Chapter 4. Building the base scenario: Stage 1 97
4.6.4 Adding Signature buttons
Digital signatures have two purposes:
Identifying signers:
Digital signatures affix the signer’s name and e-mail address to the document.
Secure documents:
Digital signatures use encryption algorithms and digital certificates to guarantee form
security.
When users sign a document, a “snapshot” of the document is taken and hashed to produce
a unique number representing your document. If the document changes, hashing produces a
different number. As a result, you can think of a hash as a document’s digital fingerprint,
unique and unmistakable.
In other words, once users have signed a form, any alterations to the signed portion of the
form breaks the signature. For example, if a malicious user tampers with the form’s XFDL
code, the Viewer detects the change. The Viewer then displays an error message warning
that one or more of the form’s digital signatures is invalid. It also changes the label on the
signature button to read “INVALID”. This means that if someone tried to alter a signed form to
change the meaning of the form, subsequent users would be alerted to the fact that the form
had been changed. This security measure does not prevent the original signers from making
changes to the form — if they wish to make changes, they can simply delete their signatures
from the form, modify their entries, and re-sign the form.
While creating digital signature buttons can be complicated in XFDL, the Designer provides a
simple interface that allows you to create them easily. To create a signature button:
1. Create a button on your form.
2. Double-click the button.
a. The Properties dialog box opens.
3. Under Perform This Action, select Signature from the pop-up.
4. Click Details.
a. The Signature Action Details dialog box opens.
5. Ensure that Sign Entire Form is selected, and click OK.
The Designer allows you to sign the entire form, or create custom signatures.
Signature filters
Occasionally, you may find that you do not want certain items or options to be signed. You
may wish to create different form sections to be signed by different users, or you may want a
custom item to continue working after the form is signed. You can accomplish this with
signature filters.
Signature filters allow you to set which form elements you want to sign. There are two kinds of
signature filters:
omit: The
Omit filters let you specify the form elements you do not want to sign, and
ensures that the rest of the form is signed. This filter guarantees that everything in the
form is secured, except the form elements that you choose.
keep: The
Keep filters let you specify the form elements you want to sign, leaving the rest
of the form unsigned. This filter only secures the form elements that you choose, leaving
the remainder of the form unprotected.
Get IBM Workplace Forms: Guide to Building and Integrating a Sample Workplace Forms Application now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
