IPDFSignature Class Methods

The methods in this section are described in alphabetical order.

Syntax

getErrorString()

Description

Implement the getErrorString method to return a detailed error message to BI Publisher for PeopleSoft. A detailed error message can be internal to your implementation of the getSignatureId method or one that is passed back from an invocation of a PT_SECURITY_DIGITALCERTSTORE:DigitalCertStore method.

Note: This is an abstract method.

Parameters

None.

Returns

A String value.

Example

During execution of the getSignatureId method, the &m_errorStr instance variable is set to the message catalog entry corresponding to any error returned from invocations of DigitalCertStore methods. For example:

If ... Then
   &m_errorStr = MsgGet(&m_ErrorMessageSet, 64, "### Not able to retrieve a list of digital IDs.");
End-If;

Then, this &m_errorStr instance variable is set as the return value for the getErrorString method:

method getErrorString
   /+ Returns String +/
   /+ Extends/implements IPT_PDFSIGNATURE_INT:IPDFSignature.getErrorString +/
   Return &m_errorStr;
end-method;

Syntax

getSignatureId()

Description

Implement the getSignatureId method to return the digital ID for the certificate that is to be used to sign a specific report. In this context, the certificate's digital ID is also referred to as the signature ID.

Note: This is an abstract method.

Use the six input properties set by BI Publisher for PeopleSoft to determine who is the signer of the specific report instance. In particular, the KeyFieldNames and KeyFieldValues arrays contain values that pertain to the specific report instance. Use methods of PT_SECURITY_DIGITALCERTSTORE:DigitalCertStore (accessed through the secStore property) to obtain information on certificates, signers, digital IDs, and authorized users defined in the certification store.

For example, use the following methods to determine digital IDs and signers:

  • getDigitalIdBySigner

  • getListOfDigitalId

  • getListOfSigner

Use the OperatorId property and the following methods to determine whether the current user (the operator) is authorized to produce a report signed by this signer:

  • getListOfAuthorizedUsers

  • getListOfAuthorizedRoleNames

Finally, use the isDigitalCertValid method to determine whether a specific certificate in the certification store is valid.

Parameters

None.

Returns

A String value.

Example

The following example implementation is incomplete in that it does not include the application logic that would determine the actual report signer, the digital IDs that can be used by that signer, or which of those digital IDs to use to sign this report. These determinations depend on specific business rules and requirements. However, once the signer and a digital ID are determined, this example invokes the getListOfDigitalId method to determine whether the specified digital ID exists in the certification store. If that check is successful, then this digital ID is returned as the ID for the certificate to be used to sign the report.

method getSignatureId
   /+ Returns String +/
   /+ Extends/implements IPT_PDFSIGNATURE_INT:IPDFSignature.getSignatureId +/   
   
  /* DigitalCertStore instance (&secStore) is provided by BI Publisher, so this part is not required */
  If &secStore = Null Then
      &secStore = create PT_SECURITY_DIGITALCERTSTORE:DigitalCertStore();
      If &secStore = Null Then
         &m_errorStr = "Cannot create an instance of PT_SECURITY_DIGITALCERTSTORE:DigitalCertStore.";
         Return "";
      End-If;
   End-If;
   &m_ErrorMessageSet = &secStore.ErrorMessageSet;
   
   Local string &psw, &digitalID, &retrievedID, &sOutDestination, &certPath;
   Local array of string &arrIds;
   Local number &errCode, &i;
   
   &digitalID = "";
   
   /* Insert the application logic to determine the report signer and his or her  */
   /* certificate IDs (digital IDs) here. For this example, the signer is assumed */
   /* to be Joe Doe, and the digital ID retrieved for this user is "JoeDoe".      */

   &retrievedID = "JoeDoe"; 

   /* Determine whether this digital ID is in the digital certification store. */
   &arrIds = CreateArrayRept("", 0);
   &errCode = &secStore.getListOfDigitalId(&arrIds);
   If &errCode > 0 Then
      &m_errorStr = &secStore.ErrorMessageDetail;
      Return "";
   End-If;

   If &arrIds.Len = 0 Then
      &m_errorStr = MsgGet(&m_ErrorMessageSet, 64, "### Not able to retrieve a list of digital IDs.");
      Return "";
   End-If;

   For &i = 1 To &arrIds.Len
      If &arrIds [&i] = &retrievedID Then
         &digitalID = &retrievedID;
         Return &digitalID;
      End-If;
   End-For;

   &m_errorStr = MsgGet(&m_ErrorMessageSet, 71, "### Not able to retrieve signer for this digital ID", &retrievedID);
   Return "";
end-method;