DESIGN AND IMPLEMENTATION OF AN INTEGRATED WEB

SERVICE ARCHITECTURE

Alina Andreica

, Daniel Stuparu

, Romulus Gadi

, Florina Covaci

, Cosmin Tarţa

Grigorie Bogdan Mărcuş

, Gabriel Pop

and Ovidiu Teodorescu

IT Department, Babes-Bolyai University, Cluj-Napoca, Romania

Net Brinel SA, Cluj-Napoca, Romania

Keywords: Web services, Information system integration, Web portal, Database synchronization, e-Learning.

Abstract: The paper presents the design and implementation of a web service architecture for providing e-learning and

dedicated information system facilities. The web portal we describe is a solution for information system

integration, based on a single-sign on authentication framework and database synchronization facilities. The

solution is based on MS technology and provides integrated e-learning and dedicated information systems

facilities. User category permissions for accessing the portal services – both for the genuine portal

functionalities and for the dedicated information system ones – are modelled based on specific groups that

are retained in a global database. We consider that the solution we propose has a good generality degree and

may be applied in various organization cases.

1 INTRODUCTION

Within the knowledge based society, information

technologies strongly impact on the organizational

management, academic institutions and learning

processes (Webster et al) by means of dedicated

information systems. Information system integration

has been tackled in the literature especially for

business and organizational processes (Hasselbring,

2000), (Hasselbring et al, 2005).

The problem of managing uniform user identities

in organization is addressed in (Shaw, 2011), since

different identities have to be associated to specific

user roles within organizations, and the problem can

become fairly complex if different information

systems are used. (Shaw, 2011) presents a

management access system in which for a

framework with different user identities in specific

information systems (Quest OneIdentity Solution).

The solution relies in building an unified identity

and access management system – IAM within th

eorganization, consolidating multiple identities in

one (integrated) identity.

The IAM approach simplifies identity access and

management within the organization, improves

security and productivity, as well as single sign on,

role management, multiple authentication and

password management facilities. IAM complexity

may be managed with: point solutions, which

implement a password reset within a system and

then synchronizes it with the others) or IAM

frameworks, which implement a specific IAM

solution based on aalready developed frameworks:

IBM (Tivoli Identity Manager), Oracle , Novell, MS

Forefront Identity Manager (Identity Lifecyle

Manager) – approach that our paper complies.

The present paper aims at describing the design

principles of a system integration framework for

providing dedicated information system facilities as

web services into a global portal, together with

single-sign on and database synchronization

facilities. Compared to our previous papers on the

same topic, which were more oriented on the

existing information systems, (Andreica et. al 2009;

2010), this paper focuses on general architecture

principles and applicability frameworks and

intoduces supplemental implementation details. The

web portal functionalities include content sharing

and communication facilities that may be used as

advanced cooperation or learning tools. The solution

we present is based on MS technology and provides

means of integrating various information systems,

using different technologies (php / postgresql, asp /

MS sql). We describe an integrated architecture

631

Andreica A., Stuparu D., Gadi R., Covaci F., Tar¸ta C., M

arcu¸s G., Pop G. and Teodorescu O..

DESIGN AND IMPLEMENTATION OF AN INTEGRATED WEB SERVICE ARCHITECTURE.

DOI: 10.5220/0003477606310637

In Proceedings of the 7th International Conference on Web Information Systems and Technologies (WSPA-2011), pages 631-637

ISBN: 978-989-8425-51-5

 2011 SCITEPRESS (Science and Technology Publications, Lda.)

based on ILM Microsoft server, and additional

interface modules, used in order to integrate

dedicated information systems into a single sign-on

architecture

The content sharing and communication facilities

are provided based on SharePoint Portal

functionalities; they can be customized in an

advanced manner as e-learning facilities.

The solution includes synchronization tools for

the information systems’ databases and implements

a systematic permission scheme based on user

groups and categories that are retained into a global

database.

Section 2 describes the system integration

principles of the single sign-on architecture

framework and some implementation insights. In

section 3, we address the database synchronization

principles, focusing on the most important

implementation characteristics. Section 4 presents

the web services that are available within the

integrated architecture: sharing & communication /

learning facilities and dedicated information

facilities and the extensibility characteristics of the

solution we propose. The conclusions section reveals

the most important contributions of the paper.

Figure 1: System integration architecture.

This work is supported by the EU funded grant, within the

European Fund for Regional Development, “CCE

124/323/31.08.2009 SMIS 4424 - Sistem electronic

aplicativ integrat de educaţie al Universităţii Babeş-Bolyai”

- BBU – Integrated applied electronic system for education

of Babes-Bolyai University, contracted by BBU with the

Romanian Ministry of Communication and Information

Society, Organismul Intermediar pentru Promovarea

Societăţii Informaţionale (Intermediary Structure for

Promoting the Information Society), 31-08-2009 – 31-08-

2011

2 ARCHITECTURE PRINCIPLES

AND SINGLE SIGN-ON

FRAMEWORK

The architecture we propose – see figure 1 – is based

on MS technology; we use an ILM – Identity

Lifecycle Management – type server ensuring single

sign-on capabilities and uniform interface to the

dedicated information systems. Therefore, these

dedicated facilities will be mapped into the portal,

together with supplemental web services – see 4.

In order to access the dedicated information

system facilities, we selected the user categories that

have specific functionalities and designed, for each,

an “access point” into the portal. Authentication is

performed by the same account and password into

the portal and into the information systems, i.e.

credentials are the same for the portal and the

accessed information systems. After portal login and

credentials check, the logon information is retained

as current session variables and further passed on

towards the information systems; access points are

designed in respect with the account permissions (in

our case, user categories are students, academic staff

and / or research staff, managers, secretariats). Each

user category may have one or more roles, based on

which we define access points into the dedicated

information systems. Credentials are passed on to

the accessed information system as session variables

and used in order to perform the authentication into

the dedicated systems as well

Permissions specific to each user category are

retained in a global database, created by

synchronizing the information systems’ databases

and adding all necessary information – see

(Andreica, Stuparu et al. 2010).

For example, in our case:

◊ students have access to their educational

path (AcademicInfo system, see 4) and learning

resources in view permissions (portal);

◊ academic staff access the disciplines they

teach and student grades (AcademicInfo system,

see 4) and associated learning resources in

design permissions; they also access the

facilities available in the Research management

system (research activity upload and syntheses)

and administrative facilities in ManageAsist

system;

◊ research staff have access to facilities

available in the Research management system

(research activity upload and syntheses) and

administrative facilities in ManageAsist system;

Authenticati

on server &

global database

Portal database

Information

system 1

Information

system n

…

Authentication

server & global

database

WEBIST 2011 - 7th International Conference on Web Information Systems and Technologies

632

Figure 2: Portal global architecture.

◊ managers have access to educational

syntheses (AcademicInfo system), research and

financial syntheses for the chart unit they

manage (chair, department, faculty, institute,

university) – within Research management

system, respectively ManageAsist system

The global database solves database synchronization

problems (see 3) for various database management

systems. The global architecture for our organization

case is presented in fig. 2: ILM server is used as

global authentication server and accesses

information from the global database in order to

perform authentication (using AD mechanisms) and

to provide single sign on, e-mail and on-line

communication facilities (fig 2).

Permissions within the portal (see description

above) are implemented by means of dedicated

groups. AD is provided the necessary information

from the global database, using ILM as a

syncrhonization interface (see 3).

3 DATABASE

SYNCHRONIZATION

PRINCIPLES

The correctness of the single sign-on feature is

dependant of database consistency; therefore, a

database synchronization is required. The

synchronization process will include the information

systems’ databases and the portal database – figure 2

Database synchronization ensures the global

database consistency and, consequently, updates

access permission information both for the portal

and the information systems; credentials logged in

the portal will therefore be verifiable, within the

global database, in respect with their permissions in

the dedicated information systems.

The synchronization process is based on the

dataflow sequences that occur in information

processing; these sequences have to be defined in

each organization case. In our case, the data

workflow involves (see figure 3):

1. organization chart and user tables are replicated

from ManageAsist into the global database;

DESIGN AND IMPLEMENTATION OF AN INTEGRATED WEB SERVICE ARCHITECTURE

633

2. 3. these tables are afterwards sent into Research

Management and AcademicInfo databases;

4. grant tables are replicated from Research

Management into the global database;

5. these tables are afterwards sent into

ManageAsist database;

6. students, disciplines, educational information

tables are transferred from AcademicInfo into

the global database; and fee tables are

transferred from AcademicInfo into the global

database;

7. these tables are afterwards sent into

ManageAsist database

Figure 3: Database synchronization stages.

We note that a special entity case is the one of PhD

students, who are both students – in doctoral

schools, and academic / research staff – with

research activity and sometimes also didactic

activity.

Table synchronization is performed by using a

dedicated field in each table, which retains if the

corresponding record was synchronized, ie.

transferred into the destination database: the global

database for data coming from the information

systems’ databases or the information systems’

databases for data coming from the global database.

We note that the solution which builds a global

synchronized database ensures significant autonomy

functional advantages for the information systems,

compared to a direct Active Directory integration.

In our case, the global database synchronization

is involves 2 database management systems

(PostgreSQL for ManageAsist and Research

Management System and MS SQL Server for

AcademicInfo) – see (Andreica, Ghetie et. al, 2010)

for details.

Figure 4: Database synchronization scheme.

The synchronization solution implements:

replications, SQL Server Integrations Services (MS

SQL web), triggers, stored procedures and jobs.

In order to perform the global authentication, we

use MS Identity Lifecycle Management server,

which has advanced integration facilities with our e-

learning portal, and we are configuring the necessary

permission mappings from the dedicated information

systems into the authentication server in order to

complete the integration facilities. The information

system authentication is performed by dedicated

interfaces which transfer credentials from the portal

into each system – see section 2.

More specifically, a supplemental

synchronization is performed via the ILM server

(MS SQL web) between the global database - GDB

and the AD information. In this respect, we use

ILM’s connector space (MS SQL web) and two

dedicated agents which transfer information from

the global database, respectively from AD into the

connector space, compare it and synchronize the

updated information from GDB into AD, updating

therefore the necessary information in order to apply

correct permissions within the portal access

4 WEB SERVICES AND

EXTENSIBILITY PRINCIPLES

The web portal we describe provides various

services, integrating the sharing, communication and

e-learning functionalities with the ones provided by

the dedicated information systems. We further

describe these facilities and means of generalizing

the system’s architecture principles for various

organization cases.

4.1 e-Learning Facilities

In order to fulfil our university’s academic and

learning aims, we decided to provide into the global

portal specific functionalities regarding information

sharing, communication and advanced e-learning

WEBIST 2011 - 7th International Conference on Web Information Systems and Technologies

634

(Horton, 2003) facilities by integrating a SharePoint

portal into the global architecture.

The web-based e-learning facilities provided by

the described portal are therefore the SharePoint

(MS Sharepoint, web) built in ones, adapted to our

specific needs, and include: content management

and sharing, schedule management and sharing,

communication facilities (e-mail – OWA type,

discussion lists, etc.), evaluation tools and feed-back

facilities; task management, blog and RSS tools,

survey tools, as well as other functionalities. The

system is also open to adding new web-parts,

services or components (Andreica et. al, 2010).

The system is also open to adding new web-

parts, services or components; currently, we are

working on dedicated evaluation facilities that are

currently being integrated into the portal facilities.

On-line evaluations may be used both as individual

feed-back tests, in order to assess the students’

knowledge level at a certain point in the educational

path, or as final examinations. Various grading

algorithms are taken into consideration in a general

and customizable framework.

Our e-learning portal will also include virtual lab

facilities in order to support learning in experimental

sciences and sharing experimental knowledge by

electronic means. Virtual lab services model

processes that may be tedious to be accessed in real

conditions, or are accessed remotely. Application

fields include: process engineering, environmental

engineering, physics, chemistry, biology.

4.2 Dedicated Services Provided

by the Information Systems

Specific portal functionalities are provided by the

integrated information systems implemented in our

university, which are further described

AcademicInfo - http://academicinfo.ubbcluj.ro/Info

is an integrated information system dedicated to

managing educational information, with dedicated

processing facilities for secretariats, specific access

facilities for students (curricula and grade access, fee

management, student documents and requests, on-

line course evaluation), teachers (curricula and grade

management (for the activities that are conducted),

access to results of student evaluations) and

academic management, who can access relevant

synthesis regarding the educational process,

including results of student evaluations at faculty or

university levels. System facilities are detailed in

(Andreica, Stuparu et. al 2010).

ManageAsist system is the integrated software

system for administrative management that has been

developed for our university. The system can be

viewed as an ERP system; within its design and

implementation, we integrated systematic efficiency

principles in software design (Andreica et.al. 2009).

ManageAsist’s principles and facilities are

adapted for high education institutions; the system

contains the following modules: Document

management, Assets, Warehouse, Cashier, Finance,

Accountancy, Grants, Human Resources and

Acquisitions, and decision assistance facilities. Each

module contains management reports for the

corresponding compartment. Relevant synthesis

from each compartment will be integrated, together

with global management tools into a decision

support module.

The web services http://manageasist.ubbcluj.ro

include access to grant financial information and

management of acquisition request, including

specific reporting facilities for management levels.

Our Research Management System

http://infocercetare.ubbcluj.ro (Andreica et. al, 2008)

- is a web based system that we have developed and

implemented within Babes-Bolyai University’s

(BBU) in order to manage research activities. The

system offers, via web interfaces, accessible and

user-friendly means of collecting specific

information, and automatically performing

quantitative analyses, syntheses and evaluations

based on the collected information. The system is a

tool for quantitative research evaluation, its more

general aim being to ensure proficient management

of the research activity within BBU and supporting

the design of competitive strategies in the field.

4.3 Extensibility Principles

The solution we propose, based on MS technology

and ILM authentication server, may be applied in

various cases that require information system

integration. Moreover, such an architecture may be

enhanced with SharePoint facilities in order to

provide sharing, communication and e-learning

functionalities, which are often necessary within

organizations.

Considering we have available n information

systems, the software services that can be provided

into the web portal are represented in figure 5

DESIGN AND IMPLEMENTATION OF AN INTEGRATED WEB SERVICE ARCHITECTURE

635

Figure 5: Web portal services.

5 CONCLUSIONS

We describe the design and implementation

principles of a web portal that provides e-learning

services and dedicated information systems

facilities. The framework we present is an IAM

framework type solution according to (Shaw, 2011)

and represents an efficient integration solution for

synchronizing databases and integrating dedicated

information systems. The solution takes the

advantage of existing technologies, in our case, MS,

and provides means of integrating various

information systems by using a single authentication

server and mapping specific facilities from the

dedicated information systems, with different

database management systems, into the portal, for

each user category. This architecture is based on a

global integrated database and a permission mapping

scheme for ensuring appropriate access into the

dedicated information systems.

The system framework integrates various web

services that are provided within the portal: learning

facilities, virtual labs and dedicated information

facilities. This integration solution has a good

extensibility degree and may be applied in various

cases, ie. single log-on framework for integrating

dedicated information system services, as well as e-

learning, facilities.

ACKNOWLEDGEMENTS

We thank to the whole development team in our IT

department for their contribution to developing

ManageAsist, AcademicInfo, Research management

information systems and to administering the e-

learning portal: Călin Miu, Florentina Tufiş, Dan

Pop, Simona Nemeş, Monica Bojan, Carmen Pavel,

Ana Iuhos, Kerekes Hunor, Zölde Attila, Ana Bara.

REFERENCES

Allen, M., 2002, Guide to e-Learning. Wiley

Andreica, A., 2005, “Strategies in Implementing Efficient

Information Systems”, International Research on

Global Affairs, Athens Institute for Education

&Research, Ed. G. Papanikos, Athens, p.499-508

Andreica, A. B., Agachi, P. S., 2008, “Design and

Implementation of An Integrated Software System for

Managing Research Activities in Universities”, 7th

RoEduNet International Conference - Networking for

Research and Education, UT Press, Ed: E. Cebuc, p.

90-95

Andreica, A. B., Stuparu, D., Ghetie, F., 2009, “Design

and Implementation of an Erp System for

Universities”, Proceedings of IADIS Information

Systems 2009, IADIS Press, Eds: M. Nunes, P. Isaias,

P. Powell, p 315-322

Andreica, A. B., 2009, “Integrated Software Framework

for Academic Management” , IADIS Multiconference

on Computer Science and Information Systems -

Informatics, Algarve Portugal, 17-23 June 2009,

Proceedings of Informatics 2009 , IADIS Press, Ed:

Hans Weghorn, Jörg Roth, Pedro Isaias, p. 221-224

Andreica, A. B., Covaci, F., Stuparu, D, Pop, G., 2010,

“An E-Learning Web Portal with System Integration

Facilities”, Web Information Systems and

Technologies 2010, Valencia, Spain , Proceedings of

6th International Conference WEBIST , vol 1,

INSTICC, Ed: J. Filipe, J. Cordeiro , p. 131-136

Andreica, Alina Bianca, Stuparu Daniel, Ghetie Florina

Livia, Pop Gabriel, Imre Arpad, 2010, A Software

Services Framework for Providing E-learning and

Dedicated Information Systems Facilities, Workshop

on Software Services, Universitatea de Vest

TImisoara, Editor: Daniela Zaharie, Tetsuo Ida, P. 1-4

Andreica, Alina Bianca, Ghetie, Florina, Stuparu, Daniel,

Imre, Arpad, Pop, Gabriel, 2010, Integrated E-

Learning Web Services , Fourth International

Conference on Mobile Ubiquitous Computing,

Systems, Services and Technologies - October 25 - 30,

2010 - Florence, Italy, UBICOMM 2010 Electronic

Proceedings, IARIA, Ed: Jaime Lloret Mauri, Sergey

Baladin, Cosmin Dini, 978-1-61208-000-0, P. 0-5

Berry, M., Linoff, G., 2000, Mastering Data Mining, J.

Wiley & Sons

Client/Server and the N-Tier Model of Distributed

Computing, Micromax Information Services Ltd.,

1999

Gamma, E., Helm, R., Johnson, R., Vlissides, J., 2002,

Design Patterns, Teora

Hasselbring, W. , 2000 ”Information System Integration”.

Communications of the ACM, 43 (6). pp. 32-36

Hasselbring, Wilhelm and Pedersen, Susanne, 2005,

“Metamodelling of Domain-Specific Standards for

Semantic Interoperability”, Lecture Notes in Computer

Science, 3782, pp. 557 – 559

Horton, W., Horton, K., 2003, E-learning Tools and

Technologies: A consumer's guide for trainers,

teachers, educators and instructional designers, Wiley

WEBIST 2011 - 7th International Conference on Web Information Systems and Technologies

636

Shaw, J., "Unified and Intelligent Identity and Access

Management", Quest Software, White Paper, 2011

Singh, G., O'Donoghue, J. and Worton, H. , 2005, A Study

into the effects of e-Learning on higher education.

Journal of University Teaching and Learning

Practice, Vol.2 No.1 accessed June 2010 http://

jutlp.uow.edu.au/2005_v02_i01/odonoghue003.htm

Webster, R., Sudweeks, F., Teaching for e-Learning in the

Knowledge Society: Promoting Conceptual Change, in

Academics’ Approaches to Teaching. Current

Developments in Technology-Assisted Education,

2006 , accessed June 2010 http://www.formatex.org/

micte2006/pdf/631-635.pdf

MS Learning Gateway & SharePoint, accessed June 2010

http://www.microsoft.com/education/solutions/highere

dportals.aspx

MS SQL Server Integrations Services - http://

msdn.microsoft.com/en-us/library/ms141026.aspx -

accessed January 2011

PostgreSQL Team, High Availability, Load Balancing,

and Replication, http://www.postgresql.org/docs/8.3/

static/high-availability.html , accessed June 2011

DESIGN AND IMPLEMENTATION OF AN INTEGRATED WEB SERVICE ARCHITECTURE

637