Signing Server Documents with User Signatures

In this scenario, the user creates a document in HTML, saves it as a PDF on the server, and then is asked to sign the document. If the user chooses to sign, the challenge lies in executing the signing process directly on the server.

The hurdle stems from the fact that the user's signature is typically stored on their local computer, and PHP and JavaScript are insufficient for retrieving it remotely. To overcome this, a client-side solution is necessary.

While JavaScript can't directly access the user's key, Java can be utilized through a browser applet. This applet performs the signing process, ensuring that the private key remains on the client side.

SecureBlackbox offers a distributed signature add-on that addresses this specific issue. It supports multiple platforms, including PHP, Java, ASP.NET, and compiled modules. The add-on utilizes pre-built browser modules (Java Applet, ActiveX control, and Flash applet) for signing functionality.

In the absence of Java applet support, SecureBlackbox allows for applet execution via Java Web Start as an external application.

Alternatively, the complete document can be transferred to the client for signing using a Java applet in conjunction with iText or SecureBlackbox's Java edition. The signed document can then be uploaded back to the server.

By leveraging a client-side signing solution, the problem of signing server documents with user signatures can be effectively addressed.