PDF with password protection using ABAP
This blog describes the procedure to email a PDF with password protection, as an attachment. Normally, we have a scenario where we convert the OTF output of a Smartfrom, or a spool request to PDF. Using third party tools, we can password protect the PDF.
I have used a third party tool provided by “Verypdf” to encrypt the PDF with password. We can use other tools based on the type of attachments, like ZIP or RAR files to encrypt the attachment with password. “Encrypt PDF Command Line “ from Verypdf allows you to encrypt the PDF with password using windows command prompt. You can use the trial version for testing purpose. The trial version comes with some limitations as listed below.
Limitations of the trial version:
- Popup message box.
- The trial version will only process the first half pages from the original PDF file.
- Removes Outlines, Metadata, AcroForm information from some special PDF documents.
- The original PDF should have more than one page.
Note: This tool needs the command prompt to encrypt the PDF. So the Operating system where the PDF is encrypted must be windows based.If you are using background processing, then the OS of the application server must be windows based. For front end processing the OS on the front end machine must be windows based.
Once you download the tool, extract the file into a folder. Start the DOS command line window (i.e. run “cmd” command from “Start Menu”->”Run”); then run the EncryptPDF command from the command line window (EncryptPDF software can be found in your EncryptPDF decompression directory). Refer to the help file in the extracted folder for more information:
EncryptPDF -i c:\sample.pdf -o c:\out.pdf -w owner -u user -l c:\out.log
EncryptPDF -i c:\sample.pdf -w owner -u user -e 40 -p
EncryptPDF -i c:\sample.pdf -w owner -u user -e 40 -k -828
EncryptPDF -i c:\pdfdir\ -o d:\ -w owner -p -c -m -l c:\error.log
We use a similar process to encrypt the PDF. SAP provides an option to run the external operating system commands in the front end or in background as well. Configure the external command using the transaction SM69. Refer to the below screenshot for information to be maintained as part of the configuration for EncryptPDF command.
I have used the function module “SXPG_COMMAND_EXECUTE” to execute the configured external operating system command. There are other function modules in the function group “SXPT”, that can be used for external command processing. The other advantage of this FM is that you can execute the program in background as well. I have created a working directory for encryption in AL11. I have copied the EncryptPDF command line .exe file into the working directory.
Before we execute the external operating system command, the source PDF file which has to be encrypted must be created in the working directory. In this scenario, once the OTF is converted into PDF for email attachment, the PDF data(LT_ATTACH) is in the internal table of type “SOLISTI1”.
Refer to the link(http://scn.sap.com/people/pavan.vudaga/blog/2012/06/16/email-hr-payslips-as-pdf-attachment) to get more information on how to convert the spool OTF to PDF data. Using datasets, transfer the PDF content from the program to the working directory.
OPEN DATASET LV_FILE_SRC FOR OUTPUT IN BINARY MODE.
CHECK SY-SUBRC IS INITIAL.
LOOP AT LT_ATTACH INTO LS_ATTACH.
TRANSFER LS_ATTACH TO LV_FILE_SRC.
CLOSE DATASET LV_FILE_SRC.
Once the source file is created in the working directory, then the external system command can be executed. We can pass additional parameters from the ABAP program like the input file, output file and password etc to the function module “SXPG_COMMAND_EXECUTE”. When the EncryptPDF command executes successfully, then the output file with password protection is created. Using datasets, read the file content into a variable of type “XSTRING”. I had to use Xstring(LV_XSTR_CONTENT), as there were some errors when reading the file and the final output contained garbage values. Convert xstring to SOLIX(LT_ATTACH_HEX) and send the PDF attachment as an email.
CONCATENATE ‘-i’ LV_FILE_SRC ‘-o’ LV_FILE_DST ‘-u’ LV_PASSWORD INTO LV_PARAM SEPARATED BY SPACE.
CALL FUNCTION ‘SXPG_COMMAND_EXECUTE’
COMMANDNAME = ‘ZENCRYPT_PDF’
ADDITIONAL_PARAMETERS = LV_PARAM
STATUS = LV_STATUS
EXEC_PROTOCOL = LT_EXEC
NO_PERMISSION = 1
COMMAND_NOT_FOUND = 2
PARAMETERS_TOO_LONG = 3
SECURITY_RISK = 4
WRONG_CHECK_CALL_INTERFACE = 5
PROGRAM_START_ERROR = 6
PROGRAM_TERMINATION_ERROR = 7
X_ERROR = 8
PARAMETER_EXPECTED = 9
TOO_MANY_PARAMETERS = 10
ILLEGAL_COMMAND = 11
WRONG_ASYNCHRONOUS_PARAMETERS = 12
CANT_ENQ_TBTCO_ENTRY = 13
JOBCOUNT_GENERATION_ERROR = 14
OTHERS = 15.
IF SY-SUBRC <> 0.
* Implement suitable error handling here
OPEN DATASET LV_FILE_DST FOR INPUT IN BINARY MODE.
CHECK SY-SUBRC IS INITIAL.
READ DATASET LV_FILE_DST INTO LV_XSTR_CONTENT.
CLOSE DATASET LV_FILE_DST.
CHECK LV_XSTR_CONTENT IS NOT INITIAL.
CALL METHOD CL_BCS_CONVERT=>XSTRING_TO_SOLIX
IV_XSTRING = LV_XSTR_CONTENT
ET_SOLIX = LT_ATTACH_HEX.