3 Replies Latest reply on Feb 21, 2007 12:10 PM by Ronald van Kuijk

    21CFR11 compliance - digital signatures

    Adam Stortz Newbie

      I need to have digital signatures in the workflow that are 21CFR11 compliant. The audit trail is easy... jBPM handles that for me. What I want to be able to avoid is persisting the user's password. Is there a way to intercept the completion of a task before persistance?

        • 1. Re: 21CFR11 compliance - digital signatures
          Ronald van Kuijk Master

          The user's password? Where would that be filled in? In a form? If you do not want to persists it and want to use digital signatures, then why request it in the first place??? It is easier to build your own webapp and do with the password you want than to change/adapt jBPM either by interceptors or whatever.

          • 2. Re: 21CFR11 compliance - digital signatures
            Adam Stortz Newbie

            The user's password would be filled in when providing the information to complete the task. 21CFR11 requires the user to provide username and password at the time of performing the task. this ensures that the person that signed off is the user that is logged in. Unfortunately I have almost no control over the client, since I am using an instance of jBPM that is embedded in another application that handles the client for me. Thus, I need to be able to make this change inside of jBPM

            • 3. Re: 21CFR11 compliance - digital signatures
              Ronald van Kuijk Master

              Since I'm from europe, I do not know much about 21 CFR 11, but it also states 'digital signatures' as do you. I do not see that relation here and not to storing the passwords. But...

              There is always an api between the client and the server. ... I would solve it there, not just before storing the password.