In order to develop an appropriate solution, it is necessary to understand the process and data flows between applications. A self-service Web site for employee benefits enrollment information seems simple, but first appearances can be deceiving. The complications result from the necessity for encryption and authentication between all the processes involved and the need for transactional integrity. Encryption is needed to insure compliance with privacy requirements by preventing other users or processes from viewing sensitive data. Authentication is necessary to allow employees to change and modify only their own benefits records and prevent access to sensitive information on other employees. Authentication is also needed to prevent some system or user from masquerading as another employee or a process that sends or receives this information.
Using a Web browser on the local intranet, a user would connect to a benefits home page on the server. From this Web page, the user can request the online form for benefits enrollment. For privacy reasons, communications sent to or received from the user must be encrypted to protect information transmitted between the Web browser and the server. The user needs to be authenticated so that an employee can view and submit benefits changes only for himself or herself. The benefits Web site can also make available viewable online copies of various benefit options as well as printable copies of this information that can be downloaded.
Once the user completes entering data and hits the submit button, the data would be submitted to applications running on the Web server for validation. The logic on the middle-tier used for validation could check the input data for internal consistencies, obvious data entry errors, and illegal conditions (minimum and maximum range checks on amounts, for example). If the submitted information failed this validation logic, an error message would be returned to the user with information indicating which fields or values require corrections.
If the submitted form passed the validation checks, the information would be stored in the HR RDBMS system and the user would be notified that the process was successful. The information stored in the HR RDBMS system would also need to be sent to the SAP R/3 system and entered in the appropriate SAP application modules. The response times for employees submitting online information should be as short as reasonable. The best approach would be if the self-service Web site/HR database system were loosely coupled to the SAP R/3 system. The weak coupling to the SAP R/3 system allows the Web tier to function even if the SAP system happens to be offline for maintenance or inaccessible due to network problems. This loose coupling can be based on using transactional messaging handled as part of a distributed transaction. The distributed transaction should be such that both the update in the local HR database and the message acceptance in the outgoing message queue to the SAP R/3 system destination must both occur. If either of these transaction elements fails, then the entire transaction should be rolled back and the user informed that the benefits submittal process failed.
At another endpoint on the local intranet, an application should be waiting to receive messages in a special message queue. The outgoing messages should be sent to this destination queue using encryption for privacy. The message acceptance at the destination queue should depend on strong authentication so that the process is protected from unauthorized users submitting benefits messages for others into the destination message queue. The application removing the received message from the queue should call into the SAP R/3 system passing the necessary information from the message. The message receiving and message removal process and the call into SAP should also be handled as part of a distributed transaction so that all elements must succeed to guarantee integrity. The message receipt process could also send an email on success to the HR administrative staff and the employee as a secondary confirmation that the benefits enrollment process for the employee succeeded. This email would not contain any benefits information for the employee, since this could compromise privacy requirements.