Introduction
For those of you who manage a process which requires you to capture electronic signatures on the documents that are part of that process, this blog post is a must read for you.
Main Article
With the 11.1.1.1.6 (PS/5) release of WebCenter Content 11g a new, and not so well published, feature called Electronic Signatures was introduced. The electronic signatures feature is enabled in Oracle WebCenter Content 11g by enabling the ElectronicSignatures component through the Component Manager Web Interface. To avoid confusion on terminology that tends to travel in close company, there is a point of distinction that should be made between electronic and digital signatures before proceeding with the Oracle WebCenter Content 11g electronic signature features.. Electronic Signature allows you to capture specific data points (ex: Name Of Signer, Date of Signature, etc) that represent the intent of signature and provides an electronic record of proof that someone has authorized the information contained within a document. Electronic signatures are not embedded within the document that the electronic signature is associated with. Digital signatures can be considered an implementation of electronic signatures. However unlike electronic signatures, digital signatures are implemented with cryptographically based public and private keys. These are keys which cannot be easily repudiated and represent a users/approvers handwritten signature and provide authenticity which is directly bound with the document or message being sent. In some instances digital signatures can also pertain to capturing a digital image of a person’s hand written signature that is linked to or imprinted on a document.
In Oracle WebCenter Content 11g the implementation of Electronic Signatures provides you with the following features that I will cover in this post:
End User:
Administrative:
When the Electronic Signature feature is enabled a check sum is calculated during the check-in of a document. The calculated check sum value is stored as metadata with each revision of the document being checked-in in a custom metadata field called xCheckSum. The checksum value calculated is based solely on the document contents and does not depend on an electronic signature being captured for the document. The supported algorithms used for computing the document checksum value are
The check sum compute algorithm used can be altered through a Checksum_Algorithm environment configuration entry that is part of the Electronic Signature component configuration. The configured value on initial installation of the component is SHA-512. The computation of the check sum for the document can be disabled by setting the environment configuration entry
to a value of false. When a document check sum value is being computed it is used in the features
Which are discussed further down in this post.
Electronic signature capture can be performed on documents either when they are not in a workflow approval process or are participating in a workflow approval process. The following illustrations outline the user experience for capturing an electronic signature for both scenarios
Sign Content Item Dialog
When the electronic signatures feature is enabled the workflow approval tasks are modified by changing the standard Approve action to an action of Sign and Approve
Note: By default capturing an electronic signature requires SSL to be enabled on an Oracle WebCenter Content instance via having the UseSSL configuration entry set with a value of true in the WebCenter Content core config.cfg configuration file. When you think of it this makes sense as a user is going to have greater piece of mind applying a signature to document that has no potential of being modified in transit which is what SSL encryption provides. For those implementations of WebCenter Content whose data only traverses internal corporate network segments where there is no concern of data being breached in transit, the following configuration entry that is part of ESignature can be set in either the ESignature environment resource configuration file or the core WebCenter content config.cfg file to disable the SSL requirement for signature capture
When an electronic signature has been captured on a specific content item revision, the content items document information page will display a signatures tab that allows the user to view the signatures that have been captured. (Note: A content item revision can receive more than one electronic signature as illustrated below)
Clicking on the actions icon in the column on a particular signature row will display additional details about the signature.
This feature uses the check sum value that is calculated for the revisions of checked-in content items to allow users to see if a document on their local file system matches any of the revisions of a selected content item. The following illustrations walk through the end user experience of matching a local file to a content item revision
This feature uses the check sum value that is calculated on revisions of checked-in content items to allow users to search the WebCenter Content repository for content items whose checksum value matches the calculated checksum value of a file on their local file system. The following illustrations walk through the end user experience.
Single Content Item Match
Multiple Item Content Matches
There is one administration option that is available with the Oracle WebCenter Content Electronic Signatures feature which allows you to extend the default set of electronic signature metadata. The default signature metadata that is supplied with the initial installation of the signature feature is:
The following illustration shows the administration interface that is provided for setting up additional signature metadata.
When the Electronic Signature feature is enabled along with PDF Watermark, the PDF Watermark capabilities are enhanced to provide the ability to apply a watermark of selected electronic signature data on a PDF rendition of a document. The following illustrations show how to configure a watermark template with electronic signature data using the PDF Watermark Administration Applet. For complete instructions on PDF watermark administration refer to the Oracle Fusion Middleware Managing Webcenter Content guide.
As it relates to electronic signature and PDF watermark there are primarily two main configuration points to consider
There is a custom Boolean metadata field that gets maintained with each content item named xESigHasElectronicSignature that gets stamped with a value of 1 when an electronic signature has been captured. I have found that this is a good metadata field to use to in a rule for a watermark template that will be used to watermark an electronic signature on a PDF rendition of a document.
When the electronic signature feature is enabled Edit Template dialog of the PDF Watermark Administration applet has a SignatureWaterMark tab added. The illustration below shows the interface for adding electronic signature fields. It needs to be noted that only electronic signature fields available for applying to a watermark template are custom ones that are added through the Electronic Signature Administration page.
As I was working with the features of the Electronic Signature component I thought that the document checksum calculation it provides lent itself for some nice feature enhancements which I have implemented in an add on component called ESignatureExtensions. The extended features being supplied with this component are:
This feature uses the checkum calculated when the content item revision was originally checked-in compared to a checksum that is computed when a request to download the document is initiated through the GET_FILE service to validate that the file had not been modified on the file system of the server after it was checked-in. If the comparison of checksums fails indicating the file has been changed, the file download is interupted and the user is presented with the following message
This feature uses the checksum calculated on the currently selected revision or all revisions of a content item to search the repository for other content items which are duplicates based on the checksum value which is computed from the file contents. These feature are accessible from the content information page actions menu
This feature uses the checksums computed on documents to scan the entire repository for content items which are duplicates of each other. In addition this feature provides the ability to download the results of the scan to a CSV formatted file that can be distributed to end users to view and analyze the data in Microsoft Excel to assist in the process of eliminating duplicate content from the repository
~Happy Signing~