+6
I have a process that will require an approver to enter their name in a people picker that will resolve against an AD smartobject as a "Signature". Can this be setup to require that the person also put in the password for that account at the time they "Sign"? Or is there any other provisions in Smartforms for assuring only the person with that task can enter the name in the picker?
Thanks
Dave
+7
Hi,
Firstly when you say Singature, do you mean its Digital signature? If so why dont you check with DocuSign integration for which K2 provides out of the box integration. Can you provide me more details?
Cheers,
Prajwal Shambhu
+6
Its really more of a "Feel good" feature for the users. Its a Manager Approval process, very simple and I have explained that only the destination user can action the form (i.e. approve the expense) unless delegated to another that has process rights, and that no further authentication is needed to be able to audit the process. So my thought was, create a picker or something that would require a password in order to complete the task. Redundant I know, but I needed to due my due diligence
+3
Kind of an interesting situation. I know sometimes you just have to satisfy the cravings of the users.
Without any "actual auth", you could have users do a graphical-ish signature: http://community.k2.com/t5/K2-blackpearl/Signature-Pad-Control/ba-p/72656
I've never used this one but something like it. That can give users a little thrill.
Or: Kind of a hack, but you could hijack one of the AD attributes that you are not using, that also show up in Ad Service2 > AD User > GetUserDetails (perhaps SipAccount or HomePage) and store a PIN in it for each user.
Then have the user input the PIN on your form (instead of their user password) and just look it up on submit, compare. This could even be done as a "enter PIN to unlock form" kind of thing, if you start with most of the controls properties set to ReadOnly, and then set them to readwrite only after the successful PIN entry thing.
Or: if you really want the users to authenticate themselves, you might be able to set up a separate IIS server with IWA/SSO turned *off* forcing basic auth (but still against AD) wich returns some kind of simple pseudo-certificate (like maybe an XML file with authenticated username, datetime stamp, client IP address, and if you want to be fancy hash all that along with some server-side secret and include the hash in the response). Then, in the SmartForm, do some kind of ajax thing to grab the aforementioned pseudocertification and copy it somewhere into the form controls.
Good luck and please let us know what you end up doing and how well it went over with the users.
- Justin
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.