Table of Contents

Fallback for Visual Signing with PADESSignValve

Overview

In document signing workflows, ensuring every document is securely signed, even under challenging conditions, is critical for maintaining process efficiency and data integrity. Some organizations require visual signatures to provide a clear, human-readable trail of signers directly on the document. However, certain limitations can prevent visual signatures from being applied, such as:

  • Insufficient space on the visual trail page to accommodate all signatures.
  • Documents that are already signed, where adding a trailing page is not possible due to compliance or technical constraints.

To address these scenarios, a fallback mechanism can be implemented using the PADESSignValve. This non-visual signing option ensures that documents are signed securely, even when visual signing fails. By combining the PADESSignVisibleSignatureValve and PADESSignValve in a single pipe, organizations can guarantee document signing completion without manual intervention, maintaining both security and efficiency.

How It Works

To configure a fallback mechanism for visual signing:

  1. Positioning in the Pipe:
    Place the PADESSignValve after the PADESSignVisibleSignatureValve in the pipe.

  2. Configuring PADESSignVisibleSignatureValve:
    Add the following properties to the PADESSignVisibleSignatureValve:

    • proceed_on_error: Set to true to allow the pipe to continue execution if the valve fails (e.g., due to limited space or an existing signature).
    • fail_property: Assign a property name, such as my-property-name, to track whether the valve failed.

  3. Enabling PADESSignValve Execution:
    Configure the PADESSignValve to execute only if the visual signing fails. Add the following property:

    • exec_if_expr: Set to flow.getPropertyValue('my-property-name', 'false').equals('true').
      This ensures the PADESSignValve executes only when my-property-name is set to true, indicating a failure in the PADESSignVisibleSignatureValve.

Example Configuration

The example below assumes you have an existing pipe for visual PAdES signing:

{
  "name": "PADESSignVisibleSignatureValve",
  "enabled": "true",
  "config": {
    "keyStoreID": "{{item.keyStoreId}}",
    "pdfSourceData": "{{item.temporary}}",
    "pdfTarget": "document",
    "proceed_on_error": "true",
    "fail_property": "if_no_visual"
  }
},
{
  "name": "PADESSignValve",
  "enabled": "true",
  "config": {
    "keyStoreID": "{{item.keyStoreId}}",
    "pdfSourceData": "{{item.temporary}}",
    "pdfTarget": "document",
    "exec_if_expr": "flow.getPropertyValue('if_no_visual', 'false').equals('true')"
  }
}

Explanation of the Configuration:

  1. PADESSignVisibleSignatureValve:

    • Attempts to apply visual signatures to the document.
    • If it fails, the fail_property if_no_visual is set to true.

  2. PADESSignValve:

    • Executes only if the fail_property is true, ensuring fallback signing when visual signatures cannot be applied.

Validation and Fallback Testing

Follow these steps to test the fallback mechanism:

  1. Prepare the Environment:

  2. Scenario 1: Document with Sufficient Space:

    • Use a document that has adequate space for visual signatures.
    • Verify that only the PADESSignVisibleSignatureValve executes.
    • Confirm the document includes visual signatures and no fallback execution occurred.

  3. Scenario 2: Document with Insufficient Space:

    • Use a document with limited space on the visual trail page.
    • Verify that the PADESSignVisibleSignatureValve fails and the fail_property is set to true.
    • Confirm the PADESSignValve executes and the document is signed without visual signatures.

  4. Scenario 3: Already Signed Document:

    • Test with a document that is already signed and cannot accommodate a visual trail page.
    • Confirm the fallback mechanism triggers the PADESSignValve to apply a non-visual signature.

  5. Validation:

    • Open the resulting document in a PDF reader that supports signature validation (e.g., Adobe Acrobat).
    • Verify:
      • The signature is valid and trusted.
      • The document integrity is intact.

  6. Monitor Logs:

    • Check the PAS logs to ensure proper execution of valves and to identify any errors during the process.

This testing process ensures that the fallback mechanism functions as intended, securing documents even when visual signing cannot be applied.

PDF Signing