Skip to Content

SAP File Lifecycle Management(FLM) Digital Signature Implementation Example

Digital Signature Overview

A digital signature is an electronic form of a signature that can be used to authenticate the identity of the sender of a message or the signer of a document and also ensure that the original content of the message or document that has been sent is unchanged.

 

Process overview:

The following document describes the process to integrate SAP File Lifecycle Management (FLM) with a digital signature solution.

Digital signature solution enables you to authenticate the identity of the sender or the signer of a file. You can integrate SAP FLM with any digital signature solution such as nCode, eMudra.

Prerequisite:

  • You have implemented a digital signature solution
  • You have activated digital signature in the Customizing under SAP NetWeaver -> Application Server -> SAP File Lifecycle Management -> Basic Settings  -> Setup Workflow  -> Define Constants

You can activate digital signature by maintaining value of the constant DSR as 1 in this view. The system by default holds the value 0; however, to activate digital signature, enter the value 1.

  • You have extended the standard hook customDigitalSignData

The standard system provides the hook customDigitalSignData. This hook enables you to integrate customer specific digital signature solution with FLM. You can extend this hook to define customer specific validations for digital signature.

Process:

Note that this is a sample process to describe integration of SAP FLM with a digital signature solution. You can modify the process as per your business needs.

  1. Trigger check for digital signature – During loading of the file, the system reads the value maintained in the Define Constants, Customizing to check if digital signature is active in the system.

   2.  If digital signature is active, then when the user clicks the File Send button to send the file to the next approver or user, system proceeds as follows in the         following scenarios:

      • If user has a valid registered certificate - System displays valid certificate(s) of the user. The user selects the relevant certificate for his user ID. The system validates if the certificated selected by the user is a valid certificate for the user ID. And proceed as follows:
        • If the selected certificate is NOT valid, the system displays an error message to notify the user that the certificate is not valid for his or her user ID.
        • If the selected certificate is valid, the system stores file details, user details and certificate details in the backend and send the file to the next approver in the workflow.  Note that these details can be used for audit purposes. The system then

Note that you can define customer specific validations for cerficate validation.

  • If user certificate is NOT registered - System displays a message to the user that the user certificate is NOT registered and asks if the users want to sign the file digitally. Based on the user input the system proceeds as follows:

 

    • If the user wants to digitally sign the file, the system prompts the user to register the certificate. Once the user registers the certificate, the system store file details, user details and certificate details in the backend and sends the file to the next approver in the workflow. We recommend that you create a transaction to register the certificate.
    • If the user does Not wants to digitally sign the file, the system sends the file to the next approver in the workflow. Note that in this case the system does not store any digital signature relevant details in the database.

  • If user certificate has expired - The system displays a message to the user that the user certificate has expired and asks if the users want to sign the file digitally. Based on the user input the system proceeds as follows:

 

    • If the user wants to digitally sign the file, the system prompts the user to register the certificate. Once the user registers the certificate, the system stores the file details, user details and certificate details in the backend and sends the file to the next approver in the workflow. We recommend that you create a transaction to register the certificate
    • In the user does Not wants to digitally sign the file, the system sends the file to the next approver in the workflow.

3.  Else if the digital signature is Not active, then the system sends the file to the next approver in the workflow. Note that in this case the system does not store any digital signature relevant details in the database.

As mentioned above, the screenshot shown above are sample screen and NOT standard screens. You should create customer specific screens as per your customer needs.

Former Member

No comments