After a tap on the button in the main menu this panel is shown. See Section 4.2, “Menu”.
All non-deleted users are listed alphabetically by default. A different selection and sorting can be entered: see Figure 4.22, “Admin Web App: User - Select and Sort”.
The list can be traversed by tapping one of the buttons at the pager at the top or bottom of the page.
An entry is displayed for each user, with identifying data and some usage statistics. From top to bottom:
The user's role or status (at the top right corner).
An inline pagometer Pie-Chart followed by the user id. The blue color in the chart represents the number of pages printed to SavaPage. The green color represents the number of pages exported to PDF. The red color depicts the pages printed to Proxy Printers.
The user id of an Internal User is shown with an orange color.
The full name and email address.
If applicable, the User Name Aliases the user is known by.
The period in which user activity was accumulated on the pagometer.
The account balance and the pagometer including the number of jobs and bytes printed to any SavaPage Queue.
The size of the user's SafePages home.
More user details are discussed in Section 126.96.36.199, “User List Item”.
Tap the Section 4.4.4, “Edit User”.button to change or delete the user. See
Deleted Users cannot be edited.
The Section 3.8.2, “Transactions” in the User Web App chapter.button brings you to the list of financial transactions on the user's account. For a detailed description of this list see
The rightmost Section 4.4.2, “Download Personal Data”.button opens a pop-up where personal user data can be downloaded. See
Due to Admin Privileges certain buttons might not be visible.
Users can be selected by Group and by entering a part (fragment) of their (display) Name or Email. So entering "son" as ID will select both "jason" and "sonja".
Select the Type, Role and (Deleted) Status. The button will select both option values.
The list can be sortedor on Name ID or Email.
Tap the button to (re)display the list.
A tap on the button resets the selection and sort fields to their default values.
The PDF and CSV buttons downloads the User List in their respective formats, using the selection item values.
The minus icon collapses the Select and Sort section.
Each Users List Item displays the resolved number of enabled and disabled User Roles, Group Roles, User Privileges and Admin Privileges objects with their respective icon. User Roles are displayed next to the User ID. Objects that are resolved by User Group membership are shown below. A green color means that the objects are enabled, a red color means they are disabled. A description of the objects is displayed as a tooltip when pointed to with the mouse. An example item is shown below.
This pop-up opens when the rightmost User List.button is pressed in an entry from the
Erased Users have their personal data cleared. Since their ID is empty, an “anonymous” placeholder with date/time of erasure is used for display.
This chapter describes the editable sections of the User entity.
Some data you edit, like the Name, Primary email, Card Number and ID Number might be overwritten by values from the user source during synchronization. See Section 188.8.131.52, “LDAP” and Section 4.11.2, “User Creation”.
The user's full Name can be edited. Remember this name can be overwritten for an external User as a result of user synchronisation. See Section 4.11.2, “User Creation”.
Assign the Administrator role by ticking the checkbox.
Tick thecheckbox to deny the user access to the SavaPage application.
When a User becomes Abstract its SafePages are removed.
User Roles are needed to access certain application objects, as shown in the table below.
Job Ticket Creator
Job Ticket Operator
Mail Ticket Operator
reserved for future use.
Print Job Creator
Print Job Delegate
Delegated Print and Users and Groups with role “Print Job Delegator” for Delegated Print.
Print Job Delegator
This is a passive role. Delegators can be accessed by users with role “Print Job Delegate”.
Print Site Operator
Table 4.2. User Roles
Each role is set with a checkbox that has three states:
Checked : The role is enabled.
Unchecked : The role is disabled.
Unchecked and grayed out: The role is indeterminate.
If a User Role is needed to access an application function, SavaPage will check if this role is enabled for the authenticated user.
When the role is indeterminate at the user level, Group Roles are checked of the groups the user belongs to. Added Groups are checked first, then the Built-in Groups, with the “All Users” group as last.
Access is granted if there is at least one group where the role is enabled.
Access is denied when the role is indeterminate or disabled in all groups.
Print Job Creator role is special: an indeterminate state at “All User” top level is interpreted as granted.
A summary of enabled/disabled roles is displayed in the User List Item.
The 3-tier group hierarchy (User Groups > Internal/External Users > All Users) is traversed bottom up, to resolve the role of individual Users only. Group hierarchy is not used to resolve roles for User Groups: roles defined at group level are fixed, and are not interpreted in the context of other groups, or individual members.
The Primary email and Other emails addresses are editable and must each be unique: they can be associated to just one User. Multiple emails must be separated by any of the characters space, comma, semicolon, or by carriage return or line feed.
When saving, all email addresses are converted to lowercase.
The PIN must be digits only. The minimum
and maximum length of a PIN are contained
in the configuration keys
user.pin-length-max. A maximum value
0 (zero) indicates the maximum is unspecified.
See Section 4.11.14, “Config Editor”
on how to change these values.
The YubiKey Public ID is used for YubiKey Authentication.
ID number must be unique: it can be associated to just one User. It is automatically generated when a user successfully logs in for the first time. The number can be re-generated by pushing the button. The number is used for Web App Login and as authentication token for Internet Print. The following configuration properties apply:
The minimum length of User ID number (manual
|Set to |
Length of generated User ID number. Minimal value:
Table 4.3. Configuration Properties for User ID number
See Section 4.11.14, “Config Editor” on how to change these values.
The UUID is used as authentication token for Internet Print and RESTful Web Services. It is automatically created when a user successfully logs in for the first time. A new UUID can be created by pushing the button.
Users can replace their own UUID. See Section 3.10.1, “Internet Printer”.
In this section the OpenPGP Public Key ID of the user can be entered. This key will be used to encrypt email send to the user. The Section 11.3, “OpenPGP Settings”.and buttons are shown when the OpenPGP key server URL is configured. They open a tab to the key server, where public keys can be searched and checked (verified). See
A new value for the user's account Balance results in a financial transaction that corrects the previous account balance. See Section 3.8.2, “Transactions”. Users are notified by a pop-up message in their active User Web App when their balance is adapted.
Set the Credit limit with one of these buttons:
: user has no credit limit, and is not restricted.
: when selected a custom credit limit can be entered.
For an Internal User Password actions are shown.
The User Web App. This gives administrators a means to disable login by user name/password, in favor of other authentication methods.button is shown when a password is set. When pressed, it erases the password and makes itself disappear again. Without an initial password, users cannot reset their password in the
A tap on the Password Reset Dialog. Use this dialog to initially set or change a password.button shows the
Press the next section describes the effect of this action.button to delete the user and return to the User List. The
Thebutton bring you back to the User List without changing anything.
The prefix of ID is contained in the
The minimum length of the Password is
contained in the configuration key
See Section 4.11.14, “Config Editor” on how to change these configuration values.
Internal Users can also be added with the Server Command Tool. See Section C.1.2, “addInternalUser”.
Deleting a User makes sense if they are not part of the user source anymore and they were not deleted as part of a bulk delete during a manual synchronization. As long as job history or account transactions for a User are present , SavaPage applies a logical delete. Any logical deleted User will be physically deleted from the database when no related job history and account transactions are present anymore. This situation will automatically occur when you enabled automatic backup in combination with the delete of old document and transaction logs.
If SavaPage synchronizes a new User from the user source, a new user instance will be created in the database, despite the fact that a logical deleted User exists with the same identifying name, i.e. the logical delete status of the "identical" user will remain as it is.
SavaPage sets up a dedicated account called
This is the master administrator account, with access to all application
functions, whose password is assigned during configuration. In large
organizations it is likely that the administrator role needs to be granted to
more than one person. One solution is to give all those persons the master
password; however a better approach is to assign the administrator role to the
network user accounts of these individual's. The advantages of this approach
Administrators can access the Admin Web App with their own username and password.
Since most administrative activity is logged in an audit trace, changes can easily be tracked back to an individual.
Access to certain parts of the Admin Web App can be set on User Group level with Admin Privileges.
Administrative users should login via
so that they are directed to the correct interface.
 A universally unique identifier (UUID) is an identifier standard used in software construction. See https://en.wikipedia.org/wiki/Universally_unique_identifier
 When a user does not print on their own, but is printed for via Delegated Print, no job history is present for that user, but (pending) transactions are.