SmartSDK

Hello,

We are facing an issue when using the native Scan to Folder function.

We can create the user session with their directory without any problems. However, the user cannot provide the access credentials for the directory. The access credentials belong to an administrator account already configured on the printer.

The issue is that when selecting the directory in the scan function, it still prompts for credentials, even though they are already set up on the printer.

Is there any way to force the use of this printer configuration?
When used with custom authentication, is the printer configuration ignored?

Best regards,
Guilherme Santos

Hi support,

can I force the scan orientation to be portrait or landscape in Javascript code independently of the paper position in the feeder? 

Thank you,

Luís

Hi Team,
I am requesting a maintenance signature on our latest released plugin. Please find attached version 1.3.0 of our RF IDEAS Reader Plugin (zipped DALP & APK), along with the release notes for this build.

This version includes:

• Added support for BLE HWG update functionality for the rfIDEAS Reader.
• Enhanced response handling by returning response code and message.

We have internally tested the plugin updates on G2, G2.5, and G3 devices across multiple reader models.

Request for maintenance signature, bug fixes and other enhancements.

Print and Scan seems to be slow in most of the IM C's printers.  

I have attached the log file with you. 

Scan Issue:
Kindly find the below logs to see the difference of 1 min delay.

03-24 13:17:00.424 29876 29876 I UPConnector: service:ScanStMcn:#evtp :REQUEST_JOB_START state:IDLE > WAITING_JOB_START
03-24 13:18:08.682 29876 29876 I UPConnector: service:ScanStMcn:#evtp :CHANGE_JOB_STATE_PENDING state:WAITING_JOB_START > JOB_PENDING

Print Issue:
Kindly find the below logs to see the difference of 2 min delay.

03-24 13:09:39.305 29876 29876 I UPConnector: service:PrintStMcn:#evtp :CHANGE_JOB_STATE_PRE_PROCESS state:STATE_JOB_INITIAL > STATE_JOB_PRE_PROCESS
03-24 13:11:26.067 29876 29876 I UPConnector: service:PrintStMcn:#evtp :CHANGE_JOB_STATE_PRE_PENDING state:STATE_JOB_PRE_PROCESS > STATE_JOB_PRE_PENDING

Could you please help on this issue to understand why the process is getting delayed?

We currently have a Pro 8300 in our lab.  is there a difference in how the SDK interacts with this device (MFP Pro category) vs a device in the MFP category?  I have a vague recollection there are differences how devices in the MFP Pro vs MFP categories interact with the SDK.

We are looking to determine if this device is necessary in our lab.

Thanks!!!!

## Flaw ID: 1195
### Severity: MEDIUM
### CWE: 297 - Improper Validation of Certificate with Host Mismatch
### Repo: device-ricoh
### Sourcepath
jp/co/ricoh/ssdk/example/util/sslverificationskip/SSLConfig.java#31
### Description
In this call to !operator_newarray_initimp(), host-specific certificate data is not validated or is incorrectly validated. Failing to validate the certificate makes the SSL session susceptible to a man-in-the-middle attack.

Verify that the certificate is valid, matches the requested site, and is signed by a trusted root authority. Generate an error and destroy the connection if any of these conditions are not met.

References: 
CWE (https://cwe.mitre.org/data/definitions/297.html)
 

Hi RiDP,

I am working with Ricoh MFP and have an issue related to the "Delete Blank Page" setting. When this setting is enabled, blank pages are automatically removed during scanning. However, I need a way to determine which pages are considered blank during the scan process.

I checked the DetectionEvent (jp.co.ricoh.isdk.sdkservice.auth.custom.tracking.DetectionEvent), but it does not provide any information about whether a page is blank. It only includes details such as scan size and color mode.

In the SDK, I found that the API /rws/service/scanner/jobs/{Job ID} provides blankPageCount, but there is no data indicating which specific page is blank.

Is there any way to detect blank pages during scanning? Also, would it be possible for Ricoh to include this information in the DetectionEvent or another API?

Looking forward to your response.

Best regards,

Hi Ricoh Team,

Currently, when the PCC5 Embedded Client / Ricoh Unified Client application is installed as an authentication provider, the Ricoh MFP remains locked with the Kofax authentication screen. Users must log in with their credentials before accessing the Ricoh MFP Default Home Screen.

The customer is now requesting a capability that eliminates the authentication screen for users when they approach an MFD designed for open access. This would allow them to perform tasks like copying and faxing without encountering the authentication menu—unless they specifically choose to access a feature that requires authentication for tracking or security, such as printing or using the PCC5 Embedded Client application.

Could you please provide your insights on enabling the Ricoh MFP Default Home Screen to be displayed after installing the application in AUTH-ON mode, instead of showing the Kofax Authentication screen? Additionally, we seek a way to grant unrestricted access to native functions like copy, fax, and scan, while keeping print access restricted and requiring authentication only when users opt to use the Ricoh Unified Client application or print-related functions.

Looking forward to your inputs.

Thanks & Regards,
V R V Madan

after ran veracode scan, a flaw was reported:

## Flaw ID: 1111
### Severity: MEDIUM
### CWE: 331 - Insufficient Entropy
### Repo: device-ricoh
### Sourcepath
com/ricoh/auth/provider/RandomDigitFactory.java#19
### Description
Standard random number generators do not provide a sufficient amount of entropy when used for security purposes. Attackers can brute force the output of pseudorandom number generators such as rand().

If this random number is used where security is a concern, such as generating a session key or session identifier, use a trusted cryptographic random number generator instead. These can be found on the Windows platform in the CryptoAPI or in an open source library such as OpenSSL. In Java, use the SecureRandom object to ensure sufficient entropy.

References: 
CWE (https://cwe.mitre.org/data/definitions/331.html)
 

RandomDigitFactory is in aaa library aaa-provider-2.1.0.jar.