Showing posts with label pdf. Show all posts
Showing posts with label pdf. Show all posts

Friday, February 17, 2023

Securing PDF

Following is a way to secure pdf files generated via non-BI Publisher technology like SQR. For this test I am running PT 8.59.x. Should be available in slightly older Peopletools releases too, like PT 8.56.x

Oracle provides java classes that can be used for securing a pdf file. This method will add a password to the pdf file, so that a password is prompted to the user while opening the pdf as well as adds a digital signature to the pdf. This class does both so if the requirement is to only password protect a pdf file, we still have to add a signature but make it small or invisible. 

This method also requires a digital certificate signed by one of the approved adobe certificate authorities called as AATL. The certificate has to be pfx format (can be converted using tools like openssl). If a self-signed certificate is used, the process still works but the end user will receive a warning banner in adobe reader once the document is opened and will have to manually trust the certificate by adding it to the adbobe trust store. 

The solution uses two java classes that are delivered with PeopleTools

1. java.util.Properties

2. oracle.xdo.common.pdf.signature.PDFSignature


Local JavaObject &jProp = CreateJavaObject("java.util.Properties");

&jProp.setProperty("signature-enable", "True");
&jProp.setProperty("pdf-security", "True");
&jProp.setProperty("pdf-open-password", &EncryptPswd);
&jProp.setProperty("pdf-permissions-password", &EncryptPswd);
&jProp.setProperty("pdf-changes-allowed", "0");

&EncryptPswd is the password that will be used to open the pdf file. 

&inFile is the complete path to the source pdf file and &outFile is the complete path of the secured pdf file. 

Local JavaObject &pdfSignature = CreateJavaObject("oracle.xdo.common.pdf.signature.PDFSignature", &inFile, &outFile);
   
&pdfSignature.setConfig(&jProp);
&pdfSignature.setLocale("en");

&digPswd is the password of the pfx digitial certificate file and &digSign is the complete path to the pfx file. Make sure the paths use "//" insread of "/" or "\\" instead of "\".

&pdfSignature.init(&digPswd, &digSign);

Following plots the signature in the pdf file. If a signature is not needed then make it small or invisible. Adjust the values as required. 
&xCord = 0;
&yCord = 0;
&width = 0;
&height = 0;
&pageIndex = 1;
&sReason can be some text or blank if none is required.
      
Local JavaObject &jFloatArray = CreateJavaObject("float[]", &xCord, &yCord, &width, &height);
&pdfSignature.addSignatureField(&pageIndex, &jFloatArray, "PSoftSign");
&pdfSignature.sign("PSoftSign", &sReason);
&pdfSignature.cleanup();

clean-up memory once done.
&jProp = Null;
&pdfSignature = Null;
&jFloatArray = Null;

/* delete the un-encrypted file */
Local object &delFile = CreateJavaObject("java.io.File", &inFile);
&delFile.delete();


Saturday, March 26, 2016

Sending and Receiving MTOM-encoded binary data

PeopleSoft supports the MTOM protocol for sending and receiving binary data using service operations. While you can send and receive binary data using SOAP, doing so requires that you Base64-encode the data, which can increase message size by 33 percent or more. The MTOM protocol enables you to send and receive binary data in its original binary form, without any increase in size due to encoding.
For sending or receiving MTOM-encoded binary data, we have to use message segments to store the data. The SegmentContentType property of the message object is used to set or read the content type of each message segment.

Following is a test that I did to send a XML file as an attachment in a SOAP message and then read the attachment that is sent by the 3rd party system that I am interacting with. I am running PT 8.53.22.

Sending:

Request message is as shown below. For this test I am storing this in a html object called as MY_MESSAGE but this can be generated dynamically as needed using SOAPDoc or XMLDoc classes. The request message defined on the service operation is nonrowset based. 

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header/>
<soapenv:Body>
<submitLargeDocument>        
    <Document>  
         <PsftXopInclude SegmentNumber='1'/> 
    </Document>      
</submitLargeDocument>
</soapenv:Body>
</soapenv:Envelope>

document.xml is my payload which I have created in a different routine and I am just using it here. Its just like creating any other XML file in PeopleSoft. Payload can be a binary file like a pdf or a image file.
Sender node is my default local node and receiving node is the delivered WSDL_NODE. You can always create a custom receiving node if needed. Routing is using local gateway and HTTPTARGET connector. Under routing, connector properties content-type is set to text/xml as my payload is a xml file, HTTPPROPERTY MTOM is set to Y, METHOD is POST, SOAPUpContent is set to N as I have already built the SOAP wrapper in my html object above. If you need IB to create the wrapper then set this property to Y. Provided PRIMARYURL to destination 3rd party application. Took all other defaults.

PeopleCode:

&str = GetHTMLText(HTML.MY_MESSAGE);
&requestXMLDoc = CreateXmlDoc();
&ret = &requestXMLDoc.ParseXmlString(&str);

&request = CreateMessage(Operation.SEND_OPERATION);
&request.SetXmlDoc(&requestXMLDoc);

&MTOMFile = GetFile("C:\temp\document.xml", "R", %FilePath_Absolute);
If &MTOMFile.IsOpen Then   
   &theBase64encodedString = &MTOMFile.GetBase64StringFromBinary();   
   &MTOMFile.Close();
End-If;

&request.CreateNextSegment();

If (&request.SetContentString(&theBase64encodedString)) Then   
    &request.SegmentContentType = "application/xml";  
    &request.SegmentContentTransfer = %ContentTransfer_Binary;
End-If;

&response = %IntBroker.SyncRequest(&request);

Receiving:

Response message defined on the service operation is a non-rowset based message. Sender node is the default local node and receiving node is WSDL_NODE. Using local gateway and HTTPTARGET connector. Setting HEADER properties Content-Type to text/xml as the response attachment that I am receiving is a xml file, sendUncompressed is Y, HTTPPROPERTY Method is POST and SOAPUpContent is Y and finally the PRIMARYURL to the 3rd party service.

On the weblogic webserver, in the integrationGateway.properties file enable the MTOM Listening Connectors. 
ig.MTOM.enablePeopleSoftServiceListeningConnector=true
ig.MTOM.enableHttpListeningConnector=true

Bounce the webserver after making this change.

PeopleCode:

This is pretty straightforward. Once the request is made, read the response and parse out the document.

&response = %IntBroker.SyncRequest(&request);
&responseXMLDoc = &response.GetXMLDoc();

If (&response.ResponseStatus = 0) Then
     &dataNode = &responseXMLDoc.DocumentElement.GetElementByTagName("data");
     &theData = &dataNode [1].GetCDataValues();
     &responsestr = &theData.Shift();
End-If;

The &responsestr string variable will have the response SOAP envelope as well as the attachment separated by message segments as shown below. Parsed it out using string functions.

<?xml version="1.0"?>
<data psnonxml="Yes">
  <![CDATA[
------=_Part_624_1792156364.1458048147094
Content-Type: application/xop+xml; charset=UTF-8; type="text/xml"
Content-Transfer-Encoding: 8bit
Content-ID: <soap.xml@xfire.codehaus.org>

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
.......
.......
.......
</soap:Body>
</soap:Envelope>
------=_Part_624_1792156364.1458048147094--

------=_Part_724_1792156364.1458048147094
Content-Type: application/xop+xml; charset=UTF-8; type="text/xml"
Content-Transfer-Encoding: 8bit
Content-ID: <soap.xml@xfire.codehaus.org>

<Document>
........
........
........
</Document>

------=_Part_724_1792156364.1458048147094--

]]>
</data>