JP5539073B2 - Authentication system, authentication service control method, program - Google Patents

Description

  The present invention relates to a technique for controlling activation of a user authentication service in a device in which a plurality of user authentication systems can be incorporated.

  Conventionally, there are devices such as copiers and MFPs (multifunction peripheral devices) that can be connected to a network. A user who uses these devices can use the functions of the device not only from the operation panel of the device body but also from a terminal on the network via the network. HTTP (Hyper Text Transfer Protocol) is known as a network protocol for using device functions. In addition to this, various things such as SOAP (Simple Object Access Protocol) and vendor-specific protocols are known.

  Furthermore, the device includes an authentication system that identifies a user who uses the function of the device via an operation panel of the main body or a network. Furthermore, in addition to the authentication mechanism provided from the time of shipment from the factory, there is a device that enables additional installation of an authentication system created later by a software program. The device administrator can select and activate one authentication system to be actually used from among a plurality of authentication systems installed in the device (see, for example, Patent Document 1 below).

JP 2004-264890 A

  However, the authentication system additionally installed in the device does not necessarily include an authentication mechanism for all access means included in the device. For example, an authentication system may only support authentication for an operation panel of a device body and authentication for some network protocols as an authentication mechanism for an access unit. In this case, there is a problem that the access method that can be used by the user is limited by the authentication system, and the convenience is impaired.

  Further, in order to avoid the above problems, a device having a plurality of conventional authentication systems often starts up a device-specific authentication system (an authentication system that the device is equipped with from the factory). Convenience is ensured by simultaneously starting up the additionally installed authentication system and the device-specific authentication system so that both authentication systems can be used. However, it is not preferable in terms of security that a plurality of authentication systems having different account repositories and different security strengths can be activated simultaneously to use the device on the same device.

  Therefore, in the conventional device, the additionally installed authentication system cannot control the availability of the device-specific authentication system. For example, when importance is attached to the convenience, a device-specific authentication system is used, and when security is important, the selective control of suppressing the use of the device-specific authentication system cannot be performed.

  By the way, it is desirable to ensure convenience even when the additionally installed authentication system cannot perform the selective control as described above. Further, if the user (device user) can perform the selective control as described above, the convenience is enhanced, but in that case, it is necessary to pay attention to ensuring security.

  The present invention has been made to solve the above-described problems of the prior art, and an object of the present invention is to enable the first authentication system to control whether or not the authentication service can be used in the second authentication system. It is to provide an authentication system and the like.

  To achieve the above object, an authentication system of the present invention includes a first authentication system having a plurality of first authentication services for performing user authentication and a second authentication system having a plurality of second authentication services for performing user authentication. An authentication system having an authentication system, wherein the second authentication system is activated by the same type of authentication service as the authentication service of the second authentication system among the plurality of first authentication services. Confirmation means for confirming whether or not the first authentication service of the same type as the first authentication service confirmed not activated by the confirmation means may be activated, Inquiry means for making an inquiry to the authentication system, and starting the second authentication service of the same type as the first authentication service according to the result of the inquiry by the inquiry means And having a control means for controlling.

  A computer-readable storage medium storing the program according to claim 7 constitutes the present invention.

  According to the present invention, the first authentication system can control whether or not the authentication service can be used in the second authentication system.

It is a block diagram which shows the network structure containing the authentication system which concerns on the 1st Embodiment of this invention. 2 is a block diagram illustrating a hardware configuration of the image forming apparatus. FIG. 2 is a block diagram illustrating a software configuration and stored information of the image forming apparatus. FIG. It is a figure which shows an example of the interface for application management. It is an example of a display of a user interface on an operation panel. It is a conceptual diagram which shows an example of the setting content of starting setting information, and a conceptual diagram which shows the setting example of service starting setting. It is a figure which shows an example of the user interface for the relationship between starting setting information, UI, a program, and service starting setting, and start / stop setting. It is a figure which shows the structural example of a 1st authentication system. It is a flowchart of the starting process of the 2nd authentication system in the structure which does not use / uses a setting function in this Embodiment. It is a figure which shows the example by the starting state of the service in a 1st, 2nd authentication system. FIG. 6 is a block diagram illustrating a software configuration of an image forming apparatus according to a second embodiment. It is a flowchart of the starting process of the 2nd authentication system in the structure which does not use / uses a setting function in 2nd Embodiment.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

(First embodiment)
FIG. 1 is a block diagram showing a network configuration including an authentication system according to the first embodiment of the present invention. In this network, an image forming apparatus 101 and a plurality of PCs (personal computers) 102 and 103 are connected to a LAN (local area network) 105. An image forming apparatus 101 which is an example of a device is an MFP (multifunction peripheral device), a printer, a fax machine, a copier, or the like.
The image forming apparatus 101 and the PCs 102 and 103 can communicate with each other via the LAN 105. Note that a plurality of image forming apparatuses or three or more PCs may be connected to the LAN 105.

<Hardware configuration of image forming apparatus>
FIG. 2 is a block diagram illustrating a hardware configuration of the image forming apparatus 101. In the image forming apparatus 101, the CPU 2001 controls the entire image forming apparatus 101. The ROM 2002 stores software programs executed by the CPU 2001 and font data. A RAM 2003 is used for a work area of the CPU 2001, a reception buffer, and image drawing. An HDD (hard disk) 2004 records data such as software program codes and user authentication information. The operation panel 2005 includes various switches, buttons, and a liquid crystal display unit for message display (all not shown). The IC card reading device 2006 is a device for reading an IC card used for user authentication. A network interface (I / F) 2007 is an interface for connecting to a network. A printer engine 2008 performs printing on recording paper. In addition to this, the image forming apparatus 101 includes hardware components (not shown) such as a scanner and a facsimile.

<Software Configuration and Storage Information of Image Forming Apparatus>
FIG. 3 is a block diagram illustrating a software configuration and stored information of the image forming apparatus 101. The image forming apparatus 101 includes a first authentication system 304 and a second authentication system 311. In addition, a device driver group 301, an operating system 302, and an application platform 303 are provided. Furthermore, a system applet 320, a system servlet 321, a system web service 322, an applet 323, a servlet 324, and a web service 325 are provided. The image forming apparatus 101 also includes a storage device 300. The storage device 300 is assumed to be the HDD 2004 illustrated in FIG. 2 as an example. However, the RAM 2003 or an external storage may be used. With these configurations, the authentication system according to the present embodiment is configured in the image forming apparatus 101.

  The device driver group 301 is a device driver group for controlling the various types of hardware described above. The application platform 303 is an application platform for controlling installation / uninstallation, start / stop, and the like of an embedded application of the image forming apparatus 101. For example, the application platform 303 can be configured to include a JAVA (registered trademark) platform and an OSGi framework. Here, the OSGi framework is a JAVA (registered trademark) -based service platform defined by OSGi Alliance (standardization organization).

  In the application platform 303, in addition to the system application provided in the image forming apparatus 101 from the time of factory shipment, an administrator of the image forming apparatus 101 can additionally register an application. The second authentication system 311, the system applet 320, the system servlet 321, and the system Web service 322 correspond to system applications provided from the time of shipment from the factory. The application that is additionally registered corresponds to the first authentication system 304, the applet 323, the servlet 324, and the Web service 325.

  The application platform 303 provides a servlet having a user interface for managing applications. This application management interface is shown in FIG. The administrator of the image forming apparatus 101 designates an application execution file (JAR (Java (registered trademark) ARchive) file) using an application management interface (FIG. 4) via the network. Then, additional installation and management of applications can be performed.

  An execution program for executing the software is stored in a nonvolatile storage area (ROM 2002 and / or HDD 2004 storage area). These execution programs are copied to the RAM 2003 after the image forming apparatus 101 is turned on and executed by the CPU 2001. An execution file of an application additionally installed by the administrator is also recorded in the HDD 2004.

<Authentication system>
The first authentication system 304 and the second authentication system 311 are authentication systems for specifying a user who uses the image forming apparatus 101. These authentication systems are also configured as embedded applications that operate on the application platform 303. The first authentication system 304 is an authentication system that is additionally installed in the image forming apparatus 101 by the administrator of the image forming apparatus 101. A plurality of types of first authentication systems may be installed by the administrator. If the administrator has not additionally installed any authentication system, the first authentication system 304 does not exist in the image forming apparatus 101. The second authentication system 311 is an authentication system provided in the image forming apparatus 101 from the time of shipment from the factory, and is always present in the image forming apparatus 101. When the first authentication system 304 does not exist, the second authentication system 311 is always activated, and the second authentication system 311 authenticates the user.

  The first authentication system 304 and the second authentication system 311 respectively perform a first user authentication for each of a plurality of types of authentication request accesses, a “first authentication service group”, and a second user authentication. A “second authentication service group” is provided. In the present embodiment, the “first authentication service group” includes three types of local authentication service 305, HTTP authentication service 306, and SOAP authentication service 307 (FIG. 4). The “second authentication service group” includes three types of local authentication service 312, HTTP authentication service 313, and SOAP authentication service 314 (FIG. 4). Services other than these may be included in the first and second authentication service groups.

  Hereinafter, the first and second authentication service groups may be referred to as first and second authentication services. In addition, when the local authentication service, the HTTP authentication service, and the SOAP authentication service are referred to separately, they are referred to as “type of authentication service”. For example, since the local authentication service 305 and the local authentication service 312 are both local authentication services, they are referred to as the same type of authentication service. The HTTP authentication services 306 and 313 are the same type, and the SOAP authentication services 307 and 314 are the same type of authentication service. In addition, about each of these authentication services, it may describe only with a code | symbol.

  The local authentication services 305 and 312 are authentication services for authenticating a user who uses the image forming apparatus 101 from the operation panel 2005. In these authentication services, the image forming apparatus 101 displays a user interface as shown in FIG. 5A on the operation panel 2005 when there is an operation instruction as an authentication request access from a user, for example. In this user interface, the user authentication (user ID) and password input are received from the user as user authentication information, and user authentication is performed. Alternatively, as shown in FIG. 5B, a message such as “Please hold the IC card over the IC card reader” is displayed on the operation panel 2005. Then, the user authentication may be performed based on the IC card information acquired from the IC card reading device 2006 (FIG. 2) as the user authentication information.

  Information about the user authenticated by the local authentication services 305 and 312 is notified to the system applet 320 and the applet 323 via the application platform 303. The local authentication services 305 and 312 register the service name “Local Login Service” in the application platform 303 when the service is activated.

  The HTTP authentication services 306 and 313 are authentication services for authenticating a user who uses a servlet application such as the system servlet 321 or the servlet 324 using a Web browser. In these authentication services, for example, the image forming apparatus 101 detects an access (authentication request access) based on an HTTP protocol from a PC terminal (PC 102, 103, etc.) on the network, and stores the user authentication information on the PC terminal side. Operates to ask for transmission. User authentication can be performed by analyzing user authentication information included in the HTTP header received from the PC terminal. An authentication method using an HTTP header is defined in RFC2617 and RFC4559. The HTTP authentication service conforms to RFC2617 and RFC4559.

  Information on the user authenticated by the HTTP authentication services 306 and 313 is notified to the system servlet 321 and the servlet 324 via the application platform 303. The HTTP authentication services 306 and 313 register the service name “HTTP Login Service” in the application platform 303 when the service is activated.

  The SOAP authentication services 307 and 314 are authentication services for authenticating users who use Web services such as the system Web service 322 and the Web service 325. In these authentication services, for example, the image forming apparatus 101 detects an access (authentication request access) using a SOAP protocol from a PC terminal on the network and operates to request the PC terminal to transmit user authentication information. To do. User authentication can be performed by analyzing user authentication information included in the SOAP message received from the PC terminal. An authentication method using a SOAP message is defined by OASIS (Organization for the Advancement of Structured Information Standards). That is, standards such as WS-Security and WS-Trust are defined by OASIS. The SOAP authentication service conforms to these standards.

  Information about the user authenticated by the SOAP authentication services 307 and 314 is notified to the system Web service 322 and Web service 325 via the application platform 303. The SOAP authentication services 307 and 314 register the service name “SOAP Login Service” in the application platform 303 when the service is activated.

  The storage device 300 stores user authentication information 310 and 317, activation setting information 318, and service activation setting 319. The service activation setting 319 is “setting information” in which whether or not each of the second authentication services can be activated in the second authentication system 311 is set. User authentication information 310 is used by the first authentication system 304, and user authentication information 317 is used by the second authentication system 311.

  The first authentication system 304 and the second authentication system 311 include user authentication information management units 308 and 315, respectively. The user authentication information management units 308 and 315 access the storage device 300 and refer to the stored user authentication information 310 and 317. The user authentication information 310, 317 is stored by separate user registration. The user authentication information management units 308 and 315 may be configured to include a user interface for the administrator of the image forming apparatus 101 to register / edit / delete / reference user authentication information. The first authentication system 304 and the second authentication system 311 perform user authentication by comparing and verifying user authentication information acquired by each authentication service and user authentication information 310 and 317, respectively.

  The user authentication information 310 and 317 may be different in the storage area in the storage device 300 and the contents of the stored user authentication information. For example, the second authentication system 311 stores a user account and password as the user authentication information 317, whereas the first authentication system 304 uses the IC card information held by the user as the user authentication information 310. May be stored. In this case, the local authentication service 305 performs user authentication by comparing and verifying the IC card information acquired from the IC card reader 2006 and the IC card information acquired from the user authentication information 310.

  The first authentication system 304 includes an inquiry response service 309. The inquiry response service 309 is a service for responding to an inquiry about whether or not the authentication service can be activated from the second authentication system 311. The inquiry response service 309 holds “response information” in which whether or not each of the second authentication service groups can be activated by the second authentication system 311 is held, and based on this “response information” Answer the query. The response information of the inquiry response service 309 is defined by default, but may be configured so that the administrator can set or change it later.

  The inquiry response service 309 registers the service name “Default Login Activation Service” in the application platform 303 when the service is activated.

  The second authentication system 311 includes a service activation management unit (confirmation means, inquiry means, control means) 316. The service activation management unit 316 controls activation / deactivation of the second authentication service group (services 312, 313, and 314). The service activation management unit 316 can access the activation setting information 318 of the storage device 300 and change the setting value.

  FIG. 6A is a conceptual diagram illustrating an example of setting contents of the activation setting information 318. FIG. 6B is a conceptual diagram illustrating a setting example of the service activation setting 319. FIG. 7A is a diagram showing the relationship between the start setting information 318, the user interface (UI) and program for start / stop setting, and the service start setting 319. FIGS. 7B and 7C are diagrams illustrating an example of an operation screen (user interface) for setting start / stop.

<System applet 320>
A system applet 320 shown in FIG. 3 is an application that uses an operation panel 2005, and the image forming apparatus 101 is provided from the time of factory shipment. The user can use the system applet 320 after being authenticated by the local authentication service 305 or the local authentication service 312. The system applet 320 includes a user interface (UI) 701 (FIG. 7A) displayed on the operation panel 2005 in order to perform start / stop settings for the second authentication service group (312, 313, 314). The UI 701 is a “setting function” that can be used by a user who has been authenticated by the local authentication service 305 (successfully authenticated). A value set or changed by the user in the UI 701 is recorded in the service activation setting 319.

<System servlet 321>
The system servlet 321 is a servlet provided in the image forming apparatus 101 from the time of shipment from the factory, and can be used from a Web browser of a PC via a network. The user can use the system servlet 321 after being authenticated by the HTTP authentication service 306 or the HTTP authentication service 313. The system servlet 321 includes a UI 702 (FIG. 7A) for displaying an operation screen for performing start / stop setting of the second authentication service group (312, 313, 314) on the Web browser of the PC. Specifically, the UI 702 is a Web page described in HTML or the like for displaying an operation screen on a Web browser of a PC. The UI 702 is a “setting function” that can be used by a user who has been authenticated by the HTTP authentication service 306 (successfully authenticated). The value set or changed by the user in the UI 702 is recorded in the service activation setting 319.

<System Web Service 322>
The system Web service 322 is a Web service using SOAP communication that the image forming apparatus 101 has provided since factory shipment, and can be used from an application on a PC via a network. The user can use the system Web service 322 after being authenticated by the SOAP authentication service 307 or the SOAP authentication service 314. The system Web service 322 includes a Web service program 703 (FIG. 7A) for performing start / stop setting of the second authentication service (312, 313, 314). The Web service program 703 is a “setting function” that can be used by a user who has been authenticated by the SOAP authentication service 307 (successfully authenticated). The value set or changed by the Web service program 703 is recorded in the service activation setting 319.

  As described above, the UI 701, the UI 702, and the program 703 are interfaces (UI, API (Application Program Interface)) for setting start / stop of the second authentication service group (services 312, 313, and 314). These “setting functions” are for accepting the setting or change of the service activation setting 319 from an authenticated user. In the activation setting information 318 shown in FIG. 6A, whether or not each of the activation settings of the second authentication service using the UI 701, the UI 702, and the program 703 is possible, that is, whether or not the user can set or change the setting; A setting value indicating invalidity is recorded. In FIG. 6A, “TRUE” indicates that activation setting is possible (valid), and “FALSE” indicates that activation setting is not possible (invalid). It is assumed that the setting values of the items of the activation setting information 318 are all set to “FALSE” as initial values (default).

  In the service activation setting 319 (FIG. 6B), “TRUE” indicates “start” and “FALSE” indicates “not start (stop)” regarding the start / stop control of each authentication service. In the service activation setting 319, it is assumed that TRUE is recorded as an initial value when the image forming apparatus 101 is shipped from the factory.

  In FIG. 6A, values indicated by reference numerals 601 to 603 define whether or not the UI 701 can be used among the setting functions for each type of the second authentication service. Values indicated by reference numerals 603 to 606 define whether or not the UI 702 can be used among the setting functions for each type of the second authentication service. Values indicated by reference numerals 607 to 609 define whether or not the program 703 can be used among the setting functions for each type of the second authentication service. Therefore, the second authentication system 311 can provide the setting function for each type of the first authentication service (for each of the services 305, 306, and 307).

  As illustrated in FIGS. 7B and 7C, the UI 701 or UI 702 displays an item for accepting the setting for starting / stopping the second authentication service group (services 312, 313, and 314). The Among the services set in the activation setting information 318, the service that is “TRUE” is displayed on the UI 701 and UI 702, and setting or change (setting to start / not start) can be accepted.

  The system applet 320 refers to the setting values (reference numerals 601, 602, 603) of the activation setting information 318 at the time of activation, and only items (authentication service) whose setting value is TRUE are stored in the UI 701 (FIG. 7B). indicate. For example, in the example of FIG. 6A, since the values 602 and 603 of the symbols 601, 602, and 603 are TRUE, the symbols 801 and 802 (HTTP authentication service 313, SOAP authentication service 314) are displayed in the UI 701. ) Only appears.

  In addition, the system servlet 321 refers to the setting values (reference numerals 604, 605, and 606) of the activation setting information 318 when the system servlet 321 is activated, and the UI 702 (FIG. 7C) shows only items (authentication services) whose setting values are TRUE. To display. For example, in the example of FIG. 6A, since the value of the reference numeral 606 is TRUE among the reference numerals 604, 605, and 606, only the reference numeral 803 (SOAP authentication service 314) is displayed on the UI 702.

  The system Web service 322 refers to the setting values (reference numerals 607, 608, and 609) of the activation setting information 318 when the system Web service 322 is activated, and enables the Web service program corresponding to the item (authentication service) whose setting value is TRUE. (Not shown). For example, in the example of FIG. 6A, since the value of the reference numeral 608 among the reference numerals 607, 608, and 609 is TRUE, the Web service program corresponding to the HTTP authentication service 313 is used in the Web service program 703. to enable.

  In the UI 701, UI 702, and Web service program 703, when an instruction from a user is received and the setting is changed, this is reflected in the service activation setting 319 (FIG. 6B) as needed. For example, in the setting example of FIG. 7B, since the HTTP authentication service 313 and the SOAP authentication service 314 are set to “start”, the service start setting 319 (FIG. 6B) The setting value is “TRUE”. The service activation management unit 316 refers to the service activation setting 319 and controls activation / deactivation of each second authentication service. Accordingly, in the UI 701, UI 702, and program 703, the user can instruct the authentication service to be activated by selecting “activation” for the acceptable authentication service.

  Incidentally, the first authentication system 304 does not necessarily include all of the first authentication service group (services 305, 306, and 307) and the inquiry response service 309. For example, there may be a configuration including only the local authentication service 305 and the user authentication information management unit 308 as illustrated in FIG. Alternatively, there may be a configuration including only the local authentication service 305, the HTTP authentication service 306, and the user authentication information management unit 308 as illustrated in FIG. Alternatively, there may be a configuration including only the local authentication service 305, the SOAP authentication service 307, and the user authentication information management unit 308 as illustrated in FIG.

<Applet 323, Servlet 324, Web Service 325>
An applet 323 illustrated in FIG. 3 is an application that uses an operation panel 2005. The user can use the applet 323 after being authenticated by the local authentication service 305 or the local authentication service 312.

  The servlet 324 is an application that includes a servlet. The user can use the servlet 324 after being authenticated by the HTTP authentication service 306 or the HTTP authentication service 313.

  The web service 325 is an application provided with a web service. The user can use the Web service 325 after being authenticated by the SOAP authentication service 307 or the SOAP authentication service 314.

<Authentication service startup process>
Next, processing from when the image forming apparatus 101 is powered on until the authentication service of the image forming apparatus 101 becomes available will be described. When the image forming apparatus 101 is turned on, various programs are loaded from the ROM 2002 or HDD 2004 into the RAM 2003. Then, the device driver group 301, the operating system 302, and the application platform 303 are sequentially activated. Next, the application platform 303 activates the first authentication system 304 when the additionally installed first authentication system 304 is set to be activated.

  The first authentication system 304 activates a first authentication service included in itself, and registers, in the application platform 303, an instance in which each service name and an API for using each service are mounted. Next, the application platform 303 activates the second authentication system 311. Next, the activation process of the second authentication system 311 will be described with reference to the flowcharts of FIGS.

  Here, in the present embodiment, the setting function (UI 701, UI 702, program 703) is configured so that the user can change the setting of the service activation setting 319, and such a setting change cannot be performed. It is possible to configure. FIG. 9A shows the process when the user cannot change the service activation setting 319. On the other hand, when the setting change of the service activation setting 319 can be performed by the user, a process in which steps shown in FIG. 9B are added to the process in FIG. 9A is executed.

  FIG. 9A is a flowchart of activation processing of the second authentication system 311 when the setting change of the service activation setting 319 cannot be performed using the setting function in the present embodiment. This activation process starts when the image forming apparatus 101 is powered on. Alternatively, the execution may be started every time there is an authentication request access from the user.

  The service activation management unit 316 first checks activation of the first authentication service group (305, 306, 307). Then, it is determined whether or not an authentication service of the same type as the authentication service (second authentication service) included in the second authentication system 311 is activated in the first authentication system 304 (step S101).

  Specifically, the service activation management unit 316 determines activation of each type of first authentication service depending on whether a service name is registered in the application platform 303. The service names referred to here are the above-mentioned “Local Login Service”, “HTTP Login Service”, and “SOAP Login Service”. For example, if only “Local Login Service” is registered, it is determined that the local authentication service is activated, but other types of authentication services (HTTP authentication service and SOAP authentication service) are not activated.

  If an authentication service of the same type as the authentication service included in the second authentication system 311 is activated in the first authentication system 304, the service activation management unit 316 ends this process. That is, the second authentication service of the same type as the first authentication service is not activated. For example, when the local authentication service 305 is activated, the local authentication service 312 is not activated because authentication can be performed by the local authentication service 305.

  On the other hand, when the first authentication service of the same type as the second authentication service is not activated, the service activation management unit 316 sets the second authentication service as “activation determination target”. Then, the first authentication system 304 is inquired about whether or not the activation determination target can be activated (step S102). Accordingly, the authentication service of the same type that has not been activated becomes an “activation determination target”, that is, an inquiry target.

  Specifically, the inquiry is made as follows. The service activation management unit 316 checks whether the service name “DefaultLoginActivationService” is registered in the application platform 303. Thereby, it is confirmed whether or not the inquiry response service 309 is activated. If the inquiry response service 309 is activated, the service activation management unit 316 calls the inquiry response service 309 via the application platform 303 and inquires whether the activation determination target can be activated.

  Next, the service activation management unit 316 determines whether or not the inquiry in step S102 has succeeded (whether or not the activation activation target “activation determination target” has been acquired from the inquiry response service 309) (step S103). If the inquiry is successful as a result of the determination, the service activation management unit 316 controls activation / deactivation of the “activation determination target” according to the activation availability information acquired from the inquiry response service 309 (step S104). Thereafter, this process is terminated.

  As described above, in the configuration that does not use the setting function, activation / deactivation is controlled according to the inquiry response service 309 that retains default response information, or the service activation setting 319 that is set by default or by the administrator. . Therefore, the first authentication system 304 can control whether or not the second authentication system 311 can use the second authentication service.

  FIG. 9B is a part of a flowchart of activation processing of the second authentication system 311 in the configuration using the setting function in the present embodiment. The process of FIG. 9B is executed by being inserted between the “NO” determination in step S103 of FIG. 9A and step S105. That is, in the process of FIG. 9A, the second authentication system in which the process of FIG. 9B is inserted between step S103 and step S105 can change the setting of the service activation setting 319 by the user. 311 is an activation process.

  If the inquiry fails as a result of the determination in step S103, the service activation management unit 316 determines whether a first authentication service of a type different from the “activation determination target” is activated (step S201). ). As a result of the determination, the service activation management unit 316 advances the process to step S202 when the first authentication service of a type different from the “activation determination target” is activated.

  In step S202, the service activation management unit 316 uses a setting function that is different from the “activation determination target” and that can be used after successful authentication of the activated first authentication service. Set acceptance of start setting to “permitted”.

  As described above, setting the acceptance of the activation setting to “permitted” means that the setting or setting change of the service activation setting 319 (FIG. 6B) by the setting function (UI 701, UI 702, program 703) is authenticated. It is to be accepted from the user. For this purpose, in step S202, the setting value of the item corresponding to the setting function that can be used in the activation setting information 318 and the same type as the “activation determination target” is set to “TRUE”. Thereafter, the service activation management unit 316 advances the process to step S203.

  On the other hand, if the first authentication service of a type different from the “activation determination target” is not activated in step S201, the service activation management unit 316 proceeds to step S203 without executing step S202. . In step S203, the service activation management unit 316 disables all acceptance of activation settings using a setting function that can be used without receiving authentication of the first authentication service.

  These aspects are illustrated using FIG. First, as shown in FIG. 10A, consider a case where only the local authentication service 305 is activated in the first authentication system 304. For example, when the “activation determination target” is the HTTP authentication service 313, the local authentication service 305, which is a different type from the “activation determination target”, is activated. Accordingly, in step S202, the service activation management unit 316 sets, in the activation setting information 318, the activation setting permission / inhibition setting value (reference numeral 602 in FIG. 6A) of the HTTP authentication service 313 that is the “activation determination target”. TRUE ”. As a result, items for accepting the setting for starting / stopping the HTTP authentication service 313 are displayed on the UI 701 (FIG. 7A) of the system applet 320 (reference numeral 801 in FIG. 7B). Then, the user can set the start / stop (that is, start / not start) of the HTTP authentication service 313 using this reception item.

  In this case, in step S203, accepting a setting function that can be used without receiving authentication of the first authentication service becomes “impossible”. That is, the values of reference numerals 604 to 609 in FIG. 6A are set to “FALSE”.

  In a similar case (shown in FIG. 10A), consider a case where the “activation determination target” is the SOAP authentication service 314. In this case, the service activation management unit 316 sets, in the activation setting information 318, the activation setting permission / inhibition setting value of the SOAP authentication service 314 that is the “activation determination target” (reference numeral 603 in FIG. 6A) “TRUE”. Set to. As a result, items for accepting the setting for starting / stopping the SOAP authentication service 314 are displayed on the UI 701 (FIG. 7A) of the system applet 320 (reference numeral 802 in FIG. 7B). Then, the user can set activation / deactivation of the SOAP authentication service 314 using this acceptance item.

  For the reference numerals 601 to 609 in FIG. 6A, once the value is set to “TRUE”, it is maintained until it is set to “FALSE” by the process of step S203 in FIG. Is done. Therefore, in the case shown in FIG. 10A, when the authentication request access of the HTTP authentication service 313 and the authentication request access of the SOAP authentication service 314 are made regardless of the order, the UI 701 is shown in FIG. Two such received items are displayed.

  When the HTTP authentication service 306 is activated and the “activation determination target” is the SOAP authentication service 314, the service activation management unit 316 includes the code of FIG. 6A in the activation setting information 318 in step S202. The value of 606 is set to “TRUE”. As a result, as shown in FIG. 7C, the UI 702 of the system servlet 321 displays items for accepting the setting for starting / stopping the SOAP authentication service 314.

  Note that the processes of FIGS. 9A and 9B may be performed in parallel. For example, in the case shown in FIG. 10A, when both the HTTP authentication service 313 and the SOAP authentication service 314 are “startup determination targets”, reference numerals 602 and 603 in FIG. Is set to “TRUE”.

  Note that in step S203 in FIG. 9B, accepting activation settings using a setting function that is different from the “activation determination target” and that can be used after successful authentication of the first authentication service that has not been activated. All were set to “impossible”. However, as long as it is limited to preventing inappropriate use by anonymous users, it is not limited to this, and only accepting the activation setting of “activation determination target” using the setting function is set to “impossible”. Also good. Also, accept all startup settings using the setting function that can be used after successful authentication of the first authentication service that is the same type as the “startup judgment target” and has not been started. Also good.

  After the process in step S203, the service activation management unit 316 advances the process to step S105 in FIG. When settings are changed using the UI 701, UI 702 (illustrated in FIGS. 7B and 7C), the program 703, etc., according to the availability specified by the activation setting information 318, this is changed to the service activation setting 319 as needed. Reflected. Accordingly, in step S105 after the processing of FIG. 9B, if the setting has been changed by the user so far, the start / stop control based on the service start setting 319 after the setting change is performed. become. Alternatively, the service activation setting 319 after the setting change may be configured to be referred to by the service activation management unit 316 when the image forming apparatus 101 is activated next time.

  In addition, after the process of step S202 or step S203, the acceptance period of the starting setting using UI701, UI702, and program 703 may be ensured, and step S105 may be performed after that. Then, the possibility that the next step S105 can be executed with the content of the service activation setting 319 updated is increased.

  Incidentally, the arrows shown in FIGS. 10A to 10C indicate the flow of starting / stopping the second authentication service for the user. As described above, in the example of FIG. 10A, only the user authenticated by the local authentication service 305 is permitted to set the start / stop of the HTTP authentication service 313 or the SOAP authentication service 314 using the UI 701. As a result, only the user authenticated by the local authentication service 305 can be authenticated using the second authentication system 311, and the anonymous user inappropriately uses the device-specific second authentication system 311. Is prevented. Also, the setting for starting / stopping the second authentication service using the system servlet 321 or the system Web service 322 is not permitted. Thereby, security is ensured.

  FIG. 10B illustrates a case where the local authentication service 305 and the HTTP authentication service 306 are activated and the SOAP authentication service 314 is “activation determination target”. In the process of step S202 in FIG. 9B, the service activation management unit 316 sets the setting values (reference numerals 603 and 606 in FIG. 6A) in the activation setting information 318 to “TRUE”. As a result, the user can set the start / stop of the SOAP authentication service 314 using the UI 701 of the system applet 320 and the UI 702 of the system servlet 321.

  FIG. 10C illustrates a case where the local authentication service 305 and the SOAP authentication service 307 are activated, and the HTTP authentication service 313 becomes “activation determination target”. In the process of step S202 in FIG. 9B, the service activation management unit 316 sets the setting values (reference numerals 602 and 608 in FIG. 6A) in the activation setting information 318 to “TRUE”. As a result, the user can set the start / stop of the HTTP authentication service 313 using the UI 701 of the system applet 320 and the Web service program 703 of the system Web service 322.

  According to the present embodiment, the first authentication system 304 controls whether or not the second authentication service group can be used in the second authentication system 311 according to the setting content of the response information of the inquiry response service 309. Is possible.

  Even if the inquiry to the inquiry response service 309 fails, the activation / deactivation target of the activation determination target is determined according to the setting contents of the predetermined service activation setting 319 (FIG. 6B) by the process of FIG. Stop is controlled. Accordingly, whether or not the second authentication service group can be used in the second authentication system 311 can be determined in advance on the first authentication system 304 side.

  In addition, by providing the processing of FIG. 9B, even when the inquiry to the inquiry response service 309 fails, the user can use the setting function that can be used after successful authentication of the first authentication service, It is possible to set whether to activate the second authentication service. Thereby, since the user can control the availability of the second authentication service, convenience is ensured. Moreover, since the user is limited to a user who has been successfully authenticated by the first authentication system, inappropriate use by an anonymous user can be prevented and security can be ensured.

(Second Embodiment)
In the first embodiment described above, the second authentication system 311 is configured to inquire of the first authentication system 304 whether the second authentication service can be activated. On the other hand, in the second embodiment, the first authentication system 304 is configured to have a function of requesting (requesting) each activation of the second authentication service to the second authentication system 311. The The second embodiment will be described with reference to FIGS. 11 and 12 instead of FIGS.

  FIG. 11 is a block diagram illustrating a software configuration of the image forming apparatus 101 according to the second embodiment. Although not shown, the image forming apparatus 101 includes a device driver group 301, an operating system 302, and an application platform 303. In addition, a system application (reference numerals 320, 321, and 322), an additionally registered application (reference numerals 323, 324, and 325), and a storage device 300 are also provided. These configurations are the same as those in the first embodiment.

  The first authentication system 304 does not include the inquiry response service 309, but a second authentication service activation request unit (request means) 1001 for requesting the second authentication system 311 to activate the second authentication service. Is provided. The second authentication system 311 includes a service activation request reception service (reception unit) 1002 that receives a request for activating the second authentication service from the second authentication service activation request unit 1001 of the first authentication system 304. Prepare.

  The request for starting the second authentication service is made for each of the second authentication service groups, and can be set by the administrator of the image forming apparatus 101. The request for starting the second authentication service is transmitted at an arbitrary timing according to an instruction from the administrator. Alternatively, a reservation may be made and transmitted when the image forming apparatus 101 is turned on next time.

  Also in the present embodiment, the configuration is configured such that the user can change the setting of the service activation setting 319 using the setting function (UI 701, UI 702, program 703), and the configuration in which such a setting change cannot be performed. Is possible. A configuration in which the setting of the service activation setting 319 by the user cannot be changed and a configuration in which the user can change the setting correspond to the processes in FIGS.

  FIG. 12A is a flowchart of the activation process of the second authentication system 311 in a configuration that does not use the setting function in the present embodiment. The execution start condition is the same as in FIG.

  First, in step S301, the service activation management unit 316 executes processing similar to that in step S101 in FIG. If a first authentication service of the same type as that of the second authentication service is activated, the service activation management unit 316 ends this process. On the other hand, if the first authentication service of the same type as the second authentication service has not been activated, the service activation management unit 316 selects the second authentication service of the same type as the authentication service related to the authentication request access. “Startup judgment target”. Then, the service activation management unit 316 determines whether or not the service activation request reception service 1002 has received the activation request from the second authentication service activation request unit 1001 for this “activation determination target” (step S302). ).

  As a result of the determination, if an activation request for “activation determination target” is received, the service activation management unit 316 controls activation / deactivation of “activation determination object” in accordance with the activation request (step S303). Thereafter, this process is terminated. On the other hand, when the activation request for “activation determination target” is not received, the service activation management unit 316 performs the same processing as in step S105 of FIG. That is, the activation / deactivation of the “activation determination target” is controlled according to the setting contents of the service activation setting 319 (FIG. 6B) (step S304). Thereafter, this process is terminated.

  By such processing, activation / deactivation of the “activation determination target” is controlled according to the content of the activation request in the second authentication service activation request unit 1001. Even when the activation / deactivation control of the “activation determination target” by the activation request in the second authentication service activation request unit 1001 cannot be performed, the setting contents of the predetermined service activation setting 319 (FIG. 6B) Accordingly, activation / deactivation of the activation determination target is controlled. Therefore, the first authentication system 304 can control whether or not the second authentication service group in the second authentication system 311 can be used. In this respect, an effect similar to that of the first embodiment can be obtained.

  FIG. 12B is a part of a flowchart of activation processing of the second authentication system 311 in the configuration using the setting function in the present embodiment. The step process of FIG. 12B is inserted and executed between “NO” determination in step S302 of FIG. 12A and step S304. The processing content of FIG.12 (b) is the same as step S201-S203.

  In this way, by providing the processing of FIG. 12B, it is possible to cope with the case where the activation / stop of the “activation determination target” cannot be controlled by the activation request in the second authentication service activation request unit 1001. That is, the user can set whether to activate the second authentication service by using a setting function that can be used after successful authentication of the first authentication service. Therefore, while ensuring convenience, inappropriate use by an anonymous user can be prevented and security can be ensured. In this respect, an effect similar to that of the first embodiment can be obtained.

  Note that the image forming apparatus 101 may include three or more authentication systems including the first authentication system 304 and the second authentication system 311. As a modification, the first authentication system 304 and the second authentication system 311 can be configured as the opposite positions to those in the above embodiments. The second authentication system 311 may be configured to control whether or not the first authentication service group in the first authentication system 304 can be used.

(Other examples)
The present invention can also be realized by executing the following processing. That is, software (program) that realizes the functions of the above-described embodiments is supplied to a system or apparatus via a network or various storage media, and a computer (or CPU, MPU, etc.) of the system or apparatus reads the program. It is a process to be executed.

  Although the present invention has been described in detail based on preferred embodiments thereof, the present invention is not limited to these specific embodiments, and various forms within the scope of the present invention are also included in the present invention. included. A part of the above-described embodiments may be appropriately combined.

Reference Signs List 101 Image forming apparatus 304 First authentication system 309 Inquiry response service 311 Second authentication system 316 Service activation management unit 319 Service activation setting 1001 Second authentication service activation request unit 1002 Service activation request reception service

Claims (7)

An authentication system having a first authentication system having a plurality of first authentication services for performing user authentication and a second authentication system having a plurality of second authentication services for performing user authentication,
The second authentication system includes:
Confirming means for confirming whether or not an authentication service of the same type as the authentication service of the second authentication system among the plurality of first authentication services is activated;
Inquiry means for inquiring the first authentication system as to whether or not the second authentication service of the same type as the first authentication service confirmed not to be activated by the confirmation means may be activated,
An authentication system comprising: control means for controlling activation of a second authentication service of the same type as the first authentication service according to a result of an inquiry by the inquiry means.   The control means, when an inquiry by the inquiry means fails, controls activation of a second authentication service of the same type as the first authentication service according to a predetermined setting. 1. The authentication system according to 1.   The first authentication system holds response information in which whether or not each of the second authentication services may be activated in the second authentication system, and in response to an inquiry by the inquiry means The authentication system according to claim 1, wherein a response is made in accordance with the response information. An authentication system having a first authentication system having a plurality of first authentication services for performing user authentication and a second authentication system having a plurality of second authentication services for performing user authentication,
The first authentication system has request means for requesting the second authentication system to start any one of the plurality of second authentication services,
The second authentication system includes:
Receiving means for receiving a request for activation of any of the plurality of second authentication services from the request means of the first authentication system;
Confirming means for confirming whether or not an authentication service of the same type as the plurality of second authentication services among the plurality of first authentication services is activated;
Control means for controlling the second authentication service of the same type as the first authentication service that has been confirmed not to be activated by the confirmation means to be activated when a request for activation is received by the receiving means And an authentication system. An authentication service control method in an authentication system having a first authentication system having a plurality of first authentication services for performing user authentication and a second authentication system having a plurality of second authentication services for performing user authentication. There,
In the second authentication system, a confirmation step of confirming whether or not an authentication service of the same type as the authentication service of the second authentication system is activated among the plurality of first authentication services;
In the second authentication system, whether or not the second authentication service of the same type as the first authentication service that has been confirmed not to be activated in the confirmation step may be activated. An inquiry process to inquire the system;
In the second authentication system, there is provided a control step for controlling activation of a second authentication service of the same type as the first authentication service according to a result of the inquiry in the inquiry step. Control method. A first authentication system having a plurality of first authentication services for performing user authentication; and a second authentication system having a plurality of second authentication services for performing user authentication. An authentication service control method in an authentication system having a function of requesting the second authentication system to start any one of the plurality of second authentication services,
In the second authentication system, a receiving step of receiving a request for activation of any of the plurality of second authentication services from the first authentication system;
In the second authentication system, among the plurality of first authentication services, a confirmation step for confirming whether or not an authentication service of the same type as the plurality of second authentication services is activated,
In the second authentication system, for a second authentication service of the same type as the first authentication service that has been confirmed not to be activated in the confirmation step, when a request for activation is received by the reception step, And a control step of controlling to start the authentication service.   A program for causing a computer to execute the authentication service control method according to claim 5 or 6.

Images