JP5200215B2 - Image forming apparatus and image forming system - Google Patents

Description

  The present invention relates to an image forming apparatus having an image input / output function and an image forming system in which a plurality of image forming apparatuses are coupled to a network together with a management server.

  In an environment where a user can select any one of a plurality of image forming apparatuses and perform copying, printing, facsimile transmission, etc., authentication / authorization, billing management, restriction on the number of pages used, etc. for each user When performing, a plurality of image forming apparatuses are coupled to a network together with a management server, and these are processed by the management server and managed in an integrated manner.

  However, the user cannot use the image forming apparatus when the management server is unable to perform authentication / authorization due to a failure of the management server or a poor connection with a wired or wireless connection.

In view of the above, Japanese Patent Application Laid-Open No. 2004-228561 discloses a configuration in which an image forming apparatus includes local authentication means for authenticating a user by acquiring authentication information from the authentication apparatus when the access means of the image forming apparatus cannot access the authentication apparatus. Yes.
JP 2005-173816 A

  However, there are cases where the number of users is so large that user authentication information, usage quantity restrictions, cumulative usage quantity, etc. cannot be stored in the memory of the image forming apparatus. In addition, since one user can use a plurality of image forming apparatuses, it is not possible to limit the amount used.

  In view of such problems, the object of the present invention is to enable use of an image forming apparatus and unauthorized use of an image forming apparatus even when the management server cannot temporarily authenticate for some reason. It is an object of the present invention to provide an image forming apparatus and an image forming system capable of preventing or suppressing the above.

According to a first aspect of the present invention, an image forming apparatus includes a processor, a storage unit that stores a program and data, an input unit, and a communication interface, and is coupled to a management server on a network via the communication interface. In
The program is for the processor
(A) The authentication target information input via the input means is transmitted to the management server via the communication interface to request authentication.
(B) When the authentication result cannot be received from the management server, the unauthenticated information to be authenticated is stored in the storage unit, the authentication is considered successful, and the job is accepted.
(C) If the unauthenticated authenticated information exists in the storage means, the unauthenticated authenticated information is transmitted to the management server at a predetermined time.

According to a second aspect of the image forming apparatus of the present invention, in the first aspect, the image forming apparatus further includes a timer that outputs the current date and time, and the program is provided to the processor.
In the process (a), the output of the timer is read as a login attempt date and time, and the login attempt date and time is transmitted to the management server together with the authentication information.
In the process (b), the login trial date and time is stored in the storage unit together with the unauthenticated authenticated information,
In the process (c), the login trial date and time are transmitted to the management server together with the unauthenticated authenticated information.

In a third aspect of the image forming apparatus according to the present invention, in the first or second aspect, the program is provided to the processor.
(D) sending a job log to the management server via the communication interface at the end of the job;
(E) When the confirmation information indicating that the job log has been received from the management server cannot be received, the job log is also stored in the storage unit;
In the process (c), if the job log stored in the process (e) exists, the job log is transmitted to the management server together with the unauthenticated authentication information.

In a fourth aspect of the image forming apparatus according to the present invention, in the third aspect, the program is provided to the processor.
In the process (b), a temporary session ID and a job ID are assigned and stored together with the unauthenticated authenticated information in the storage means.
In the process (c), the temporary session ID and job ID are transmitted to the management server together with the unauthenticated authentication information,
In the process (d), the temporary session ID and job ID are included in the corresponding job log.

According to a fifth aspect of the image forming apparatus of the present invention, in any one of the first to fourth aspects, the program is provided to the processor.
(F) When the authentication result for the unauthenticated information transmitted in the process (c) is received from the management server, if the authentication result indicates an authentication failure, the job corresponding to the authentication result is completed. This job is stopped when a negative determination is made.

  In a sixth aspect of the image forming apparatus according to the present invention, in any one of the first to fifth aspects, the predetermined time of the process (c) includes the time of the authentication request of the process (a).

In a seventh aspect of the image forming apparatus according to the present invention, in any one of the first to sixth aspects, the timer further interrupts the processor every predetermined time when the interrupt mask is reset to the processor, The program is for the processor
In step (b), the interrupt mask is further reset,
Set the interrupt mask after transmission of process (c),
The predetermined time of the process (c) is the interrupt time.

In the first aspect of the image forming system according to the present invention, any one of the first to seventh aspects of the image forming apparatus is coupled to a plurality of networks, and a management server is further coupled to the network.
The management server includes storage means in which an administrator's e-mail address is registered, authenticates the unauthenticated authentication information received from the image forming apparatus, and transmits an authentication result to the image forming apparatus.

  In a second aspect of the image forming system according to the present invention, in the first aspect, when the management server further fails to authenticate the unauthenticated authenticated information, information indicating the failure and the unauthenticated authenticated information An e-mail including the above is transmitted to the administrator.

  In a third aspect of the image forming system according to the present invention, in the second aspect, the management server further receives a job log from the image forming apparatus when authentication for the unauthenticated authentication information fails. If the job log is received and the information indicating the above is included in the e-mail.

In a fourth aspect of the image forming system according to the present invention, in any one of the first to third aspects, the management server further includes:
We manage whether the cumulative usage quantity does not exceed the limit usage quantity for each user ID,
If authentication with respect to the unauthenticated authentication information is successful, if the job log is received from the image forming apparatus, the usage quantity included in the job log is used as the cumulative usage quantity of the user ID corresponding to the job log. If the result exceeds the corresponding limit usage quantity, information indicating that is also included in the e-mail.

  According to the configuration of the first aspect, even if the image forming apparatus does not have authentication information for all users and the management server cannot be temporarily authenticated for some reason, it is considered that the authentication has succeeded. Since the job is received and the post-authentication is performed with respect to the management server, the image forming apparatus can be used even in such a case, and the illegal use of the image forming apparatus can be prevented or suppressed.

  According to the structure of the said 2nd aspect, there exists an effect that the login trial date can be managed regarding unauthenticated to-be-authenticated information.

  According to the structure of the said 3rd aspect, there exists an effect that a job log can be processed appropriately combining unauthenticated to-be-authenticated information.

  According to the configuration of the fourth aspect, even if one user executes a plurality of jobs by temporary login, the session ID and job ID originally assigned on the management server side are temporarily assigned on the image forming apparatus side. In addition, this is combined with unauthenticated information to be authenticated, and the corresponding job log includes these session IDs and job IDs, so it is possible to manage these multiple job logs appropriately on the management server after post-authentication. Has the effect of becoming.

  According to the configuration of the fifth aspect, since the post-authentication result indicates an authentication failure and the job is stopped if the job is not started or is being executed, unauthorized use can be quickly stopped and There is an effect that a preventive effect can be expected.

  According to the structure of the said 6th aspect, there exists an effect that a post-authentication can be tried also at the time of the next authentication request | requirement.

  According to the configuration of the seventh aspect, regardless of whether or not the next authentication request is present, if there is unauthenticated information, the post-authentication can be periodically tried until the post-authentication is completed, and unauthorized use can be promptly performed. There is an effect that it can be stopped and its preventive effect can be expected.

  According to the configuration of the eighth aspect, even if the image forming apparatus does not have authentication information for all users and the management server cannot be temporarily authenticated for some reason, it is considered that the authentication has succeeded. Since the job is received and the post-authentication is performed with respect to the management server, the image forming apparatus can be used even in such a case, and the illegal use of the image forming apparatus can be prevented or suppressed.

  According to the configuration of the ninth aspect described above, when post-authentication fails, an e-mail including information indicating the failure and the unauthenticated authenticated information is automatically transmitted to the administrator. There is an effect that unauthorized use of the image forming apparatus can be prevented or suppressed.

  According to the configuration of the tenth aspect, when post-authentication fails, whether or not a job log is received and its contents are also included in the e-mail, so that the unauthorized use of the image forming apparatus can be prevented or suppressed more effectively. There is an effect that becomes possible.

  According to the configuration of the eleventh aspect, even if the post-authentication is successful, if the cumulative use quantity exceeds the limit use quantity, the information is also included in the e-mail, so that the image formation can be performed more effectively. There is an effect that unauthorized use of the apparatus can be prevented or suppressed.

  Other objects, configurations and effects of the present invention will become apparent from the following description.

  FIG. 6 is a schematic block diagram of the image forming system according to Embodiment 1 of the present invention.

  .., 10m, n clients 201, 202,..., 20n, the print server 30, and the management server 31 are each a LAN (local area network) as a node. ) 33. Each of the image forming apparatuses 101 to 10m is a multifunction machine, a printer, a facsimile, or the like.

  The print server 30 includes an OS (operating system) for realizing the functions, a server program, and an application program in its storage device. The OS includes printer drivers corresponding to the image forming apparatuses 101 to 10m. And a network interface driver that communicates with each of the clients 201, 202,..., 20n and with each of the image forming apparatuses 101 to 10m, for example, using the LPR protocol. . FIG. 6 shows the case where there is one print server 30, but one print server is provided for each group of image forming apparatuses that can replace each other, and a ready state is arbitrarily selected in the group. It may be a possible configuration.

  FIG. 7 is a schematic block diagram illustrating a hardware configuration when the image forming apparatus 101 is a multifunction peripheral.

  In this image forming apparatus 101, the MPU 11 is connected to the PROM 13, DRAM 14, operation panel 15, printer 16, scanner 17, network interface 18, FAX modem 19, USB port 20, IC card reader / writer 21 and timer 22 via the interface 12. Is bound to. In FIG. 7, a plurality of interfaces are shown as one block 12 for simplicity.

  The PROM 13 is, for example, a flash memory, and stores an operating system (OS), various programs that operate on the upper layer of the OS, various setting values, and a management table described later. The various programs are for causing the image forming apparatus 10 to function as a multifunction peripheral. This function includes an image forming function including copy, scan, print, facsimile transmission / reception and e-mail transmission / reception, authentication function, job log creation / There is a communication function. This authentication function is not used when the image forming apparatus 101 is used in an image forming system. The PROM 13 also temporarily stores a job log, and can cope with this even if the power supply is cut off accidentally. The DRAM 14 is used for a work area, and is used for developing a bitmap of drawing data.

  The operation panel 15 includes a display unit and a key input unit, and is used for inputting setting information or instructions to display a selection screen, a setting screen, or the like.

  The printer 16 includes a print engine, a toner cartridge, a fixing device, a paper feed unit, a transport unit, and a paper discharge unit. An electrostatic latent image is formed on the photosensitive drum of the print engine based on bitmap data supplied as print data. An image is formed, developed with toner, transferred to a sheet, fixed, and then discharged. The printer 16 may further include a post-processing device.

  The scanner 17 is for image input in copying and facsimile transmission. The FAX modem 19 is for facsimile transmission / reception. The network interface 18 is coupled to the LAN 33, and the FAX modem 19 is coupled to a public line network (not shown).

  The IC card reader / writer 21 sends and receives signals via radio waves to and from the IC card 23 existing within a predetermined range based on a command from the MPU 11 according to the program, reads the user ID and password information, These are output as authentication information for the image forming apparatus 10. This output is read by the MPU 11.

  The timer 22 is for detecting the current time and for interrupting the MPU 11.

  The USB memory 24 coupled to the port 20 includes, for example, a flash memory chip, and is for storing a file to be printed.

  Here, in the image forming system of FIG. 6, the management server 31 limits the cumulative number of pages for each user ID. The image forming apparatus 101 used in this system is configured to perform department management when used alone. Therefore, the image forming apparatus 101 stores a department management program, a user table used for the department management program, and a department management table in the PROM 13.

  FIG. 3 is an explanatory diagram of a management table stored in the PROM 13, (A) is an explanatory diagram of the user table 35, and (B) is an explanatory diagram of the department management table 36.

  The user table 35 includes fields for a user ID, a password, a user name, a department ID, and an authority type.

  The department management table 36 includes fields such as a department ID, a password, a restricted page number, and a cumulative page number. The number of pages is the number of image formation pages, the number of pages printed on paper in the case of copying or printing, the number of pages of image data formation in the case of image scanning, and the number of transmission pages in the case of facsimile transmission.

  The limited page number differs depending on whether the job type is printing (copying and printing), image scanning, or facsimile transmission. In the case of printing, a limited page number is set for each of monochrome, color, and the total of these. The cumulative number of pages includes a cumulative number of pages and a job execution prohibition flag field corresponding to each of these limited pages. The job execution prohibition flag may be the most significant bit of the cumulative number of pages.

  In the initialization process when the image forming apparatus 101 is turned on, user information of one pseudo user having general user authority is registered in the user table 35, and the pseudo department to which this pseudo user belongs is registered in the department management table 36. Department management information is registered. The pseudo user and the pseudo department may be included in a specific record, and may be an actual user and department.

  FIG. 8 is a schematic block diagram showing the hardware configuration of the management server 31.

  This configuration is a normal computer system. In the management server 31, the MPU 41 is coupled to the PROM 43, DRAM 44, hard disk drive 45, interactive input device 46, display device 47, and network interface 48 via the interface 42. In FIG. 8, the interface 42 is described as one block for the sake of simplicity.

  The PROM 43 stores BIOS and setting values related thereto. The DRAM 44 is used as a main storage device in a virtual storage system.

  The hard disk drive 45 stores a program and data for causing the apparatus 31 to function as a management server, and further stores a job log received from the image forming apparatus 101.

  This program includes a server OS or a combination of a general-purpose OS and a server program, and an application that performs authentication, billing management, and the number of pages used. The application for performing the accounting management includes a later-described accounting information compression program in the job log, and the application for limiting the number of used pages includes a program for accumulating the number of used pages of the user ID every time the job log is received. .

  The data includes a user table 34 in which a user ID, a password, a restricted page number, a cumulative page number, and the like are associated with each other as shown in FIG. The limited number of pages differs depending on the job type as in the department management table 36 of FIG. Similarly to the department management table 36, the cumulative page number has fields of a cumulative page number and a job execution prohibition flag corresponding to each of these limited page numbers.

FIG. 4 is a sequence diagram in a case where the client 201 causes the image forming apparatus 101 to perform a print job using the system of FIG . In below, it will be omitted encryption and decryption of data. In addition, the processing identification codes in FIG. 4 or 5 are shown in parentheses.

  (C0) A user activates an application program on the client 201 to create a document, selects a print menu and activates an OS print manager, thereby displaying a print dialog and setting job information. This job information includes page size, monochrome / color, 4in1 and other layout information such as single-sided / double-sided printing, and the number of copies, paper type such as plain paper or recycled paper, and finishing such as post-processing such as staple or punch. Contains information.

  (C1) When the user presses an OK button on the print dialog, the document data in the application is converted into an apparatus-independent EMF (extended metafile) by an operating system, for example, GDI (graphic device interface) of Windows (registered trademark). And the job information is added thereto.

  (C2) Next, the network interface driver residing in the memory is triggered to pop up a user authentication dialog, and the user inputs the user ID and password as authentication information.

  (C3) When the user presses the OK button on the authentication dialog, the user authentication information is added to the job information, and the EMF file to which the job information is added is printed via the network interface 18 as device-independent print job data. It is transmitted to the server 30.

  (C4) The print server 30 extracts the user ID and password included in the job information of the received device-independent print job data, and transmits them to the management server 31 together with the job type (print).

  (C5) In response to this, the management server 31 searches the user table 34 using this user ID as a key, and determines whether or not the password included in the hit record matches the received password. When the management server 31 determines a match, the management server 31 reads the values of the total, monochrome, and color job prohibition flags Ft, Fm, and Fc included in the record. The initial value of the job prohibition flag is “0” (permitted), and the process of setting it to “1” (prohibited) will be described later.

  (C6) The management server 31 determines (authenticates) that they match, and if Ft = '0' and neither Fm nor Fc is '1' (if authorized), determines the job ID, Session IDs corresponding to the processes from login to logout are determined, and these are sent to the print server 30 together with the results of authentication and authorization, the cumulative number of pages and the number of restricted pages, and if not, the result of authentication and authorization is sent. Send to the print server 30.

(C7) The print server 30, the result of the authentication authorization, and transmits to the image forming apparatus 101 as a response to C 3.

  (C8) If the authentication is successful, the print server 30 associates the job ID with the user ID and places it in the job queue.

  (C9) The print server 30 retrieves the job ID from the job queue by FIFO, and inquires whether the job can be accepted to one or a plurality of image forming apparatuses corresponding to the job ID.

  (C10) When the print server 30 obtains an acceptable response, the EMF file and the job information included in the device-dependent print job data of this job ID are respectively described in device-dependent PDL (page description language). And the device-dependent PJL (print job language), and the above-mentioned session ID and job ID are added to the converted job information, and these are combined to form device-dependent print job data.

  (C11) The print server 30 transmits the device-dependent print job data to the corresponding image forming apparatus, in this embodiment, the image forming apparatus 101.

  (C12) The image forming apparatus 101 puts this job in a queue and puts it in a waiting state. When this job enters the ready state, it starts executing the image forming process, and creates a job log while executing the job as will be described later. At the same time, the cumulative page number limit management is performed.

  (C13) When the job is completed, the image forming apparatus 101 transmits a job log to the print server 30.

  (C14) The print server 30 transmits this job log to the management server 31.

  (C15) The management server 31 transmits confirmation information indicating that the job log has been received to the print server 30.

  The management server 31 determines and fills in a billing ID (BillingID) for the received job log, and uses the total, monochrome, and color pages for this job based on the billing information of this job log. The number is added to the corresponding accumulated page number in the user table 34. Further, the management server 31 compares each of these accumulated page numbers with the corresponding restricted page number, and if the accumulated page number exceeds the restricted page number, the job prohibition flag is rewritten to “1”.

  FIG. 5 is a sequence diagram when the operation panel 15 of the image forming apparatus 101 is operated to cause the image forming apparatus 101 to perform a copy job, a facsimile transmission job, or a print job of a file in the USB memory.

  (C20) When the user presses the start key to place the image forming apparatus 101 in a ready state, a user authentication screen is popped up on the operation panel 15. The user operates the operation panel 15 and inputs a user ID and a password. Instead of this input, the IC card 23 may be brought close to the IC card reader / writer 21 to automatically input them.

  (C21) The image forming apparatus 101 transmits the user ID and password to the management server 31.

  (C22) The management server 31 performs user authentication as described above, and further determines a session ID when the authentication is successful.

  (C23) When the authentication is successful, the management server 31 transmits the session ID together with the authentication result to the image forming apparatus 101. When the authentication is not successful, the management server 31 transmits the authentication result to the image forming apparatus 101.

  (C24) If the authentication is successful, the image forming apparatus 101 allows the user to accept a service request. The user selects a job type, makes necessary settings, and then presses a start key to instruct job start.

  (C25) In response to this, the image forming apparatus 101 transmits the selected job type to the management server 31 together with the session ID.

  (C26, C27) In response to this, the management server 31 determines a job ID for this job, searches the user table 34 of FIG. 2 using this user ID as a key, and sets the limit page number corresponding to this job. The cumulative page number and job prohibition flag are read out, and the job ID, restricted page number, cumulative page number, and job prohibition flag are transmitted to the image forming apparatus 101 together with the user ID.

  (C28) In response to this, the image forming apparatus 101 starts the job processing shown in FIG.

  Steps S1 to SA in FIG. 1A are processing of the department management program. Each time one page is printed, a job log for this page is created, and the accumulated page number of the department ID to which the user belongs is the department ID. The limit number of pages set in is not exceeded.

  In the first embodiment, the department management program is effectively used as a user management program by adding the process of step S0 to the department management program. Hereinafter, the parenthesized characters are step identification codes in FIG.

  (S0) The image forming apparatus 101 overwrites the user name of the record No = 2 in the user table 35 with the user ID for the management server 31 as preprocessing specific to the present plan, and records No = 1 in the department management table 36. Of the limited page number, the cumulative page number, and the job prohibition flag (record including the department code of the record of No = 2 in the user table 35), the one corresponding to this job type is rewritten with the one received from the management server 31. . For example, when the job type is copy, the total, monochrome and color limited page numbers, the cumulative page number corresponding to each, and the job prohibition flag are rewritten.

  (S1) Next, the job execution is enabled by automatically logging in to the image forming apparatus 101 internally using the user ID and password of the record No = 2 in the user table 35.

  If job execution is enabled by jumping on a program without performing this automatic login, disassembling and tracing can be modified without requiring authentication, which is not preferable.

  In C22, the setting allows the user to log in using only the user ID without using a password, but the setting is such that the user cannot log in locally to the image forming apparatus 101 using only the user ID. This is to prevent unauthorized use of the management image forming apparatus 101 by separating the image forming apparatus 101 from the management server 31 in such a system.

As described above, the user name of the record No = 2 in the user table 35 is overwritten with the user ID input to the image forming apparatus 101 for authentication in the management server 31. As for the password, a set of already registered passwords can be reused regardless of the user, and the user can be identified by the rewritten user ID .

(S2) common job log information to each page, to fill in the job log file 32 shown in FIG. 1 (B). The common information includes a job ID, a session ID, a user ID, and a job type (copy, print, facsimile, etc.) obtained from the received job data.

  (S3) Referring to the timer 22, the job start date and time StartTime, which is information on the entire job, is entered in the job log file 32.

  (S4) For example, in the case of copying, the monochrome / color type set on the operation panel 15 is read, the corresponding limited page number is compared with the cumulative page number, and the total limited page number and cumulative page number are compared. The number of pages is compared, and if both are within the limit number of pages, the process proceeds to step S5, and if not, the process proceeds to step S9.

  (S5) The laser diode is modulated by the scanned document image data, and the electrostatic beam is formed by scanning the charged photosensitive drum with the laser beam to partially remove the charge. The image is developed with toner, the toner image is transferred onto a sheet, the image is fixed on the sheet with a fixing device, and the sheet is discharged onto a tray.

  (S6) The accounting information for one page is entered in the job log file. For example, as shown in FIG. 1B, the billing information includes the page count PageCount, a color flag ('1' for color, '0' for monochrome), and a double-sided print flag (for double-sided printing). Is “1”, “0” for single-sided printing), page size (A3, A4, B4, B5, letter, leisure, legal, etc.) and media type (plain paper, recycled paper, glossy paper, etc.) Includes one or more information blocks BLK. For the first page, one information block BLK in which all of these are entered is created and its PageCount is set to 1. For the second and subsequent pages, if an information block with the same number other than the number of pages already exists, the PageCount of that information block is incremented by 1, and if not, a new information block is created.

  (S7) The corresponding cumulative page number in the department management table 36 is incremented by one. For example, if the job type is copy and monochrome, the total and monochrome cumulative page counts are each incremented by one.

(S8) If printing has not been completed for all pages, the process returns to step S3, and if completed, the process proceeds to step SA.

  (S9) The corresponding job prohibition flag is set to ‘1’, the fact that the limit page count has been exceeded is displayed on the operation panel 15, the job is terminated, and the process proceeds to step SA.

  (SA) With reference to the timer 22, the job end time, which is information on the entire job, is entered in the job log file 32.

  (SB, C29 in FIG. 5) The job log file 32 thus created is transmitted from the network interface 18 to the network interface 48 of the management server 31 via the OS driver.

  (C30) The management server 31 transmits confirmation information indicating that the job log has been received to the image forming apparatus 101.

The management server 31 determines and fills in the Billing ID for the received job log, and based on the billing information of this job log, the number of pages used in this job (total, monochrome and The number of used pages of each color) is added to the corresponding accumulated number of pages in the user table 34. Further, the management server 31 compares each of these accumulated page numbers with the corresponding limited page number, and rewrites the job prohibition flag to “1” if the accumulated page number exceeds the limited page number.

  According to the first embodiment, the user name of a specific record on the user table 35 is rewritten with the user ID input to the image forming apparatus 101 for authentication at the management server 31, and the department name on the department management table 36 is changed. As the user of the specific record, the limited page number and the cumulative page number of the record whose ID matches the department ID included in the specific record are rewritten with the limited page number and the cumulative page number received from the management server 31, respectively. Jobs can be executed by automatically logging in locally, and the department management program can be effectively used as a user management program with a simple configuration of impersonating the user with the user ID for the management server as the user with the local user ID. The software of the image forming apparatus 101 that uses one of the two management programs according to the usage mode. It is possible to simplify the A structure, an effect of reducing the product cost.

  Information related to printing charges includes color, whether or not double-sided printing, page size, and paper type. Depending on the job, color printing and monochrome printing are mixed, double-sided printing and single-sided printing are mixed, or different sizes and types of paper are mixed. In such a case, each time one page is printed, a new information block BLK must be created when the billing information is different from any of the plurality of already created information blocks BLK, so the processing is complicated. Become.

  On the other hand, in FIG. 6, in the image forming apparatuses 101 to 10m, there are cases where jobs are concentrated and are in a waiting state. On the other hand, the processing in the management server 31 is relatively simple, and billing management may be performed during idle time.

  Therefore, it is preferable for the entire system to collect pages having the same billing information on the management server 31 side, rather than collecting them on each image forming apparatus.

  Therefore, in the second embodiment, every time one page is printed on the image forming apparatus 101 side, the charging information is added to the job log XML file 320 as shown in FIG. The 0 in the last line in FIG. 10 is a code indicating the end of the file.

  FIG. 9 is a partial flowchart showing a procedure for creating one page of billing information according to the second embodiment of the present invention, which is used in place of step S6 in FIG.

  (S50) The start tag <PageInfo> of the page billing information PageInfo is added to the job log XML file 320.

  (S51) The charging information on this page is added to the job log XML file 320. The page billing information is the same as that obtained by removing PageCount from the information block BLK in FIG. 1B, and includes a color flag, a duplex printing flag, a page size, and a media type.

  (S52) The page billing information PageInfo end tag </ PageInfo> is added to the job log XML file 320.

  According to such a configuration, in one job, color printing and monochrome printing are mixed, double-sided printing and single-sided printing are mixed, or different sizes and types of paper are mixed. Even if these are combined in a complicated manner, it is only necessary to add the charging information JobInfo of this page to the job log job log XML file 320 every time one page of the job is printed. The creation process is simplified, processing delay can be prevented, and the device manufacturing cost can be reduced.

  The management server 31 adds an item of page count PageCount to the received job log XML file after the start tag of each page billing information PageInfo as shown in FIG. Is a job log XML file 320A. Note that this item may be added on the image forming apparatus 101 side.

  FIG. 12 is a flowchart showing the accounting information compression processing in the job log by the management server 31.

  (S10) The first address of the first page billing information PageInfo is substituted into the variable X, and the address of the second page billing information PageInfo is substituted into the variable Y.

  (S11) If [X] = [Y], the process proceeds to step S12; otherwise, the process proceeds to step S14. Here, [X] means the billing information excluding the page count in the page billing information PageInfo whose head address is X.

  (S12) The page billing information PageInfo with the top address Y is deleted.

  (S13) The page count PageCount having the head address X is incremented by one.

  By performing such processing once, for example, if the contents of the page billing information PageInfo51 excluding the page count PageCount and the page billing information PageInfo52 are the same, the page billing information PageInfo52 is deleted and the page count of the page billing information PageInfo51 is counted. PageCount is set to 2.

  (S14) The start address of the next page billing information PageInfo is substituted into the variable Y.

  (S15) If the next page billing information PageInfo does not exist in step S14, the process proceeds to step S16; otherwise, the process returns to step S11.

  (S16) The start address of the next page billing information PageInfo is substituted into the variable X.

  (S17) If the next page billing information PageInfo does not exist in step S16, the compression processing of FIG. 12 is terminated, otherwise the process returns to step S11.

  By such processing, page billing information for all pages in the job log XML file is compressed.

  The management server 31 calculates the billing value BillingValue of this job based on the billing information of this job log XML file and the billing unit price information stored in the hard disk drive 45, and enters the result in the job log XML file. Thus, the job log XML file 320B as shown in FIG. 13 is completed.

  The other points are the same as in the first embodiment.

  According to the second embodiment, the management server 31 adds a page count item to the accounting information PageInfo for each page regarding the received job log job log XML file 320, and the accounting information for each page other than the page count is added. Since the same k pages are combined into one and the page count is set to k, it is not necessary to perform such data compression processing on each image forming apparatus side, and the entire image forming system prevents processing delay. In addition, the system configuration cost can be reduced.

  Furthermore, if the page count item is simply added to the accounting information for each page on the image forming apparatus side, the processing at the accounting server is further simplified.

  When the management server 31 or the image forming apparatus is down due to a power failure, a program runaway or the like, or the management server 31 cannot receive a job log due to a problem on a wired or wireless communication path, that is, in C30 of FIG. When job log reception confirmation information cannot be obtained on the image forming apparatus side, conventionally, job log transmission has been repeated from the image forming apparatus side to the management server 31 side until this confirmation information is obtained. However, if this state continues for a long time, the image forming apparatus 101 cannot execute the next job.

  Therefore, in the third embodiment, when the confirmation information is not obtained within a predetermined time after the image forming apparatus 101 transmits the job log to the management server 31, the job log is temporarily stored in the PROM 13. When the next job is completed, the unsent job log stored temporarily is transmitted to the management server 31 together with the job log.

  FIG. 14 is a flowchart showing details of the processes of C29 and C30 in FIG. In the following, the step identification codes in FIG. 14 are shown in parentheses.

  (S20) As shown in FIG. 15, it is checked whether or not an unsent job log is stored in the buffer area 130 in the PROM 13, and if an affirmative determination is made, the process proceeds to step S21; otherwise, the process proceeds to step S22. move on.

  (S 21) The job log XML file temporarily stored in the buffer area 130 is transmitted to the management server 31.

  (S22) The current job log XML file 320 is transmitted to the management server 31.

  (S23) After job log transmission is completed, if job log reception confirmation information is obtained from the management server 31 within a predetermined time, the process proceeds to step S24. Otherwise, the process proceeds to step S25.

  (S24) The current job log XML file 320 and the job log in the buffer area 130 are deleted, and the processing of FIG.

  (S25) The job log XML file 320 is added to the buffer area 130, and the processing in FIG.

  Other processes are the same as those in the first or second embodiment.

  According to the third embodiment, when the management server 31 is down or the management server 31 cannot receive the job log due to a wired or wireless connection failure, the image forming apparatus holds the job log in the storage device. In addition, when the job log of the next job is transmitted, the held untransmitted job log is also transmitted to the management server 31, so that the image forming apparatus can move to the next processing and charge management by the management server 31. There is an effect that can be performed.

  Note that the same processing as described above can be applied to the processing of C14 and C15 in FIG.

  FIG. 16 is a flowchart corresponding to FIG. 14 according to the fourth embodiment of the present invention.

In this flow chart, in place of the processing of steps S20~S22 in FIG. 14, steps S20A and S2 1A are performed, also the processing of step S25 in FIG. 14 is omitted.

  As shown in FIG. 17, when there are unsent job logs in the buffer area 130, nodes 320N to 322N corresponding to these are serially linked to the pointer part of the head node 320H, and unsent job log XML files 320 to 322 are linked. Are pointed at corresponding data portions of the nodes 320N to 322N, respectively, to create a combined list. The data part may be a file name, or a structure variable may be constituted by the pointer part and the contents of the unsent job log XML file as the data part. When there is no unsent job log, 0 is stored in the pointer part of the head node 320H, and a NULL (no reference) combined list is created.

  In step S20A, the job log XML file 320 is further linked to this combined list (or to the head node 320H).

Therefore, in step S21A, may be transmitted to the management server 31 reads the content from the buffer area 130 of Joburo grayed. If a negative determination is made in step S23, the process of step S25 as shown in FIG. 16 is not necessary. If a positive determination is made, the combined list is deleted in step S24, and the head node 320H is set to 0. Is stored.

  Other points are the same as those of the third embodiment.

  According to the fourth embodiment, the unsent job log and the job log of the job that has just been completed are serially linked, and all the linked job logs are transmitted to the management server 31, so that the management server 31 forms an image. Regardless of whether or not the job log from the apparatus can be received, it is only necessary to perform a unified process, and the process is simple.

  When the management server 31 cannot perform user authentication due to power interruption, program runaway, or communication path failure, the user cannot use the image forming apparatuses 101 to 10m.

  On the other hand, when an arbitrary image forming apparatus can be selectively used by a large number of users, if the image forming apparatus does not include an external storage device and the memory capacity is small, as shown in FIG. The user table 34 may not be stored in this memory. Even if it can be stored, since one user can use a plurality of image forming apparatuses, the cumulative number of pages cannot be centrally managed.

  However, it is generally considered that the probability that the management server 31 cannot be used is very small.

  Therefore, in the fifth embodiment, when the management server 31 cannot perform user authentication, the image forming apparatus 101 can be used by assuming that user authentication has been performed, and then the management server 31 can be used. In such a case, the following appropriate processing is performed in order to promptly perform post-authentication and prevent or suppress unauthorized use.

FIG. 20 shows the authenticated information stored in the buffer area 130 of the PROM 13 in the same manner as in FIG. 17 when the management server 31 cannot authenticate. FIG. 20 shows a case where the structure variable 321C and the structure variable 320C are serially linked to the head node 320HA.

Each of the structure variables 320C and 321C has a link part and a data part. The data part includes a temporary job ID, a temporary session ID, a user ID, a password, and a date and time (LIDateTime) at which login is attempted. The original job ID and session ID are assigned on the management server 31 side, but cannot be assigned on the management server 31 side. Therefore, the job ID and session ID are temporarily assigned on the image forming apparatus 101 side, and the corresponding job log has the same value. Are assigned with a temporary job ID and a session ID. The date and time when the login is attempted is for allowing the administrator to check the date and time on the management server 31 side. The initial value of the temporary job ID and the session ID are NUL, the value in the image forming apparatus 101 side is given only about these if it is unable to authenticate the management server 31. For example, if the session ID is not NUL, the management server 31 can determine that post-authentication processing is necessary. In order to prevent the temporary job ID and the session ID from overlapping between the image forming apparatuses 101 to 10 m, the temporary job ID and the session ID include an image forming apparatus identification code as a part thereof.

  FIG. 18 is a flowchart illustrating login processing in the image forming apparatus 101.

  (S30) The user inputs the user ID and password by operating the operation panel 15 or bringing the IC card 23 closer to the IC card reader / writer 21.

  (S31) The current date and time is read from the timer 22.

  (S32) A new structure variable (instance) 320C is added to the authentication information list in the buffer area 130 shown in FIG. 20, and the user ID and password, and the login attempt date and time are written therein.

(S40) The following processes (steps S41 to S53) shown in FIG. 19 are executed. .
(S41) The image forming apparatus 101 performs processing for establishing a TCP / IP connection with the management server 31.

  (S42) If this connection is established, the process proceeds to step S43; otherwise, the process proceeds to step S52.

(S43) and transmits the content of the content and Joburo grayed authentication information list in the buffer area 130 to the management server 31.

  (S44) If all the authentication results are obtained within a predetermined time after transmission, the process proceeds to step S45. If one authentication result is not obtained, the process proceeds to step S52. It is not considered that only a part of the authentication result can be obtained.

  (S45) All the structure variables linked to the head node 320HA in the buffer area 130 are deleted.

  (S46) A timer interrupt mask, which will be described later, is set, and generation of a timer interrupt event is invalidated.

(S47) If all the authentication results indicate success, the processing in FIG. 19 is terminated. As a result, the process proceeds to a process (not shown) below step S40 in FIG. 18, the operation panel 15 is operated to set job information such as job type and paper size, and the start key can be pressed. If even one authentication result indicates failure, the process proceeds to step S48. In the processing (not shown), when the job log is completed, the job log is transmitted to the management server 31 via the network interface 18, and confirmation information indicating that the job log has been received from the management server 31 cannot be received. The job log is saved for transmission together with the authentication information list in step S43. In addition, the job log is assigned the same temporary job ID and session ID as the corresponding authentication information list.

  (S48) For a job with a user ID whose authentication result indicates failure, if the job start key is not pressed, the process proceeds to step S49, and if the job is started, the process proceeds to step S50. If there are a plurality of such jobs, for example, such processing is executed for the one job in the order of the login trial date and time LIDateTime, and the same processing is executed for the next job after completion. FIG. 19 shows such processing in a simplified manner.

  (S49) Display on the operation panel 15 to re-enter the user ID and password, and return to step S30 in FIG.

  (S50) For a job with a user ID whose authentication result indicates failure, if the job is being executed, the process proceeds to step S51, and if not, the process of step S40 in FIG. 18 is terminated.

  (S51) The fact that the job being executed is to be stopped because authentication has failed is displayed on the operation panel 15, and the process proceeds to step S49.

  As a result of such processing, when the management server 31 becomes able to authenticate, post-authentication is promptly performed, and in the case of authentication failure, a process for entering the user ID and password is performed even during job execution. Because it will return, unauthorized use is minimized.

  (S52) The temporary job ID and session ID described above are determined and entered in the structure variable 320C added in step S32.

  (S53) The timer interrupt mask is reset and the generation of the timer interrupt event is validated.

  This enables the MPU 11 to be interrupted at a preset time interval in the register in the timer 22, and the processing shown in FIG. 19 is started by this timer interrupt.

This process is for promptly transmitting unauthenticated authenticated information held in the buffer area 130 to the management server 31.

  FIG. 21 is a flowchart showing a post-authentication process when the management server 31 receives unauthenticated authentication information in response to the process of step S23 of FIG.

  (S60) If the same job log as the set of temporary job ID and temporary session ID values included in the authentication information has been received, the process proceeds to step S61; otherwise, the process proceeds to step S62.

  (S61) The job log is compressed by performing the process of FIG. 12, and the above-described charging process is performed from this and unit price information. Further, as described above, whether or not the accumulated page number exceeds the corresponding limited page number. If a positive determination is made, a job execution prohibition flag is set.

  (S62) The above-described authentication processing is performed afterwards on unauthenticated information to be authenticated, and the result is returned to the image forming apparatus 101 that is the transmission source. In response to this, the image forming apparatus 101 performs the process of step S44 in FIG.

  (S63) If the authentication is successful, the process proceeds to step S64; otherwise, the process proceeds to step S68. To be exact, when there are a plurality of authentication results, for example, such processing is executed for the one authentication result in order from the newest login attempt date and time LIDateTime, and the same processing is performed for the next authentication result after completion. FIG. 21 shows such processing in a simplified manner.

  (S64) If there is a job log corresponding to this authentication information, the process proceeds to step S65; otherwise, the post-authentication process in FIG. 21 is terminated.

  (S65) If the above-described job execution prohibition flag is “1”, the process proceeds to step S66; otherwise, the post-authentication process in FIG. 21 is terminated.

  (S66) Although it is a regular user, the fact that the cumulative number of pages has exceeded the limit number of pages for post-authentication and the login trial date and time and device ID (or a table not shown) included in the unauthenticated authenticated information This is converted into a device name) and an electronic mail including the contents of the log is created.

  (S67) The created e-mail is automatically transmitted to a preset administrator, and the process of FIG. 21 is terminated.

(S68) If Re job log is closed corresponding to the authentication information the process proceeds to step S69, the process proceeds to step S70 otherwise.

   (S69) Create an e-mail including the fact that the unauthorized user has already executed the job for post-authentication, the login attempt date and time included in the unauthenticated authenticated information, the device ID, and the contents of the job log, step S67 Proceed to

  (S70) For post-authentication, an e-mail including the fact that the unauthorized user is currently executing the job and the login attempt date and device ID included in the unauthenticated authenticated information is created, and the process proceeds to step S67.

  As a result of such processing, the management server 31 promptly performs processing according to the post-authentication result, the presence / absence of the job log, and whether or not the cumulative page count exceeds the limit page count. In this case, even if the use of the image forming apparatus 101 is permitted, the effect of preventing or suppressing unauthorized use can be obtained, and the management server 31 can manage it centrally with almost no problem.

  The preferred embodiments of the present invention have been described above. However, the present invention includes various modifications, and other combinations of the components described in the above-described embodiments, and the functions of the components. Other configurations that use other configurations, and other configurations that would be conceived by those skilled in the art from these configurations or functions are also included in the present invention. For example, the present invention includes the following modifications.

  (1) The job log may be in a format other than XML, and only one of the header (for example, start tag) and footer (for example, end tag) indicating a delimiter of page billing information may be included.

  (2) Before transmitting the job log, it is determined whether or not the job log can be transmitted based on whether or not confirmation information can be received from the management server 31 by transmitting, for example, only the header from the image forming apparatus to the management server 31. It may be configured to.

  (3) A configuration in which the management server 31 is separated into an authentication server and a billing server, a configuration in which the authentication server is incorporated in the image forming apparatus, and the print server 30 and the management server 31 are integrated. This scheme can also be applied to other configurations.

  (4) The group ID may be a code for identifying a group other than the department, for example, a project team or a class.

  (5) Instead of using the job prohibition flag, the configuration may be such that the limit page number and the cumulative number are compared and the result is used.

  (6) In the above embodiment, the case where the limited use number and the cumulative use number are the limited page number and the cumulative page number, respectively, has been described. May be.

(A) is a flowchart showing processing related to a job log in the image forming apparatus according to the first embodiment of the present invention, and (B) is an explanatory diagram of step S6 of (A). It is explanatory drawing of the user table stored in the memory | storage device of a management server. It is explanatory drawing of the table stored in the memory | storage device of an image forming apparatus, (A) is a user table explanatory drawing, (B) is a department management table explanatory drawing. FIG. 7 is a sequence diagram in a case where a print job is performed from a client to an image forming apparatus using the system of FIG. 6. FIG. 10 is a sequence diagram in a case where a copy job, a facsimile transmission job, or a print job of a file in a USB memory is performed on the operation panel of the image forming apparatus. 1 is a schematic block diagram of an image forming system. FIG. 3 is a schematic block diagram illustrating a hardware configuration when the image forming apparatus is a multifunction peripheral. It is a schematic block diagram which shows the hardware constitutions of a management server. It is a partial flowchart corresponding to Step S6 of Drawing 1 concerning Example 2 of the present invention. FIG. 5 is an explanatory diagram of a job log described in XML. FIG. 11 is an explanatory diagram of a job log in which a page count item is added to each page information of FIG. 10. It is a flowchart which shows the accounting information compression process in a job log by a management server. FIG. 13 is an explanatory diagram of a billing information compressed job log processed according to the flowchart of FIG. 12. 10 is a flowchart illustrating job log transmission processing from the image forming apparatus to the management server according to the third exemplary embodiment of the present invention. It is a figure explaining the process in the flowchart of FIG. 15 is a flowchart corresponding to FIG. 14 according to a fourth embodiment of the present invention. It is a figure explaining the process in the flowchart of FIG. 10 is a flowchart illustrating login processing in an image forming apparatus according to Embodiment 5 of the present invention. FIG. 18 is a diagram illustrating authentication target information stored in the buffer area of the PROM of the image forming apparatus in the same manner as in FIG. 17 when authentication cannot be performed by the management server. 6 is a flowchart illustrating a timer interrupt process when there is an unauthenticated process to be authenticated on the image forming apparatus side. 20 is a flowchart showing post-authentication processing when the management server receives unauthenticated authenticated information in response to the processing in step S23 of FIG.

Explanation of symbols

11, 41 MPU
12, 42 Interface 13, 43 PROM
130 Buffer area 14, 44 DRAM
DESCRIPTION OF SYMBOLS 15 Operation panel 16 Printer 17 Scanner 18, 48 Network interface 19 FAX modem 20 Port 21 IC card reader / writer 22 Timer 23 IC card 24 USB memory 101-10m Image forming apparatus 201-20n Client 30 Print server 31 Management server 32 Job log File 320 to 323, 320A, 320B Job log XML file 320C, 321C Structure variable 320H, 320HA Head node 320N to 323N Node 33 LAN
34, 35 User table 36 Department management table 45 Hard disk drive 46 Interactive input device 47 Display device 51-5p Page billing information PageInfo

Claims (4)

An image forming apparatus including a processor, storage means for storing programs and data, input means, and a communication interface, and a management server having a user authentication function and registered with an administrator's e-mail address In an image forming system coupled to
The program is for the processor
(A) A list including authentication target information input via the input unit is transmitted to the management server via the communication interface to request authentication.
(B) If the authentication result cannot be received from the management server, the list is stored in the storage means, and the authentication is regarded as successful, and is selected by the user corresponding to the authentication target information related to the authentication. was job is accepted,
(C) causing the job log to be transmitted to the management server via the communication interface at the end of the job;
(D) When the confirmation information indicating that the job log has been received from the management server cannot be received, the job log is also stored in the storage unit;
(E) If the list exists in the storage unit, the list is transmitted to the management server at a predetermined time. At this time, if the job log exists in the storage unit, the list is simultaneously transmitted to the management server. ,
(F) When the authentication result for the list transmitted in the process (e) is received from the management server, if the authentication result indicates an authentication failure, the user selects the authentication information related to the authentication failure. to determine whether job is completed, when the negative determination, the job is stopped,
The management server authenticates the unauthenticated authentication information and transmits the result to the image forming apparatus. When the result indicates an authentication failure ,
If a job log corresponding to the unauthenticated authentication information has not been received, an e-mail containing information indicating that the unauthorized user is currently executing the job is created for post-authentication and the administrator Send to
When the job log has been received, an e-mail including the content that the unauthorized user has already executed the job for post-authentication is created and sent to the administrator.
An image forming system. It further includes a timer that outputs the current date and time,
The program is for the processor
In the process (a), the output of the timer is read as the login attempt date and time, and this is added to the list.
The image forming system according to claim 1. The program is for the processor
In the process (b), a temporary session ID and a job ID are assigned and added to the list.
In the process (d), the temporary session ID and job ID are included in the corresponding job log.
The image forming system according to claim 2. The management server further includes:
It manages whether the cumulative number of pages for image formation does not exceed the limit number of pages for each user ID,
If authentication with respect to the unauthenticated authentication information succeeds, if a job log is received from the image forming apparatus, the number of used pages included in the job log is set to the accumulated page of the user ID corresponding to the job log. If the result exceeds the corresponding limited number of pages, an e-mail containing the content that the cumulative number of pages has exceeded the limited number of pages for post-authentication will be created if it is a regular user. Send to the administrator,
The image forming system according to claim 1, wherein the image forming system is an image forming system.

Images