mendelson AS4 Software




Features



Overview


AS4 offers secure B2B document exchange based on web services and was developed by a subcommittee of the Technical Committee of OASIS ebXML Messaging Services. AS4 is in many ways similar to AS2, but works in a Web services context and contains advanced interaction patterns and receipts for message-based transfer business.


AS4 is characterized by the following features:

  • Acknowledgment mechanisms, a reliable messaging and allows a repeat in the case of a lost message
  • Secure data exchange via password authentication, digital signature and encryption
  • Compression and transmission of large volumes of data
  • Pattern for message exchanges that allow a rich variety of interactions between sender and receiver


The mendelson AS4 server is a out-of-the-box solution that supports the AS4 usage profiles ebMS 3.0 AS4, ENTSOG AS4 and e-SENS AS4. You could either pull or push any kind of data, with full encryption, signature and TLS support.

Technical

  • PUSH messages
  • PULL messages
  • Key and certificate management
  • Partner management
  • Digital signatures, detailed settings for SOAP structure signature and payload signature
  • Message encryption, detailed settings for SOAP structure encrytion and payload encryption
  • Supports fully encrypted SOAP data
  • UserNameToken authentication
  • ENTSOG AS4 Usage Profile support
  • ebMS AS4 Usage Profile support
  • e-SENS AS4 Usage Profile Support
  • Usage Profile selectable per user
  • Multiple local identities
  • Full support for message bundling
  • Secure transport (TLS 1.2)
  • Support for SSL client authentication
  • System task to auto clear old log entries
  • Multinational support: Localized to german and english
  • Customizable local directory poll processes
  • Customizable remote parter poll processes (PULL request)
  • Local MPC (message processing queue), configurable per partner
  • Sync and async Receipt Signal support

Integration

  • Easy integration to existing systems, using a partner based file system interface
  • Integrated scheduler picks up data from directories
  • Message post processing (scripting on receipt)
  • Pluggable into any servlet container like Tomcat, Jetty, ... - contains an integrated Jetty webserver


Monitoring

  • Email event notification


Encryption, Signatures and Security Token Authentication

Encryption

Supports WSS 1.1, WSS X.509 Certificate Token Profile. The following encryption algorithms are supported:

  • AES_128
  • AES_128_GCM
  • AES_192
  • AES_192_GCM
  • AES_256
  • AES_256_GCM
  • CAMELLIA_128
  • CAMELLIA_192
  • CAMELLIA_256
  • RIPEMD_160
  • RSA_OAEP
  • RSA_OAEP_11
  • RSA_v1dot5
  • 3DES


Signature

Supports WSS 1.1 [SOAPATTACH], Attachemtn-Content-Only transform, Attachment-Complete transform The following hash algorithms are supported:

  • MD5
  • MAC_HMAC_RIPEMD160
  • MAC_HMAC_SHA1
  • MAC_HMAC_SHA224
  • MAC_HMAC_SHA256
  • MAC_HMAC_SHA384
  • MAC_HMAC_SHA512
  • DSA_SHA256
  • ECDSA_RIPEMD160
  • ECDSA_SHA1
  • ECDSA_SHA224
  • ECDSA_SHA256
  • ECDSA_SHA384
  • ECDSA_SHA512
  • RSA_MD5
  • RSA_RIPEMD160
  • RSA_SHA1
  • RSA_SHA1_MGF1
  • RSA_SHA224
  • RSA_SHA224_MGF1
  • RSA_SHA256
  • RSA_SHA256_MGF1
  • RSA_SHA384
  • RSA_SHA384_MGF1
  • RSA_SHA512
  • RSA_SHA512_MGF1


Security Token Authentication

Supports WSS Username Token Profile and wsse:PasswordText-type



Accepted certificates

  • Trusted certificates, self signed certificates
  • SHA-1 signed certficates, SHA-2 signed certificates
  • Trusted by any CA

Architecture

mendelson AS4 could send and receive AS4 messages from and to trading partners via HTTP and HTTPS.

There runs an additional poll thread for every partner that polls special directories per partner and sends matching files to the mendelson AS4 server. An internal pull destination (mpc, message processing channel) could be setup per partner to allow the processing of PULL Request signals from other AS4 systems.

Please have a look at the following diagram for an overview of the included components of the mendelson AS4 package. All these components install out-of-the-box if you are using the installer. The main difference in the architecture between the commercial version and the community version (open source) is that in the commercial version the user interface and the AS4 server are running in different processes and could even run on different machines/operation systems while the server could run as service. The community version acts as a desktop system, user interface and server are running in the same process.


AS4 Server:
The server is the core component. It is responsible for the transaction processing and cares for encryption, digital signatures and the communication to all the other components.

AS4 Client (Rich client)
The AS4 client contains the transaction management, partner management, certificate management (commercial version only). It allows to set all server properties and configure the system.

Database
The database server stores all information about the transactions and the master data of partners, subjects etc.

HTTP Server:
The HTTP server acts as a servlet container for the message receipt servlet. It host also some information pages. The servlet sends received messages to the server. There is a HTTP server included in the installation package but its also possible to deploy the AS4 receiver in any other servlet container.

AS4 Sender:
This component sends AS4 messages and signals to the trading partner. It also receives AS4 data (Signals, User Messages) on the back channel.

Notification:
Allows the notification via mail if there occurred any event that requires user interaction.