SecSeal應(yīng)用集成方案 V10.doc

SecSeal安全電子印章系統(tǒng)應(yīng)用集成方案一、 導(dǎo)入用戶證書(shū)到數(shù)據(jù)庫(kù)導(dǎo)入用戶公鑰證書(shū)到數(shù)據(jù)庫(kù)，在應(yīng)用中可以通過(guò)接口傳入證書(shū)執(zhí)行加密授權(quán)。1. 獲取證書(shū)由凱特信安項(xiàng)目工程師協(xié)助，收集應(yīng)用系統(tǒng)用戶證書(shū)。2. 證書(shū)寫(xiě)入數(shù)據(jù)庫(kù) 為用戶表新建一列，用于存儲(chǔ)證書(shū)內(nèi)容。 讀取數(shù)字證書(shū)內(nèi)容，把“-BEGIN CERTIFICATE-”和“-END CERTIFICATE-”，去掉，把數(shù)字證書(shū)內(nèi)容寫(xiě)入對(duì)應(yīng)的用戶表中。保存的證書(shū)格式如下：MIIDjjCCAvegAwIBAgIQFAhf/KTWYie5KKR+4AiCjDANBgkqhkiG9w0BAQUFADBxMRcwFQYDVQQDHg55j176dwGP0IQlAEMAQTEnMCUGA1UECh4eeY9e+ncBZXBbV1uJUWiLwU5me6F0BmcJllBRbFP4MQ8wDQYDVQQHHgZ5j13eXgIxDzANBgNVBAgeBnmPXvp3ATELMAkGA1UEBhMCQ04wHhcNMDYwOTE1MDcwMzIyWhcNMDgwOTE1MDcwMzIyWjCBrDEPMA0GA1UEAx4Ggs+I1W4KMRswGQYDVQQLExIzNTAxMjQxOTgxMDkxMzQ2MTIxDzANBgNVBAoeBo6rTv2LwTEPMA0GA1UEBx4GeY9d3l4CMRswGQYDVQQHHhJ5j13eXgJuVlJNje8ANQA4U/cxDzANBgNVBAgeBnmPXvp3ATELMAkGA1UEBhMCQ04xHzAdBgkqhkiG9w0BCQETEHN1eXlAa2luZC5jb20uY24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOACPw2XOUDmXjvzrYZPhjKFWIzhswBJ1Z0yAfLe0/lkjrGMPncWuDj6kH0DFimRPaRbBu1sJ3PDSCqPAgEwOrntTJ0JXkRJySPyodoYiUfIXW8AFn7J6H30WF3Jf91airdX+1bmK0sFROIXHOmyUqii8JF59e8Cb2NfRzdsw0WDAgMBAAGjgeowgecwHwYDVR0jBBgwFoAU1r3G/04GA5tRF5LpEIgFQ713SDEwHQYDVR0OBBYEFHcRqLvFaaOWO96wdu9YoauIf2B0MAsGA1UdDwQEAwID+DAMBgNVHRMEBTADAQEAMIGJBgNVHR8EgYEwfzB9oHugeaR3MHUxDTALBgNVBAMTBGNybDExDDAKBgNVBAsTA2NybDEMMAoGA1UECxMDMTE4MQowCAYDVQQLEwExMQ0wCwYDVQQKEwRmamNhMQ8wDQYDVQQHEwZmdXpob3UxDzANBgNVBAgTBmZ1amlhbjELMAkGA1UEBhMCY24wDQYJKoZIhvcNAQEFBQADgYEAWt0pZ7Dex4rdsZZl13RQkikD9JNWMj2qCaajpdX0p183+2f7vd+WuUDWP8FKaCsXKe8wPb0c8mDOwJLx7ajc2Hmd/9nIGqrn+71cvweXaIVHqmvRZ4TdYWD1vXiUuFHT4XAm7Rdj8jgGc4sEUvxUGLBuoj03F1sj07fxi1VxoJQ=二、 應(yīng)用系統(tǒng)集成1. 增加“蓋章”環(huán)節(jié)在應(yīng)用系統(tǒng)中增加“蓋章”環(huán)節(jié)，可以是一個(gè)頁(yè)面按鈕2. 在蓋章頁(yè)面中申明控件 蓋章頁(yè)面中 標(biāo)簽做如下配置： 在元素內(nèi)包含有對(duì)控件的引用 ，如下所示: 在元素內(nèi)必須包含有對(duì)引用控件的聲明,如下所示: 在使用控件的表單中實(shí)例化控件，并給予對(duì)象ID號(hào)：3. 調(diào)用SecSeal蓋章系統(tǒng)接口為“蓋章”環(huán)節(jié)編寫(xiě)代碼，SecSeal接口可以在頁(yè)面腳本中使用。調(diào)用代碼例子如下：function ExecOp(srcF,objF) /srcF為需要蓋章的文件地址，可以為遠(yuǎn)程地址如：/ABC.doc/也可以為本地地址，如：file:/c:/Temp/ABC.docvar job = null;job = OAFormEdcProxy.CreateJob();job.JobName = 編輯任務(wù);job.Operation = 0x5; /對(duì)word文件蓋章，同時(shí)輸出紅頭和黑頭job.ReadOnly = true;job.AutoExit = true; /操作完成后是否自動(dòng)退出if (! job.ExecEdit(srcF) ) alert( 文件蓋章失敗! );return;4. 判斷流程中需要蓋章的用戶 確定流程中需要蓋章及查看公文的用戶假設(shè)流程中張三對(duì)文檔蓋章，李四接收查看文檔。因此需要對(duì)張三和李四進(jìn)行授權(quán)。 搜索數(shù)據(jù)庫(kù)，找到這些用戶的證書(shū)內(nèi)容在應(yīng)用程序中，所有用戶表，找到張三和李四用戶對(duì)應(yīng)的證書(shū)內(nèi)容，賦值給變量。strCert1 =MIIDkDCCAvmgAwIBAgIQCzKMFmLhOvS6fDsleT0jojANBgkqhkiG9w0BAQUFADBxMRcwFQYDVQQDHg55j176dwGP0IQlAEMAQTEnMCUGA1UECh4eeY9e+ncBZXBbV1uJUWiLwU5me6F0BmcJllBRbFP4MQ8wDQYDVQQHHgZ5j13eXgIxDzANBgNVBAgeBnmPXvp3ATELMAkGA1UEBhMCQ04wHhcNMDYwODA5MDIyMTIwWhcNMDgwODA5MDIyMTIwWjCBrjEPMA0GA1UEAx4GUhhmU2VPMRgwFgYDVQQLEw8zNTAxMTE4MTA2MTA1MDExDzANBgNVBAoeBo6rTv2LwTEPMA0GA1UEBx4GeY9d3l4CMSEwHwYDVQQHHhh5j13eXgJmS1uJUzpqH2dRADEAMQA0U/cxDzANBgNVBAgeBnmPXvp3ATELMAkGA1UEBhMCQ04xHjAcBgkqhkiG9w0BCQETD2NjdHZidHhAMTYzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8FiUk/Fw7jZos5PAu4iKZLyWAN8HJ/2RIzzF3xT3iBzwz55FOpQQQdYAq8U6XR8er0njOzAqQ+rPbXCTS6LlKNoe4LNki2Sij4QApvHgljTkH7zBAVNERvsqK6Wr9KqJSF97RsyE1ai4bE9w1qypRBHVFLRLh6Y9untUE/WDNikCAwEAAaOB6jCB5zAfBgNVHSMEGDAWgBTWvcb/TgYDm1EXkukQiAVDvXdIMTAdBgNVHQ4EFgQU5p5zenmbmfJxnM/rYyRr2V9LHkswCwYDVR0PBAQDAgP4MAwGA1UdEwQFMAMBAQAwgYkGA1UdHwSBgTB/MH2ge6B5pHcwdTENMAsGA1UEAxMEY3JsMTEMMAoGA1UECxMDY3JsMQwwCgYDVQQLEwMxMTgxCjAIBgNVBAsTATExDTALBgNVBAoTBGZqY2ExDzANBgNVBAcTBmZ1emhvdTEPMA0GA1UECBMGZnVqaWFuMQswCQYDVQQGEwJjbjANBgkqhkiG9w0BAQUFAAOBgQCMzKB+7slIdw1dNY4GOEP8WPVpnHql+er27v4rowoOllfd+24z7RYYrisVwI5pbwfl+0JQ3r+6uLYODhm4O236rktH1HiPacDWx40wpRQVf4epXamNxy+A0jzEuU0UpM4qeC+gydUak9pFSo8hcFGFfAXFmZJkW0iIolEBlXRbLA=;strCert2=MIIDdTCCAt6gAwIBAgIQAkqRAuIsDVJ2i4A7Q7D/AzANBgkqhkiG9w0BAQUFADBxMRcwFQYDVQQDHg55j176dwGP0IQlAEMAQTEnMCUGA1UECh4eeY9e+ncBZXBbV1uJUWiLwU5me6F0BmcJllBRbFP4MQ8wDQYDVQQHHgZ5j13eXgIxDzANBgNVBAgeBnmPXvp3ATELMAkGA1UEBhMCQ04wHhcNMDcwMzA1MDgwNzEyWhcNMDgwMzA0MDgwNzEyWjCBkzENMAsGA1UEAx4ElkiNOzEbMBkGA1UECxMSMzUwMTExMTk4MjA5MTE0NzQ4MQ8wDQYDVQQKHgaOq079i8ExJTAjBgNVBAceHHmPXvpR73J5T+Fgb1uJUWhigGcvZwmWUFFsU/gxDzANBgNVBAceBnmPXd5eAjEPMA0GA1UECB4GeY9e+ncBMQswCQYDVQQGEwJDTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApDFUde+Ibgq66pSMbpQcfwUkWO9QjwKV0YpQSs9JzFFVDFUTIA0loTNkSI+KV9tCBN2+VxAJ9c/0geifISo1arkPwXQUDwxj8FPP3MkY+yhBX8xI4w+eGgGS1ZpJo19oH3lF1h+D4wUqS4uCNw4tWukxh4Q89hr77ho/xc1K5IcCAwEAAaOB6jCB5zAfBgNVHSMEGDAWgBTWvcb/TgYDm1EXkukQiAVDvXdIMTAdBgNVHQ4EFgQUD1nwVcYEFMmBwmOwAMdyRwKLzH0wCwYDVR0PBAQDAgP4MAwGA1UdEwQFMAMBAQAwgYkGA1UdHwSBgTB/MH2ge6B5pHcwdTELMAkGA1UEBhMCY24xDzANBgNVBAgTBmZ1amlhbjEPMA0GA1UEBxMGZnV6aG91MQ0wCwYDVQQKEwRmamNhMQowCAYDVQQLEwExMQwwCgYDVQQLEwMxMTgxDDAKBgNVBAsTA2NybDENMAsGA1UEAxMEY3JsMjANBgkqhkiG9w0BAQUFAAOBgQC7Hn/VaJUnUkBOqLGdyNHBOsdmgySg29Uf7lZBS5hTD1KDuSeq9ThGOtpsUFZHUCFm9FXATl4a7EzYBNiPiholoarfC+45amhQoZ83j8/kBJoDvs+Q43UGWlhrjN+eqRxkSbX/M8ElJhKVlrOoVcqLGMra5qPV5Stbt5byEUrRig=;5. 參數(shù)傳入安全公文授權(quán)證書(shū)在程序中，使用ImportCerts方法把證書(shū)內(nèi)容傳入，多個(gè)證書(shū)之間使用“,”分隔。調(diào)用代碼例子如下：function ExecOp(srcF,objF) /srcF為需要蓋章的文件地址，可以為遠(yuǎn)程地址如：/ABC.doc/也可以為本地地址，如：file:/c:/Temp/ABC.docvar job = null;job = OAFormEdcProxy.CreateJob();job.JobName = 編輯任務(wù);job.Operation = 0x5; /對(duì)word文件蓋章，同時(shí)輸出紅頭和黑頭job.ReadOnly = true;job.AutoExit = true; /操作完成后是否自動(dòng)退出var strCerts;var strCert1, strCert2;strCert1 =MIIDkDCCAvmgAwIBAgIQCzKMFmLhOvS6fDsleT0jojANBgkqhkiG9w0BAQUFADBxMRcwFQYDVQQDHg55j176dwGP0IQlAEMAQTEnMCUGA1UECh4eeY9e+ncBZXBbV1uJUWiLwU5me6F0BmcJllBRbFP4MQ8wDQYDVQQHHgZ5j13eXgIxDzANBgNVBAgeBnmPXvp3ATELMAkGA1UEBhMCQ04wHhcNMDYwODA5MDIyMTIwWhcNMDgwODA5MDIyMTIwWjCBrjEPMA0GA1UEAx4GUhhmU2VPMRgwFgYDVQQLEw8zNTAxMTE4MTA2MTA1MDExDzANBgNVBAoeBo6rTv2LwTEPMA0GA1UEBx4GeY9d3l4CMSEwHwYDVQQHHhh5j13eXgJmS1uJUzpqH2dRADEAMQA0U/cxDzANBgNVBAgeBnmPXvp3ATELMAkGA1UEBhMCQ04xHjAcBgkqhkiG9w0BCQETD2NjdHZidHhAMTYzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8FiUk/Fw7jZos5PAu4iKZLyWAN8HJ/2RIzzF3xT3iBzwz55FOpQQQdYAq8U6XR8er0njOzAqQ+rPbXCTS6LlKNoe4LNki2Sij4QApvHgljTkH7zBAVNERvsqK6Wr9KqJSF97RsyE1ai4bE9w1qypRBHVFLRLh6Y9untUE/WDNikCAwEAAaOB6jCB5zAfBgNVHSMEGDAWgBTWvcb/TgYDm1EXkukQiAVDvXdIMTAdBgNVHQ4EFgQU5p5zenmbmfJxnM/rYyRr2V9LHkswCwYDVR0PBAQDAgP4MAwGA1UdEwQFMAMBAQAwgYkGA1UdHwSBgTB/MH2ge6B5pHcwdTENMAsGA1UEAxMEY3JsMTEMMAoGA1UECxMDY3JsMQwwCgYDVQQLEwMxMTgxCjAIBgNVBAsTATExDTALBgNVBAoTBGZqY2ExDzANBgNVBAcTBmZ1emhvdTEPMA0GA1UECBMGZnVqaWFuMQswCQYDVQQGEwJjbjANBgkqhkiG9w0BAQUFAAOBgQCMzKB+7slIdw1dNY4GOEP8WPVpnHql+er27v4rowoOllfd+24z7RYYrisVwI5pbwfl+0JQ3r+6uLYODhm4O236rktH1HiPacDWx40wpRQVf4epXamNxy+A0jzEuU0UpM4qeC+gydUak9pFSo8hcFGFfAXFmZJkW0iIolEBlXRbLA=;strCert2=MIIDdTCCAt6gAwIBAgIQAkqRAuIsDVJ2i4A7Q7D/AzANBgkqhkiG9w0BAQUFADBxMRcwFQYDVQQDHg55j176dwGP0IQlAEMAQTEnMCUGA1UECh4eeY9e+ncBZXBbV1uJUWiLwU5me6F0BmcJllBRbFP4MQ8wDQYDVQQHHgZ5j13eXgIxDzANBgNVBAgeBnmPXvp3ATELMAkGA1UEBhMCQ04wHhcNMDcwMzA1MDgwNzEyWhcNMDgwMzA0MDgwNzEyWjCBkzENMAsGA1UEAx4ElkiNOzEbMBkGA1UECxMSMzUwMTExMTk4MjA5MTE0NzQ4MQ8wDQYDVQQKHgaOq079i8ExJTAjBgNVBAceHHmPXvpR73J5T+Fgb1uJUWhigGcvZwmWUFFsU/gxDzANBgNVBAceBnmPXd5eAjEPMA0GA1UECB4GeY9e+ncBMQswCQYDVQQGEwJDTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApDFUde+Ibgq66pSMbpQcfwUkWO9QjwKV0YpQSs9JzFFVDFUTIA0loTNkSI+KV9tCBN2+VxAJ9c/0geifISo1arkPwXQUDwxj8FPP3MkY+yhBX8xI4w+eGgGS1ZpJo19oH3lF1h+D4wUqS4uCNw4tWukxh4Q89hr77ho/xc1K5IcCAwEAAaOB6jCB5zAfBgNVHSMEGDAWgBTWvcb/TgYDm1EXkukQiAVDvXdIMTAdBgNVHQ4EFgQUD1nwVcYEFMmBwmOwAMdyRwKLzH0wCwYDVR0PBAQDAgP4MAwGA1UdEwQFMAMBAQAwgYkGA1UdHwSBgTB/MH2ge6B5pHcwdTELMAkGA1UEBhMCY24xDzANBgNVBAgTBmZ1amlhbjEPMA0GA1UEBxMGZnV6aG91MQ0wCwYDVQQKEwRmamNhMQowCAYDVQQLEwExMQwwCgYDVQQLEwMxMTgxDDAKBgNVBAsTA2NybDENMAsGA1UEAxMEY3JsMjANBgkqhkiG9w0BAQUFAAOBgQC7Hn/VaJUnUkBOqLGdyNHBOsdmgySg29Uf7lZBS5hTD1KDuSeq9ThGOtpsUFZHUCFm9FXATl4a7EzYBNiPiholoarfC+45amhQoZ83j8/kBJoDvs+Q43UGWlhrjN+eqRxkSbX/M8ElJhKVlrOoVcqLGMra5qPV5Stbt5byEUrRig=;strCerts = strCert1;strCerts = strCerts + ,;strCerts = strCerts + strCert2;job.ImportCerts(strCerts);if (! job.ExecEdit(srcF) ) alert( 文件蓋章失敗! );return;6. 設(shè)定聯(lián)合蓋章權(quán)限注意：使用ImportCerts方法導(dǎo)入的證書(shū)默認(rèn)可以進(jìn)行聯(lián)合蓋章，如果需要控制其中部分用戶不能對(duì)公文蓋章和批注，可以有兩種方法：A. 在設(shè)置界面手工設(shè)置不允許聯(lián)合蓋章B. 使用策略文件制定部分用戶不允許蓋章 蓋章系統(tǒng)默認(rèn)不允許授權(quán)人員對(duì)文檔聯(lián)合蓋章，如下圖所示：可以通過(guò)雙擊的方式來(lái)修改是否允許聯(lián)合蓋章 使用ImportCerts方法導(dǎo)入的證書(shū)，默認(rèn)允許蓋章。使用策略文件設(shè)定聯(lián)合蓋章權(quán)限 便利function ExecOp(srcF,objF) /srcF為需要蓋章的文件地址，可以為遠(yuǎn)程地址如：/ABC.doc/也可以為本地地址，如：file:/c:/Temp/ABC.docvar job = null;job = OAFormEdcProxy.CreateJob();job.JobName = 編輯任務(wù);job.Operation = 0x5; /對(duì)word文件蓋章，同時(shí)輸出紅頭和黑頭job.ReadOnly = true;job.AutoExit = true; /操作完成后是否自動(dòng)退出var strCerts;var strCert1, strCert2;strCerts = strCert1 + ,+ strCert2;job.ImportCerts(strCerts);nCertCount = job.GetImportedCertCount();for( nI=0; nInCertCount; nI+ ) nRet = job.SetCertItemValue( nI,_USER_ENABLE_COMBINE_SEAL_STATE, 0); /設(shè)置是否允許聯(lián)合蓋章，如果值為0不允許，值為1允許。var strXmlFile;strXmlFile = job.OutCertItemsToXml(); /生成用戶策略文件alert(用戶策略文件: + strXmlFile );job.StrategyFile = strXmlFile; /使用策略文件if (! job.ExecEdit(srcF) ) alert( 文件蓋章失敗! );return;設(shè)置完成后，效果如下所示：7. 判斷用戶是否完成操作ExecEdit方法調(diào)用蓋章系統(tǒng)，并返回蓋章是否成功，ExecSave方法執(zhí)行保存蓋章形成后的文件。如果這兩個(gè)方法調(diào)用不返回錯(cuò)誤，則表示用戶蓋章正常完成；如果返回錯(cuò)誤，則表示用戶在蓋章過(guò)程中取消了操作。調(diào)用代碼例子如下：function ExecOp(srcF,objF) /srcF為需要蓋章的文件地址，可以為遠(yuǎn)程地址如：/ABC.doc/也可以為本地地址，如：file:/c:/Temp/ABC.docvar job = null;job = OAFormEdcProxy.CreateJob();job.JobName = 編輯任務(wù);job.Operation = 0x5; /對(duì)word文件蓋章，同時(shí)輸出紅頭和黑頭job.ReadOnly = true;job.AutoExit = true; /操作完成后是否自動(dòng)退出/證書(shū)導(dǎo)入處理方法if (! job.ExecEdit(srcF) ) alert( 文件蓋章失敗! );return;if (! job.ExecSave(objF) ) /objF為要保存的文件名alert( 保存已件蓋章公文失敗! );return;8. 獲取形成文件路徑使用SavedEdcFile和SavedBdcFile屬性，可以獲得蓋章完成后形成的紅頭文件和抄送文件本地保存臨時(shí)路徑。調(diào)用代碼例子如下：function ExecOp(srcF,objF) /srcF為需要蓋章的文件地址，可以為遠(yuǎn)程地址如：/ABC.doc/也可以為本地地址，如：file:/c:/Temp/ABC.docvar job = null;job = OAFormEdcProxy.CreateJob();job.JobName = 編輯任務(wù);job.Operation = 0x5; /對(duì)word文件蓋章，同時(shí)輸出紅頭和黑頭job.ReadOnly = true;job.AutoExit = true; /操作完成后是否自動(dòng)退出/證書(shū)導(dǎo)入處理方法if (! job.ExecEdit(srcF) ) alert( 文件蓋章失敗! );return;if (! job.ExecSave(objF) ) /objF為要保存的文件名alert( 保存已件蓋章公文失敗! );return;var strEdc = job.SavedEdcFile; /紅頭文件本地保存路徑var strBdc = job.SavedBdcFile; /黑頭文件本地保存路徑document.O