Command line usage

Before using Policy Manager, ensure that you fulfill the requirements listed in Requirements.

Policy Manager is in the \Reference Implementation\Command Line Tools directory on the DVD. To run the tool, use the following syntax:

java -jar AdobePolicyManager.jar  
<i class="+ topic ph hi-d="" i "="">
  command filename [options] 
</i class="+ topic>

The following table contains descriptions of the command line actions shown in the syntax above:

Command line action Description
new Creates a new policy.
detail Describes an existing policy.
update Updates an existing policy.

The following table describes the command line options that can be specified along with the syntax above:

Command line option

Description

-c configfile

Specifies the location of the configuration file. If this option is not used, the Policy Manager will look for flashaccesstools.properties in the working directory. Options specified on the command line take precedence over those present in the configuration file.

-o

If the destination file already exists, overwrite it without prompting.

-noprompt

Do not ask if the destination file should be overwritten. If the destination file already exists and -o is not set, an error will be returned.

-root

Indicates the policy has a root license. Not allowed for updates.

-e date

The date before which licenses will be valid. Specify as yyyy-mm-dd or yyyy-mm-dd-h24:min:sec . For example, 2008-12-1 or 2008-12-1-00:00:00 for midnight on December 1, 2008. The value must be greater than the value of -s , if present. This option cannot be used with -r . To remove the end date when updating a policy, use -e without specifying a date.

-r minutes

The duration (minutes) that content protected with this policy is valid, beginning when the content is protected with the packager. The value must be non-negative. This option cannot be used with -e . To remove the duration when updating a policy, use -r without specifying a number of minutes.

-s date

The date after which licenses will be valid. Specify as yyyy-mm-dd or yyyy-mm-dd-h24:min:sec . For example, 2008-12-1 or 2008-12-1-00:00:00 for midnight on December 1, 2008. The value must be less than the value of -e , if present. This option cannot be used with -r . To remove the start date when updating a policy, use -s without specifying a date.

-w minutes

The playback window (the number of minutes the content may be viewed, beginning from the first playback). If this option is not specified or if -w is used without specifying the number of minutes, there is no playback window limitation. The value must be non-negative.

-l minutes

The license caching duration in minutes, which is the time a license will be allowed to be cached in the client's License Store after the license has been issued by the server. The value must be non-negative. Specify -l 0 to indicate license caching is not permitted. Use -l without specifying a number of minutes for unlimited license caching.

-ldate date

The license caching end date (the date after which licenses may not be cached in the client's License Store, after the license has been issued by the server). Specify as yyyy-mm-dd or yyyy-mm-dd-h24:min:sec . For example, 2008-12-1 or 2008-12-1-00:00:00 for midnight on December 1, 2008. Use -l without specifying a number of minutes for unlimited license caching.

-authNS

The authentication namespace. If specified, the client should authenticate with a user name and password issued by the specified authority. This option cannot be used with -x . It is not allowed for updates.

-x

Allow anonymous access. This option cannot be used with -authNS . It is not allowed for updates.

-air pubId [: appId [:[ min ]:[ max ]]]

An allow list of AIR applications allowed to play protected content. Use this to restrict which publishers, applications, and versions may access content protected with this policy.

If appId is not specified, all applications for publisher pubId are allowed.

min and max version numbers are optional.

Multiple -air options may be specified to allow multiple applications. If no AIR or SWF applications are specified, all applications may access this content. During an update, use -air without the remaining arguments to remove all entries from the list.

-drmBlacklist name / value pairs

The DRM clients restricted from accessing protected content. The value consists of comma separated name:value pairs with the following format:

os | release= stringValue

For example, os=Win,release=2.0.1 . During an update, use -drmBlacklist without the remaining arguments to remove all entries from the list.

-drmLevel int

Indicates that DRM clients must have the specified minimum security level to access protected content.

-opAnalog NO_PROTECTION | USE_IF_AVAILABLE | REQUIRED | NO_PLAYBACK | ACP_REQUIRED | CGMS-A_REQUIRED | USE_ACP_IF_AVAILABLE | USE_CGMS-A_IF_AVAILABLE

Analog output protection constraints.

-opDigital NO_PROTECTION | USE_IF_AVAILABLE | REQUIRED | NO_PLAYBACK

Digital output protection constraints.

-runtimeBlacklist name / value pairs

The application runtimes restricted from accessing protected content. The value consists of comma separated name:value pairs with the following format:

os | application | release= stringValue

For example, os=Win,release=2.0.1,application=AIR . During an update, use -runtimeBlacklist without the remaining arguments to remove all entries from the list.

-runtimeLevel int

Indicates that the application runtimes must have the specified minimum security level to access protected content.

-swf url

-swf file= swf_file , time= max_time_to_verify

An allow list of SWF applications allowed to play protected content. Multiple -swf options may be specified to allow multiple applications. If no AIR or SWF applications are specified, all applications may access this content. During an update, use -swf without the remaining arguments to remove all entries from the list. To identify a SWF by its hash value, specify the SWF file for which to compute the hash and the maximum time to allow for SWF verification to complete (in seconds).

-k name= value

Specifies custom key/values to add to the policy. Multiple -k options may be specified. During update, use -k without the remaining arguments to remove all properties. The interpretation or handling of this data is completely up to the implementation of the Adobe Access license server.

-p name= value

Adds a custom property, which will appear in the license generated for each client. Multiple -p options may be specified to add multiple properties. During an update, use -p without the remaining arguments to remove all properties. The interpretation or handling of this data is completely up to the implementation of the client application.

On this page

Adobe Summit Banner

A virtual event April 27-28.

Expand your skills and get inspired.

Register for free
Adobe Summit Banner

A virtual event April 27-28.

Expand your skills and get inspired.

Register for free
Adobe Maker Awards Banner

Time to shine!

Apply now for the 2021 Adobe Experience Maker Awards.

Apply now
Adobe Maker Awards Banner

Time to shine!

Apply now for the 2021 Adobe Experience Maker Awards.

Apply now