[IPP] Overloading Validate-Job Operation Request.

[IPP] Overloading Validate-Job Operation Request.

Manchala, Daniel Daniel.Manchala at xerox.com
Tue Oct 1 05:14:48 UTC 2013


Current day printer driver user interfaces esp. those for mobile clients need a  UI that  displays only those capabilities that a user has before submitting a job (or grey out those features that are not available to certain users who do not have the authorization / privileges / rights to use those features).  We discussed the merits of using Validate-Job.

The problem with Validate-Job as we discussed in one of our earlier IPP meetings is this (using a scenario):  If there is a request for simplex printing in the Validate-Job request it means the user interface already allowed the user to select simplex printing. The desired scenario is that the UI only present the user (at the client interface) with the capabilities they have.  So I don't know that Validate-Job is useable to check for user capabilities (that the client uses first to determine capabilities).

Using the current definition of Validate-Job, one needs to perform job programming and validate it by sending a set of attributes regarding how the user wants their job to be programmed or processed. This is not helpful for an UI (esp. mobile clients) that want to display to the user only those capabilities that the user is authorized to use (which is a sub set of all the Printer capabilities or a super set of a guest user whose capabilities are returned by a Get-Printer-Attributes request).

The request is to add a new operation "Get-User-Capabilities" wherein one submits user's credentials along with the operation request so that the operation response contains a "job-authorization-uri" which in turn can be used to obtain those capabilities of the Printer that the user has authorization to use or the operation response just contains the user's capabilities for the Printer.

In the former case, we need to make the following one small change to the IPP Transaction Based Printing spec.

Section 6.1.2 "job-authorization-uri (uri)" states:

The "job-authorization-uri" operation attribute specifies an implementation-specific URI representing an authorization or reservation code for a print job creation request. It is returned by the Validate-Job operation (section 7.2) and supplied in the Create-Job, Print-Job, and Print-URI operations (section 7.1).

This should be extended as:

The "job-authorization-uri"  would be returned by the new "Get-User-Capabilities" operation request. The authorization or reservation code represented by the "job-authorization-uri" could be used by Get-Printer-Attributes request to return the authenticated user capabilities.

The reason to make this change is because the unauthorized Get-Printer-Attributes returns a limited set of capabilities (e.g., the set of capabilities of a guest user) on a system that has authentication enabled.

If it is not acceptable to extend the semantics of "job-authorization-uri", could we create a "user-authorization-uri" that could be used to get the user's capabilities?

Thanks,
Daniel.




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20131001/ff3c09ef/attachment.html>


More information about the ipp mailing list