In this talk, come to learn about Broadridge Integrated Services for web applications - a suite of web applications, web services and java libraries that can be mainly categorized as:
Web Integrated Services: These applications provide a common integration framework, enable UI standards across products for a client and provide set of development components/utility tools that can be used across applications.
Federated Services: These applications handle the tasks related to authentication and authorization.
4. About Broadridge
Key locations in North America, Europe and Asia
Frankfurt
Prague
Toronto London Zürich
Geneva
New York
Tokyo
New Jersey
Hyderabad
Hong Kong
Singapore
Sydney
Johannesburg
5. About Broadridge
• A leading global provider of technology-based solutions to the financial
services industry in
– Investor Communication
– Securities Processing
– Clearing and Outsourcing
• Over $2.2 billion USD annual revenues
• Market leader in enabling secure and accurate processing of information
for communications and securities transactions among issuers, investors
and financial intermediaries.
• Broadridge builds the infrastructure that underpins proxy services for over
90% of public companies and mutual funds in North America
• A 1000+ associate strong team in Hyderabad
5
6. Nature of Business growth
• 7 major acquisitions by Broadridge from
2008
• Head start and existing client base being the
main reason
• Technologies range from Mainframes to Java
to .NET
• Internal projects for business growth using
latest technologies
6
7. Driving point for integration
Impact of Acquisitions on Broadridge
• Single sign on for all the products of
Broadridge
• All related products should look like a
single product to the client
• Common look and feel across products
• Reuse of standard components
• Easy sales
7
9. Types of Web Integration
• Integration at the presentation layer. This layer is the human user
interface, either web-based or a platform-specific GUI or terminal
interface. Integration at the presentation layer lets have to access to a user
interface of a remote application.
• Integration at the functional layer. This type of integration provides direct
access to business logic of applications. It is attained by interaction
between applications and API or by interaction with web services.
• Integration at the data layer. In this case we mean access to one or more
databases used by a remote application
• Complex integration. Commerce solutions of web-integration as a rule
include all three types of integration
9
14. Broadridge Federated Services
A suite of web applications, web services and Java libraries providing a
common application integration framework
• Chrome Server - is a web application responsible for providing common UI
elements to other federated web applications.
– Navigation Controls
– Customization – look & feel
– Utility programs & Development tool kit
• Auth Server - handles both authentication and authorization (hence ‘Auth’)
functions for applications in the federation
– Single sign-on
– Integration
– Administration
14
16. Auth Server
Authentication
• Authentication is handled
externally by SiteMinder or other
authentication mechanism
• SiteMinder provides
authentication and identity
management
• Single Log Off
16
17. Auth Server
Authorization
• Central source of feature entitlements and other limited user information
• Modeled with Security Profiles, Components and Groups
– Component – a feature or groups of features, in any application, that can be
enabled or disable for a user
– Security Profile – a named collection of enabled or disabled Components that
can be assigned to a user
• Equivalent to a “Role”
– Group – a named collection of users
• Available to applications via web service API
• Managed via web interface for use by system and firm administrators
• Data entitlements are expected to be handled by each application
17
18. Auth Server
Authorization
• Components can contain other Components with unlimited nesting
– Visualized as a tree
– Examples of Components:
• An application, a set of related pages/functions in an application, a single page, an
element within a page
– Nesting of Components eases administration of entitlements
– Each Component has a unique, well-known ID
• Security Profiles organizes Component settings into named groups that are
assigned to users to define their feature entitlements
– Each user is assigned one profile, but a profile can be assigned to many users
• Ex. “Advisor”, “Administrator”
– Can inherit their Component settings from other profiles
18
19. Auth Server
Integration
• Applications can “Tightly” or “Loosely” integrated with BFS
• Context Sharing
– Context sharing is done through Push/Pull through web service between applications
and Auth Server
– Context is stored in BFS DB between user sessions, so user can resume work the next
day where they left off the night before.
• Session Management
– Auth Server is the first point of entry for all logins
– Established BFS session which is tracked across applications
– Handles SLO (Single Log Off) – logs user out of all applications that they have visited.
19
20. Auth Server
Administration
• Provides multiple roles like System Administrator and Firm Administrator
• Following features are provided
– Manage Institutions
• Establish new Institutions
• Enable, at a Institution level, the set of Components purchased by the institution.
• Set up root security profiles - one for each type of user expected to use the system
• Assign administrators
– Manage Applications
– Define Components
– Define Security Profiles
– Edit Profiles feature entitlements
– Create of Users
– Define Menus
20
21. Chrome Server
Look & Feel
• UI elements provided: Style Sheets, JavaScript , Static HTML, Dynamic
HTML (menus & site map), Resource Bundles (which support I18N) and
Images
• HTML Fragments for top, bottom, left and right regions
• Any resource or HTML fragment can be overridden on a firm-by-firm basis
• Whenever a resource or HTML fragment is requested, Chrome Server first
looks for a firm-specific version. If found it is used; if not, the default is
used.
• For resource bundles, firms can override individual name/value pairs – the
whole resource bundle does not need to be redefined.
21
22. Chrome Server
Look & Feel
• Each federated application must
implement the basic layout in their
chosen technology (JSP, .NET, etc.)
• <DIV> based layout
• Fragments from Chrome Server may be
empty
• e.g.. Left would probably be empty
for tabbed navigation
22
23. Chrome Server
Navigation Controls
• Entitlement-aware menus are rendered dynamically
– Menu definition for role is read from DB then intersected with user’s
Security Profile to “prune” menu items to which the user is not entitled
• Different types of menus can be rendered
– Currently supported menu types:
• Single-level tabs with flyout
• Two-level tabs with pull-down/pull-over
• Left-side tree
• Plug-in architecture for menu rendering allows easy addition of new
menu styles
• Menus added to page fragments using JSP custom tag
– Menu style specified using attribute
• Site Map is derived from menu definition so always matches the menu’s
layout
23
24. Chrome Server
Development Kit
• Common widgets to simplify application programs
– Grid control
– Complex directory or search widget
– Allows applications to gain new capabilities as widgets gain new capabilities
• Utilities and libraries for corporate defined guidelines
• Integrate with third party tools
24
25. Web services
Used by applications that are tightly integrated to BFS, Web
services provide interfaces to the Chrome and Auth Servers.
– From Auth Server
• User information such as user id, institution id, client id
• User role
• User entitlement
• Context data
• Application lifecycle events
– From Chrome Server
• HTML Fragments (Top, bottom, left and right regions)
• Common style sheets
• Common controls
25
26. Integration with Liferay
Case Study
• Invoke Liferay services from the BFS
• Send data to Portlets from the BFS and get the response back
• Host Liferay on the BFS Application server
• Use BFS as a container to display Liferay portal
26
27. Conclusion
• One of the major products integrated with BFS and went live for a client
• Prototyping done for various other internal products
• Case study on integration with external portals like Liferay being done.
27