case described above.

  As described above, according to the first embodiment, the user manager server device 3 transmits the authorization information applied to the user logged in to the host terminal device 5 to the host terminal device 5, and the host terminal device 5 Generates only job data that conforms to the authorization information, and transmits the generated job data to the spooler 6. The spooler 6 holds the job data when it is received from the host terminal device 5, and identifies the received job data. Information is transmitted to the user manager server device 3. After the user logs in to the multifunction device 1A, the multifunction device 1A transmits a job data transmission request to the user manager server device 3. When the user manager server device 3 receives the job data transmission request, the multifunction device 1A responds to the job data transmission request. The job data of the designated user is transmitted from the spooler 6 to the multi function device 1A.

  As a result, job data that conforms to the authorization information is generated in advance, so that it is not necessary for the multifunction peripherals 1A and 1B to perform the authorization information conformance determination. For this reason, in private printing or the like, it is possible to reduce the load on the multifunction peripherals 1A and 1B at the start of the job due to the suitability determination of authorization information.

Embodiment 2. FIG.

  In the image forming system according to the second embodiment, an ID card (in this case, an IC card) assigned to the user is used instead of the user inputting the user name into the multifunction peripheral 1A at the time of login.

  In the second embodiment, an IC card reader is connected to the multifunction device 1A, and when an ID card is brought close to the IC card reader, the control unit 33 uses the IC card reader to change the ID card from the ID card to the ID card. The ID is read and transmitted to the user manager server apparatus 3 together with the password entered in the same manner as in the first embodiment.

  In Embodiment 2, the storage device 41 of the user manager server device 3 stores in advance conversion data for associating the card ID of the ID card with the user ID of the user assigned the ID card, and the user authentication processing unit 62 receives the card ID and password, refers to the conversion data, identifies the user ID corresponding to the card ID, and performs user authentication in the directory server device 4 based on the identified user ID and the received password. .

  Note that the other configurations and operations of the devices in the system according to the second embodiment are the same as those in the second embodiment, and a description thereof will be omitted.

  Here, an IC card is used as the ID card, but a card (magnetic card or the like) having a recording medium of another method may be used. In that case, a reader capable of reading the card ID from the card of the system is used instead of the IC card reader. Furthermore, instead of the ID card, biometric information such as a fingerprint may be used. In that case, a reader capable of acquiring the biological information from the user is used instead of the IC card reader, and a feature amount obtained from the biological information is used as the ID.

Embodiment 3 FIG.

  In the first embodiment, the host terminal device 5 requests user authentication by directly accessing the directory server device 4, but requests user authentication from the user manager server device 3 in the same manner as the multifunction devices 1A and 1B. The user manager server device 3 may perform user authentication with the directory server device 4.

  In this case, the host terminal device 5 may be provided with a reader similar to that in the second embodiment, and login to the directory service may be performed using an ID card or the like. In that case, the user manager server device 3 converts the card ID of the ID card into a user ID (user name) in the same manner as in the second embodiment.

  Each embodiment described above is a preferred example of the present invention, but the present invention is not limited to these, and various modifications and changes can be made without departing from the scope of the present invention. It is.

  For example, in each of the above embodiments, local users and domain users are mixed and included in the local group, but there may be a local group including only local users or a local group including only domain users.

  In each of the above embodiments, the user manager server device 3 is connected to another network different from the network 2 without being connected to the network 2, and is connected to the directory server device 4 in the other network and the network 2. The user manager server device 3 and the directory server device 4 may perform data communication via another network. However, the host terminal device 5 has a network configuration capable of accessing the necessary server device 3 and / or server device 4.

  In each of the above-described embodiments, the multifunction peripherals 1A and 1B are used as the image forming apparatus, but a printer, a copier, or the like may be used instead. In each of the above embodiments, there are two image forming apparatuses in the system, but it is also possible to use one or three or more image forming apparatuses.

  In each of the above embodiments, the authorization information may include an access authority level to the multifunction device. For example, either an administrator or a general user is set as the access authority level. In the case of an administrator, functions that cannot be used by general users, such as maintenance, can be used.

  In each of the above embodiments, the driver program may be recorded on a portable recording medium, and the driver program may be installed from the recording medium to the host terminal device 5.

  The present invention can be applied to, for example, a network system having a plurality of image forming apparatuses.

1A, 1B MFP (an example of an image forming apparatus)
2 Network 3 User Manager Server Device 4 Directory Server Device 5 Host Terminal Device 6 Spooler 42 Network Interface 62 User Authentication Processing Unit 63 Authorization Processing Unit 64 Data Distribution Control Unit

Claims (5)

A host terminal that outputs job data to the network;
A spooler that holds the job data output from the host terminal device to the network;
An image forming apparatus that receives the job data from the spooler and executes a job based on the received job data;
A user manager server device connected to the network and providing authorization information for identifying a function permitted to be used in the image forming apparatus to a group or a user;
A directory server device that provides directory service and has domain group and domain user registration information ;
The user manager server device has registration information of a local user separately from the domain user, and registration information of a local group including the domain user and / or the local user, and the domain group and the local group Having an authorization policy that can be set separately for the domain user and the local user, and identifying authorization information applied to a user logging in to the host terminal device based on the authorization policy, Sending the identified authorization information to the host terminal device;
The host terminal device acquires the authorization information, generates only job data that conforms to the acquired authorization information, transmits the generated job data to the spooler,
When the spooler receives the job data from the host terminal device, the spooler transmits identification information of the received job data to the user manager server device,
The image forming apparatus transmits a job data transmission request to the user manager server apparatus after the user logs in to the image forming apparatus,
The user manager server device, upon receiving the job data transmission request, causes the job data of the user specified by the job data transmission request to be transmitted from the spooler to the image forming device;
An image forming system. In the user manager server device that provides authorization information that identifies the functions that are allowed to be used by the user,
A network interface connected to the network;
In addition to the domain user of the directory service provided by the directory server device, the local user registration information and the registration information of the domain user and / or the local group including the local user are stored, and the directory service domain group A storage device for storing an authorization policy that can be set separately for the local group, the domain user, and the local user;
Based on said authorization policy by logging the host terminal device to identify the authorization information that applies to the user is, the identified said authorization information is transmitted using the network interface Previous Symbol hosting terminal authorization A processing unit;
Using the network interface, the job data identification information is received from a spooler that holds job data output from the host terminal device to the network, and transmitted after the user logs in to the image forming apparatus. When receiving a job data transmission request, a data delivery control unit that transmits the job data of the user specified by the job data transmission request from the spooler to the image forming apparatus;
A user manager server device comprising:   3. The user manager server apparatus according to claim 2, wherein the data delivery control unit notifies the spooler of network identification information of an image forming apparatus that has transmitted the job data transmission request.   The data delivery control unit generates a job list corresponding to the job data held in the spooler based on the identification information of the job data, and the job list specified by the job data transmission request is included in the job list. 3. The user manager server apparatus according to claim 2, wherein job data is transmitted from the spooler to the image forming apparatus.   5. The user manager server apparatus according to claim 4, wherein the job list includes only the job data for the user who is logged in to the image forming apparatus.

Images