ec4u implements Oracle SOA Suite and AIA Foundation Pack at Swiss insurance company
Sympany, with its head office in Basel, grew out of the ÖKK Basel and other health insurers. In 2012, Sympany earned premiums of CHF 994 million and had a profit of CHF 16.3 million. Sympany’s roughly 550 employees serve over 227,000 private customers, of which about 189,000 have basic insurance policies. Its corporate clientele comprises approximately 12,200 companies.
A great success of the collaboration between Sympany and ec4u expert consulting (schweiz) ag could be documented on 2nd April 2013, the Go Live of the SYBACON program.
Since this Go Live the SOA Suite is the main integration platform, excluding batch processing. ec4u supported Sympany to implement services with Oracle SOA Suite and AIA Foundation Pack. The figure shows the applications which had to be integrated with Oracle Fusion Middleware.
During the project, different challenges came up. To keep it simple we will focus on the two applications – Syrius ERP and legodo Customer Communication Suite (CCS) – and the three most important integration use cases.
- Syrius ERP Outbound Services with proprietary security header
- Syrius ERP Inbound Services with know-how of implementation details
- legodo CCS Inbound Service with complex data hierarchy
Not quite a standard integration pattern was the adcubum Syrius Outbound Service to access the archive system. The great challenge was the security information for authentication within the SOAP Header. We could choose between:
- WSS Username Token Profile
- Proprietary Security Header based on WSS Binary Security Token
We decided to define the proprietary security header as the solution, to prevent that the password is transported in clear text. Thus the difficulty was to use a Security Policy with Oracle Web Service Manager (OWSM) and the Syrius security header. A definition of a custom security policy points to a custom Java Security Assertion, which is deployed to WebLogic Server. The Security Assertion analyses the message structure and verifies the username. Afterwards the user is being checked against Web Logic realm configurations and a security context is created. Based on the security context the whole AIA Flow can now provide the right username to the participating systems, e.g. archive system.
A business critical process is supported by global Syrius ERP inbound services. The services are part of activity management (AM) and support creation and start of workflows and events. The authentication uses a fix admin user and exchange via WSS Username Token Profile. The username is configured as credentials in Oracle SOA Suite. The collaboration between the Syrius team and the integration project team to define the interface was very close. The reason for this is the low abstraction within the service interface, like the implementation details, e.g. business object id from Syrius DB table. Finally we implemented three services for the AM process and now are able to perform more than 10000 requests per day.
The last point mentioned is the CCS inbound service. The service is a trigger for the Syrius outbound service and is used to create customer correspondence with legodo CCS. It was not a technical issue but rather a business challenge to understand the data structure of Syrius and what is needed for the correspondence in CCS. The Application Business Object held elements like policy holder, recipient of benefits, insured persons and many more. Based on this specific data structure a custom Enterprise Business Object (EBO) built on common AIA EBOs and datatypes was created to transport the message. Hence the SOA Suite transfers the message and replies a correspondence session to Syrius.
The cooperative collaboration between Sympany and ec4u resulted in a modern, flexible and scalable integration platform based on Oracle SOA Suite and AIA.
If you have any questions or comments, don’t hesitate to contact firstname.lastname@example.org.