Using certified forms
that are secured using the Rights Management service is useful when
you want to control who can use the form and also allow form users to
verify the form’s authenticity.
This Quick Start will be most useful to you if you are already
familiar with the Rights Management service. For more information,
see
Services Reference for AEM forms
.
For example, a company’s purchase order process enables users
to fill a PDF form and submit it online. The form is provided in
PDF and is protected with an Rights Management
11 policy so that only registered users can use it. The form is
also certified so that users can verify the form’s authenticity.
The following illustration shows the process diagram that is
used to prepare the form before it is provided to users.
The above process diagram includes the following service operations:
-
The renderPDFForm operation (Forms service) creates a
PDF form from an XDP file. The name of this operation on the process
diagram is
Render Form.
-
The Protect Document operation (Rights Management service)
applies a policy to the form to implement usage rights. The name
of this operation on the process diagram is
Restrict Document To ‘All Principals’.
-
The Certify PDF operation (Signature service) certifies the
document. The certification signature assures the recipient of the
form’s authenticity and integrity. The name of this operation on
the process diagram is
Certify Document With Sample Key.
Note:
The order in which these operations are executed
is very important. Policy protection of a PDF document must occur
before certification.
Prerequisites
To policy-protect and certify a rendered PDF form, the
following conditions must be met when the process executes at run
time:
-
The form and, optionally, the initial data to merge with
the form is available to the process.
-
The form includes a signature field so that it can be certified.
-
The policy that is used to protect the form has been created,
and the name of the policy is available to the process. You use
administration console to create the policy.
-
The credential that is used to certify the form and the credential’s
alias is available to the process. You use administration console
to import credentials into AEM forms.
In the example process described previously, the form (XDP file)
is stored in the repository, and the form data is provided as input
when the process is invoked. Upon invocation, the form data is saved
in a
document
variable.
Configuration
This section describes how to configure the service operations
that the example process diagram includes. The operations in the
example process diagram build on the results of previous operations.
Therefore, the output data from one operation is used as the input
data of the subsequent operation. Specifically, a document variable
is used to store the PDF form that is passed between operations.
This variable is also configured as output data for the process.
The renderPDFForm operation requires the form and form data as
input:
-
An xfaForm variable is configured to reference the XDP
file that is stored in the repository. This variable is used as
the value of the Form To Render property of the operation.
-
The document variable that stores the initial form data is
used as the value of the Form Data property.
The PDF form that the renderPDFForm operation creates is stored
in a document variable. This document variable is also used as input
for the Apply Policy operation so that the PDF form is policy-protected:
-
The document variable is used as the value of the Input
PDF Document property of the operation.
-
The name of the policy that was created using Administration
Console is used as the value of the Policy Name property of the
operation.
-
The policy set to which the policy belongs is used as the
value of the Policy Set Name property of the operation.
The resulting policy-protected PDF form is stored in the same
document variable that was used as the operation’s input. The document
variable is then used as input for the Certify PDF operation:
-
The document variable is used as the value of the Input
PDF Document property of the operation.
-
The alias of the credential that was imported to AEM forms
using administration console is used as the value of the Alias property
of the operation.
The certified PDF form is stored in the same document variable
that was used as the operation’s input. Because the document variable
is configured as output data for the process, when the process is
complete, the policy-protected and certified PDF form is returned
to the user that invoked the process.
Other considerations
The example process described in this Quick Start reused
the document variable for saving the results of each operation.
This practice minimizes storage space used in the AEM forms database.
If your processes need to preserve the results of each operation,
save the results in different variables.
This Quick Start did not describe how to create Rights Management
policies or import credentials into AEM forms by using Administration
Console. For information about how to perform these tasks, see
Rights Management administration help
and
Trust Store Management Help
.
|
|
|