Simpler digital signatures in InfoPath forms in MOSS 2007?
https://stackoverflow.com/questions/9387160
-
28-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have recently inherited a MOSS 2007 based application primarily involving an InfoPath 2007 form, currently undergoing user acceptance testing prior to its first major release.
The form allows users to sign sections with digital signatures using the standard InfoPath functionality for this. In SharePoint this involves an ActiveX control which pops up a dialog, and within this the user opens another dialog to select a certificate, followed by ticking an acceptance checkbox and clicking "sign"
Management feels that this signing process is too complex for some users to understand (especially when it comes to getting people to accept the new system)
I've been asked to look into making this easier, and my first impression is that nothing can be done. I've looked into modifying the JavaScript that calls the ActiveX, but the control is effectively a black box with no useful functionality beyond what the standard InfoPath form code calls.
Can anything be done here other than reverse engineering and recreating the ActiveX control? Is there some setting I'm missing(I doubt this one)?
Alternatively any extra ammunition for telling my bosses this cannot be done would be appreciated.
Solution
You don't really have many options unfortunately. As you found there are no "hooks" into digital signature functionality or properties to manipulate. The same is true even if you reverse engineer it - those popups/dialogs are wrapped in a single call in order to avoid being manipulated by potentially malicious code.
It is annoying, and a huge headache at first to teach the users how it works. The one "good" thing (relatively) is that all Microsoft products share that same digital signature experience, even if they aren't on the web. So once your users get used to the process, they don't have to relearn something different when you want to start signing word documents or excel.
So ammo for the bosses:
- It can't be done for a reason, tampering with that would make it less secure
- The process is annoying but not that hard overall (usually one
dialog and button, sometimes two) - The process is common to all MS products (open up word and demonstrate this if need be)
Extra ammo - some of our users think it is neat they can attach a jpg of their actual signature and have it show up on the document.
OTHER TIPS
Do you need the digital signature for legal purposes? What I do in a few InfoPath based applications is I typically have two buttons, one that says Approve and another for Deny. When the user hits the Approve button, One of the rules is to add an entry into an audit history box (a read only text box) that grabs the logged in username and indicates their approval or denial.
While this isn't as legal binding or globally accepted as a digital signature it is a great way to just obtain a sign off from someone in workflow or process and requires them to be successfully sign into their workstation.
