3 Replies Latest reply on Feb 21, 2007 12:10 PM by kukeltje

21CFR11 compliance - digital signatures

adam.stortz Feb 20, 2007 9:16 AM

I need to have digital signatures in the workflow that are 21CFR11 compliant. The audit trail is easy... jBPM handles that for me. What I want to be able to avoid is persisting the user's password. Is there a way to intercept the completion of a task before persistance?

1. Re: 21CFR11 compliance - digital signatures

kukeltje Feb 21, 2007 11:28 AM (in response to adam.stortz)

The user's password? Where would that be filled in? In a form? If you do not want to persists it and want to use digital signatures, then why request it in the first place??? It is easier to build your own webapp and do with the password you want than to change/adapt jBPM either by interceptors or whatever.
Actions
2. Re: 21CFR11 compliance - digital signatures

adam.stortz Feb 21, 2007 11:35 AM (in response to adam.stortz)

The user's password would be filled in when providing the information to complete the task. 21CFR11 requires the user to provide username and password at the time of performing the task. this ensures that the person that signed off is the user that is logged in. Unfortunately I have almost no control over the client, since I am using an instance of jBPM that is embedded in another application that handles the client for me. Thus, I need to be able to make this change inside of jBPM
Actions
3. Re: 21CFR11 compliance - digital signatures

kukeltje Feb 21, 2007 12:10 PM (in response to adam.stortz)

Since I'm from europe, I do not know much about 21 CFR 11, but it also states 'digital signatures' as do you. I do not see that relation here and not to storing the passwords. But...

There is always an api between the client and the server. ... I would solve it there, not just before storing the password.
Actions

Go to original post