JP2021185692A - Image processing device, control method, and program - Google Patents

Abstract

To reduce the number of times the user's authentication information is input to improve the convenience in a device configured to be able to restrict access to jobs and resources according to a logged-in user.SOLUTION: User information on a plurality of logged-in users is managed independently for each login, and when a predetermined function is executed, the number of logged-in users is confirmed by referring to managed user information. By this confirmation, when there is only one logged-in user, the logged-in user is automatically selected as a performer of the predetermined function. When there are a plurality of logged-in users, a user as the performer of a predetermined function is selected from the logged-in users.SELECTED DRAWING: Figure 4

Description

The present invention relates to an image processing device such as a multifunction device.

In recent image processing devices such as multifunction devices, there are many devices that are configured to perform user authentication and restrict access to jobs and resources according to the logged-in user. In such an image processing device, when a user performs a certain operation while logged in and the execution authority for the operation is insufficient, an authentication screen is often displayed to prompt a different user who has the authority to log in. ..

In such user session management, when a different user logs in, all information related to the user (for example, a user profile such as a user name and a user's email address, and user authority) is completely switched (hereinafter referred to as "user authority"). , Background technology example 1). In this case, immediately before logging in as a different user, the user who logged in earlier is automatically logged out (see, for example, Patent Document 1).

As for other user session management, among the user information that has already been logged in, the user profile such as the user name and the user's email address is not switched, and only the user authority is re-evaluated (hereinafter, background technology example 2). Is. As a re-evaluation method in this case, the authority of the user who logged in later is often added to the user authority of the user who logged in earlier.

Japanese Unexamined Patent Publication No. 11-25040

FIG. 16 is a timing chart showing the user session management of the background technology example 1.

Item 4001 in the figure represents a user profile such as a user name or a user's email address that is actually applied in the user session. Item 4002 represents a user authority. Item 4003 represents the login user information stored in association with the user session by the image forming apparatus in order to determine the contents of items 4001 and 4002. Further, FIG. 17 is a tabular diagram showing user profiles and user authority settings of users A and B used in FIG.

According to the background technology example 1, user information is input on the login screen at time t401, and the user A logs in. The user A is permitted to make a color copy according to the setting information of FIG. 17, and can execute the color copy.

Next, the network management function is to be executed at time t402, but since the user A is prohibited from the network management function, the user who has the authority is required to authenticate. By inputting the authentication information of the user B here, the user A logs in as the user B as an administrator. At this point, the user profile 4001 is changed to user B, such as 4021, and the user authority 4002 is changed to user B's authority, such as 4022.

Next, when the user B tries to execute the color copy again at the time t403, the user B is prohibited from performing the color copy, so that the authorized user is required to authenticate, and the user A's authentication information needs to be input again. Be forced.

As described above, the background technology example 1 adopts a configuration in which a logged-in user is logged out when a new user logs in. In this configuration, all the information related to the user is switched, so that there is a case where the function that was available to a certain user cannot be used when logged in as a different user. The user must log in again to re-use the feature that is no longer available. As a result, there was a problem that it was not easy to use because it was required to log in many times.

FIG. 18 is a timing chart showing user session management of Background Technology Example 2.

Reference numerals 6001 to 6003 in the figure have the same meanings as reference numerals 4001 to 4003 in FIG. In the example of FIG. 18, the user profiles and user privileges of the users A and B are set in the same manner as in the example of FIG.

At time t601, enter user information on the login screen and log in as user A. According to the setting information in the example of FIG. 17, the user A is permitted to perform color copying as an available function, and can execute color copying.

At the next time t602, the network management function is to be executed, but since the user A is prohibited from the network management function, the user who has the authority is required to authenticate. By inputting the authentication information of the user B here, the user A logs in as the user B as an administrator. At this point, the user profile 6001 remains user A (see 6021 in FIG. 18), but the user privilege 6002 changes all the items granted to user A and user B to allowed (6022 in FIG. 18). reference).

When the color copy is to be executed again at the next time t603, the authority of the user A is valid, so that the color copy can be executed again without displaying the authentication screen.

As described above, in the background technology example 2, if either the user who logged in earlier or the user who logged in later is permitted, the authority is re-evaluated so as to be permitted. Therefore, the function that was available as a certain user does not become unusable even if the user logs in as a different user, and the convenience is improved.

However, it is intuitive for the user whether the user profile such as the user name or the user's e-mail address remains the user profile of the user who logged in earlier or is switched to the user profile of the user who logged in later. Hateful.

For example, suppose that there is an image processing device that has an e-mail sending function and automatically sets the e-mail address of the logged-in user as the sender address of the sent e-mail. When it is necessary to change certain management setting items while logging in to this image processing device as user A, and after logging in again as user B who is the administrator and changing the settings, when an e-mail is sent, the user A and It is difficult to know which of user B is automatically set. Similar issues include unintended user data such as unintended print jobs for unintended users, unintended fax sender names, and unintended personal data such as routine tasks and address books. You can refer to it.

In view of the above-mentioned conventional problems, it is an object of the present invention to provide the following image processing apparatus. That is, in a device configured to be able to restrict access to jobs and resources according to the logged-in user, the number of times the user authenticates information is input is reduced, and convenience is improved.

It also makes it easy for the user to determine which of the logged-in users the user profile is based on for the operation to execute the function.

In order to achieve the above object, the image processing device according to claim 1 includes a user authentication means for authenticating a user and a means for restricting access to a predetermined function according to a user logged in by the user authentication means. In an image processing device that allows a logged-in user to log in multiple times as another user in order to perform a predetermined function, the user information about the user who has been logged in to the multiple times is independent for each login. Management means to be managed, a confirmation means to confirm the number of logged-in users by referring to the user information managed by the management means when executing the predetermined function, and a confirmation means to be logged in by confirmation of the confirmation means. When there is only one user, the means for automatically selecting the logged-in user as the performer of the predetermined function, and when there are a plurality of logged-in users by confirmation of the confirmation means, the predetermined user. It is characterized by having a selection means for selecting a user as a performer of the function from among logged-in users.

According to the present invention, it is possible to reduce the number of times the user's authentication information is input and improve the convenience. In addition, the user can easily determine which of the users logged in multiple times the predetermined function is executed based on the user information about which user.

It is a schematic diagram which shows the structure of the system which uses the image processing apparatus which concerns on embodiment. It is a block diagram which shows the hardware composition of the image processing apparatus in FIG. It is a block diagram which shows the software structure of the image processing apparatus in FIG. It is a timing chart which shows the user session management of 1st Embodiment. It is a figure which shows the login screen. It is a figure which shows the menu screen used in 1st Embodiment. It is a figure which shows the login screen which is displayed when the authority is insufficient, which is used in 1st Embodiment. It is a figure which shows the execution user selection screen. It is a flowchart which shows the characteristic process which concerns on 1st Embodiment. It is a timing chart which shows the user session management which concerns on 2nd Embodiment. It is a tabular diagram which shows the setting of the user profile and the user authority used in FIG. This is a menu screen used in the second embodiment. It is a figure which shows the login screen which is displayed when the authority is insufficient, which is used in the 2nd Embodiment. It is a figure which shows the error screen used in the 2nd Embodiment. It is a flowchart which shows the process which concerns on 2nd Embodiment. It is a timing chart which shows the user session management of the background art example 1. FIG. It is a tabular diagram which shows the setting of the user profile and the user authority used in FIG. It is a timing chart which shows the user session management of the background art example 2.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[First Embodiment]
<System configuration>
FIG. 1 is a schematic diagram showing a configuration of a system in which the image processing apparatus according to the embodiment of the present invention is used.

This system includes a server PC (personal computer) 1000 connected on the network, a user information server device 1001, a ticket issuing server device 1002, a client PC 1003, and an image processing device 1004. This system is a print management system that restricts access to users who use the device and restricts job execution such as the number of prints. The user here includes an individual user, a department, an organization, and the like.

The system administrator utility operates on the server PC 1000 to set and manage this system. In particular, the function restriction information (hereinafter referred to as ACE) of the user information server device 1001 can be set. The user information server device 1001 has user information such as a user ID and password, and a function restriction information list (hereinafter referred to as ACL) which is a set of ACEs indicating which functions are permitted to be used for each user or device in the system. ) Is retained.

The ticket issuing server device 1002 issues a ticket describing information about available functions based on the ACL stored in the user information server device 1001. It is assumed that the client PC 1003 needs to log in to clarify which user is using the client PC when the printer driver operates and the client PC is used.

The image processing device 1004 is, for example, a multifunctional copying machine. The image processing device 1004 not only has a function of copying a paper document, but also has a function of printing print data sent from an external printer driver, reads a paper document, and transmits the image data to an external file server or an email address. It also has a function (SEND function). Furthermore, it also has a function (remote copy function, facsimile function) of transmitting data to another image processing device and printing it on the destination image processing device.

ACT is an abbreviation for Access Control Token. The ACT 1005 describes information about functions that can be executed by the user in the image processing device 1004 and information on function limitation to the image processing device 1004, and is data having a role of transmitting these information from the server to the device. ..

The above-mentioned server PC 1000, user information server device 1001, ticket issuing server device 1002, and client PC 1003 are assumed to be connected by Ethernet (registered trademark) (not shown), but are merely examples of the system. .. The server PC 1000 other than the image processing device 1004, the user information server device 1001, the ticket issuing server device 1002, and the client PC 1003 may all be configured by the same computer. Further, the server PC 1000, the user information server device 1001, the ticket issuing server device 1002, and the client PC 1003 may be mounted on the image processing device 1004 and configured only by the image processing device 1004.

<Hardware configuration of image processing device>
FIG. 2 is a block diagram showing a hardware configuration of the image processing device 1004 in FIG. 1.

The controller unit 2000 inputs / outputs image information and device information by connecting to a scanner 2070 which is an image input device and a printer 2095 which is an image output device, while connecting to a network 1008 or a public line 1009. The CPU 2001 is a controller that controls the entire system. The RAM 2002 is a system work memory for operating the CPU 2001, and is also an image memory for temporarily storing image data. The ROM 2003 is a boot ROM and stores a boot program of the system. HDD2004 is a hard disk drive and stores system software, applications, and image data.

The operation unit I / F 2006 is an interface unit with the operation unit 2012 having a touch panel, and outputs image data to be displayed on the operation unit 2012 to the operation unit 2012. In addition, it plays a role of transmitting the information input by the system user from the operation unit 2012 to the CPU 2001. The Network I / F2010 connects to the network 1008 and inputs / outputs information. MODEM 2050 connects to the public line 1009 and inputs and outputs information.

The SRAM 2100 is a non-volatile recording medium capable of high-speed operation. The RTC2110 is a real-time clock, and performs a process of continuously counting the current time even when the controller unit 2000 is not turned on. The above devices are arranged on the system bus 2007.

The Image Bus I / F 2005 is a bus bridge that connects the system bus 2007 and the image bus 2008 that transfers image data at high speed, and converts the data structure. The image bus 2008 is composed of a PCI bus or IEEE 1394. The following devices are arranged on the image bus 2008.

RIP2060 is a raster image processor that expands the PDL code into a bitmap image. The device I / F unit 2020 connects the scanner 2070 and the printer 2095, which are image input / output devices, to the controller unit 2000, and performs synchronous / asynchronous conversion of image data. The scanner image processing unit 2080 corrects, processes, and edits the input image data. The printer image processing unit 2090 performs printer correction, resolution conversion, and the like on the print output image data. The image rotation unit 2030 rotates the image data. The image compression unit 2040 performs compression / decompression processing.

<Software configuration of image processing device>
FIG. 3 is a block diagram showing a software configuration of the image processing apparatus 1004 in FIG.

This software is implemented in the controller unit 2000 built in the image processing apparatus 1004. The software built in the image processing device 1004 and processed by the controller unit 2000 is implemented as so-called firmware and executed by the CPU 2001.

The real-time OS 3001 is a real-time operating system that provides various resource management services and frameworks optimized for the control of embedded systems for software running on it.

The controller platform 3002 includes a file system 3003, a job device control 3004, and a counter 3005. The file system 3003 is a mechanism for storing data built on a storage device such as HDD 2004 or RAM 2002. The job device control 3004 controls the hardware of the image processing device 1004, and also performs a job that uses the basic functions (printing, scanning, communication, image conversion, etc.) mainly provided by the hardware of the image processing device 1004. Control. The counter 3005 manages the expiration date for each application and the counter values for printing and scanning stored in the SRAM 2100.

The system service 3006 is a module for monitoring the operating status of the image processing device 1004 and downloading software and licenses from the software distribution server 1006 via the network 1008.

The application platform 3007 is middleware for making the mechanism of the real-time OS 3001 and the controller platform 3002 available from the system application 3008 and the application 3012 that can be added. The system application 3008 includes application management 3009, user session management 3010, and access management 3011.

The application management 3009 is a management module for installing, uninstalling, starting, and stopping the application 3012. The user session management 3010 is a module that independently manages user information about users who have been logged in multiple times for each login. That is, it is a module that manages user profiles and user privileges according to user login / logout. The access management 3011 is a security module for permitting or prohibiting access to various jobs and resources based on the user authority of the user session management 3010.

Application 3012 is application software that realizes various business models by utilizing the functions provided by the application platform 3007.

<User session management of the first embodiment>
Next, the user session management of the first embodiment will be described with reference to FIG.

FIG. 4 is a timing chart showing user session management according to the first embodiment.

The user session management of the present embodiment is executed in the CPU 2001 of the image processing apparatus 1004 as a function of the user session management 3010 and the access management 3011. Reference numerals 7001 to 7003 in FIG. 4 have the same meanings as reference numerals 4001 to 4003 in FIG. 16, respectively. Further, the user profiles and user authority settings of the user A and the user B are the same as those shown in FIG.

When the user inputs user information on the login screen (FIG. 5) at time t701 and logs in as user A, the menu screen (FIG. 6) is displayed on the operation unit 2012. A login user display area 9005 is arranged at the bottom of the main menu 9000, and at this point, it is displayed that the function is being executed as the user A. The color copy function is permitted by the setting information of FIG. 17, and the user A can execute the color copy function 9001.

After the execution of the color copy function is completed, the user selects 9002 to return to the menu, returns to the main menu 9000, and tries to execute the network management function 9003 at time t702. At this time, the access management 3011 determines that the user A is prohibited from executing the network management function. In response to this, the user session management 3010 displays a login screen (FIG. 7) requesting user authentication by an authorized user.

Here, the user repeatedly logs in as user B by inputting the authentication information of user B. At this time, the user session management 3010 changes the user profile 7001 to the user B such as 7021 and the user authority 7002 to the user B authority such as 7022. However, the information related to the user A is not destroyed or changed, and is retained in the login user information 7003. At the same time, the display of the login user display area 9005 is changed as follows. That is, it is displayed that the network management function is executed as the user B among the users A and B who are logged in multiple times.

After the execution of the network management function is completed, the user selects 9002 to return to the menu, returns to the main menu 9000, and tries to execute the color copy function 9001 again at time t703. At this time, the access management 3011 determines that only the user A is permitted as the logged-in user. In response to this, the user session management 3010 sets the user profile 7001 to the user A like 7023 and the user authority 7002 to the user like 7024 based on the information related to the user A held in the login user information 7003. Change to A authority. At the same time, the display of the login user display area 9005 is changed again as follows. That is, it is displayed that the network management function is executed as the user A among the users A and B who are logged in multiple times.

After the execution of the color copy function is completed, the user selects 9002 to return to the menu, returns to the main menu 9000, and tries to execute the fax function 9004 at the time t704. At this time, the access management 3011 determines that both the logged-in user A and the user B are permitted. In response to this, the user session management 3010 displays an execution user selection screen (9060 in FIG. 8). It is assumed that the user selects, for example, user B as the execution user who is the executor who executes the fax function 9004. In this case, the user session management 3010 performs the following processing based on the information related to the user B held in the login user information 7003. That is, the user profile 7001 is changed to the user B like 7025, and the user authority 7002 is changed to the user B authority like 7026 again. At the same time, the display of the login user display area 9005 is changed again as follows. That is, it is displayed that the network management function is executed as the user B among the users A and B who are logged in multiple times.

On the other hand, when the user A is selected as the user who executes the fax function 9004, neither the contents of the user profile 7001 and the user authority 7002 nor the display of the login user display area 9005 are changed.

<Characteristic processing according to the first embodiment>
Next, the characteristic processing according to the first embodiment will be described with reference to FIG.

FIG. 9 is a flowchart showing a characteristic process according to the first embodiment. This process is a process of automatically determining execution user information at the time of function selection or determining according to user selection, and is executed by the CPU 2001 of the image processing device 1004 as a function of the user session management 3010 and the access management 3011.

When the user selects a function in step S121, the access management 3011 confirms whether or not there are a plurality of logged-in users who are permitted to execute the selected function in the next step S122. When the number of users is not plural, the user session management 3010 automatically selects the only user permitted in step S123 as the execution user. Then, the process proceeds to the next step S126.

When the number of logged-in users who are permitted to execute the selected function is a plurality, the user session management 3010 displays the execution user selection screen (FIG. 8) in step S124. Then, in the subsequent step S125, the result selected by the user is received, and based on this, the execution user of the selected function is determined. Then, the process proceeds to the next step S126.

From the above, the process of the flow from step S122 to step S126 through step S123 is, in short, the following process. That is, even if there are a plurality of logged-in users, if only one user is permitted to execute the selected function, the user is selected without prompting to be re-selected from the list of logged-in users. It is automatically selected as the execution user of the selected function.

Next, the user session management 3010 determines whether or not the execution user determined in the above procedure in step S126 is the same as the current execution user. If they are the same, the process proceeds to step S129 as it is, and the application 3012 executes the selected function. If they are not the same, the user session management 3010 changes the user profile to the determined execution user in step S127, and further changes the user authority to the determined execution user in step S128. Then, the selected function is executed in step S129.

<Advantages of the first embodiment>
According to the present embodiment, in a device configured to be able to restrict access to jobs and resources according to the logged-in user, the number of user authentication information input operations is reduced and convenience is improved. be able to.

In addition, a login user display area is provided to display which of the logged-in users the predetermined function is executed as. This allows the user to easily determine which of the logged-in users the user profile is based on for the operation to execute the function.

[Second Embodiment]
Next, a second embodiment of the present invention will be described.

The basic configuration of this second embodiment is the same as that described with reference to FIGS. 1, 2 and 3 in the first embodiment. Hereinafter, a part characteristic of the second embodiment will be described.

<User session management of the second embodiment>
FIG. 10 is a timing chart showing user session management according to the second embodiment of the present invention.

The user session management of the present embodiment is executed in the CPU 2001 of the image processing apparatus 1004 as a function of the user session management 3010 and the access management 3011. Reference numerals 5001 to 5003 in FIG. 10 have the same meanings as reference numerals 4001 to 4003 in FIG. 16, respectively.

FIG. 11 is a tabular diagram showing user profiles and user authority settings of users A and B used in FIG. 10.

The example shown in FIG. 11 is different from the example of FIG. 17 used in the first embodiment, and user type information 8001 indicating a user type (type) is registered as a user profile. User types include, for example, anonymous users and real-name users. Anonymous users are special users used by an unspecified number of people, and do not have user-specific elements such as user name information and e-mail addresses related to user names. The real name user is a user who has these user-specific elements.

When the user inputs user information on the login screen (FIG. 5) at time t801 and logs in as an anonymous user, the menu screen (FIG. 12) is displayed on the operation unit 2012. A login user display area 9015 is arranged at the bottom of the menu 9010, and at this point, it is displayed that the function is being executed as an anonymous user. The anonymous user is permitted to use the color copy function according to the setting information in FIG. 11, and can execute the color copy function 9011. Note that the login by the anonymous user may be automatically performed when the image processing device 1004 is started.

After the execution of the color copy function is completed, the user selects the menu return 9012 to return to the main menu 9010 and tries to execute the network management function 9013 at the time t802. At this time, the access management 3011 determines that the anonymous user is prohibited from the network management function. Then, the user session management 3010 displays a login screen (9070 in FIG. 13) requesting authentication by an authorized user. Here, the user repeatedly logs in as user B by inputting the authentication information of user B. At this time, the user session management 3010 changes the user profile 5001 to the user B as shown in 5021 of FIG. 10, and changes the user authority 5002 to the items permitted to the anonymous user and the user B as shown in 5022 of FIG. Change all to permission. At the same time, the login user display area 9015 is changed so that it is displayed that the user B is being executed.

After the execution of the network management function is completed, the user selects 9012 to return to the menu, returns to the main menu 9010, and tries to execute the color copy function again at the time t803. At this time, the access management 3011 determines that the color copy function is permitted by referring to the user authority 5002 shown in 5022 of FIG. As a result, the color copy function can be executed without displaying the authentication screen again, and it is displayed that the login user display area 9015 is being executed as the user B without any change.

After the execution of the color copy function is completed again, the user selects 9012 to return to the menu, returns to the main menu 9010, and executes the fax function 9014 at the time t804. At this time, the access management 3011 refers to the user authority shown in 5022 of FIG. 10 and determines that the fax function 9014 is not permitted. At this time, the user session management 3010 displays an error screen (FIG. 14) notifying that the user cannot be changed. In the second embodiment, further authentication is prohibited when the user is logged in as a real name user, and the user profile 5001 and the user authority 5002 are not changed.

When entering user information on the login screen (FIG. 5), when logging in as user A who is a real name user and trying to execute the network management function 9013, an error screen notifying that the user cannot be changed is also displayed. (Fig. 14) is displayed.

<Characteristic processing according to the second embodiment>
Next, the characteristic processing according to the second embodiment will be described with reference to FIG.

FIG. 15 is a flowchart showing the process according to the second embodiment. This process is a process of determining whether or not to authenticate again according to the logged-in user type when the authority is insufficient, and is executed by the CPU 2001 of the image processing device 1004 as a function of the user session management 3010 and the access management 3011. ..

When the user selects a function in step S131, the access management 3011 determines in step S132 whether the logged-in user is permitted to execute the selected function. If it is determined that it is permitted, the process proceeds to step S141, and the application 3012 executes the selected function. On the other hand, if it is determined that the permission is not permitted, the user session management 3010 determines whether the logged-in user is an anonymous user in step S133. If the user is not an anonymous user, the process proceeds to step S134, and an error screen (FIG. 14) is displayed.

On the other hand, if it is determined that the logged-in user is an anonymous user, the process proceeds to step S135, the login screen (for example, 9070 in FIG. 13) is displayed, and the input of the authentication information is received from the user in step S136. It is determined whether the authentication information received in step S137 is correct, and if it is not correct, the process returns to step S135 and the procedures of step S135 and step S137 are repeated. On the other hand, if the received authentication information is correct, the access management 3011 determines whether or not the execution of the selected function is permitted for the received authentication information in step S138. If it is not permitted, the process returns to step S135 and the procedure from step S135 to step S138 is repeated.

On the other hand, if the execution of the selected function is permitted, the user session management 3010 overwrites the user profile with the newly logged-in user in step S139. Subsequently, the user authority information is merged in step S140, and the selected function is executed in step S141.

<Advantages of the Second Embodiment>
Even when an anonymous user and a real name user are combined as a logged-in user, it has the same advantages as the first embodiment.

The object of the present invention is also achieved by executing the following processing. That is, a storage medium in which a program code of software that realizes the functions of the above-described embodiment is recorded is supplied to the system or device, and the computer (or CPU, MPU, etc.) of the system or device is stored in the storage medium. This is the process of reading the program code.

In this case, the program code itself read from the storage medium realizes the function of the above-described embodiment, and the program code and the storage medium storing the program code constitute the present invention.

Further, as the storage medium for supplying the program code, the following can be used. For example, floppy (registered trademark) discs, hard disks, optical magnetic discs, CD-ROMs, CD-Rs, CD-RWs, DVD-ROMs, DVD-RAMs, DVD-RWs, DVD + RWs, magnetic tapes, non-volatile memory cards, etc. ROM etc. Alternatively, the program code may be downloaded over the network.

Further, the present invention also includes a case where the function of the above embodiment is realized by executing the program code read by the computer. In addition, when the OS (operating system) or the like running on the computer performs a part or all of the actual processing based on the instruction of the program code, and the processing realizes the function of the above-described embodiment. Is also included.

Further, the present invention also includes a case where the function of the above-described embodiment is realized by the following processing. That is, the program code read from the storage medium is written in the memory provided in the function expansion board inserted in the computer or the function expansion unit connected to the computer. After that, based on the instruction of the program code, the CPU provided in the function expansion board or the function expansion unit performs a part or all of the actual processing.

1003 client PC
1004 Image processing device 2001 CPU
2002 RAM
2003 ROM
2012 operation unit

The present invention relates to an image processing device such as a multifunction device , a control method, and a program .

In order to achieve the above object, the image processing apparatus according to claim 1 is an image processing apparatus capable of executing a plurality of functions including copy processing, and the plurality of functions may be performed by an individual user. The first function that does not require authentication and the second function that requires personal authentication of the user are included at least, and it is possible to make settings that do not allow the authenticated user to use the first function. It is characterized by.

Claims (1)

It has a user authentication means for authenticating a user and a means for restricting access to a predetermined function according to the user logged in by the user authentication means, and another user for the logged-in user to execute a predetermined function. In an image processing device that can log in multiple times as
A management means for independently managing user information related to the multiple logged-in users for each login, and
When executing the predetermined function, a confirmation means for confirming the number of logged-in users by referring to the user information managed by the management means, and a confirmation means.
When the number of logged-in users is singular due to the confirmation of the confirmation means, the means for automatically selecting the logged-in user as the performer of the predetermined function and the means for automatically selecting the logged-in user.
When there are a plurality of logged-in users by the confirmation of the confirmation means, the selection means for selecting the user as the executor of the predetermined function from the logged-in users.
An image processing device characterized by being equipped with.

Images