Project completed in 2009/2010.
BodeHewitt AG offers its national and international clients services in the areas of occupational pension solutions, investment consulting, pension administration and human resources from a single source, from strategy development through implementation to administration. The company has many decades of experience and provides its customers with global expertise using local experts in 35 countries around the world who have access to the Hewitt Associates international network.
Development of a platform for secure data exchange, where the data exchange between the company and its customers on the internet can be handled securely, reliably and easily.
The internal platform is accessible via the internet, but provides external access only to authorized customers of BodeHewitt. The application includes separate areas for customers, BodeHewitt employees, and administrators who manage both companies and users. The main purpose of the portal is to allow employees to offer business files for secure download. This data transfer is also possible in the other direction.
Project images (click to enlarge)
Java, Groovy & Grails
//SEIBERT/MEDIA has focused on modern Java technologies to develop the application. The system uses the Groovy script language running on a Java VM with the Grails framework as a frontend. Grails offers the possibility to implement changes easily and quickly and has an extensive template system, amongst other things, with many roots in Spring. (Spring is the framework for Java based on Grails.)
The business logic in the background, however, is programmed in Java: This language is somewhat more restrictive and less comfortable, but has better stability. The combined use of Groovy / Grails and Java has thus provided a stable application core, which is used by the agile frontend of the application. This is where the interaction between Java and Groovy shines.
Thanks to the use of the HTTPS protocol, the application is backed up by current SSL encryption and provided with a certificate from a well-known provider. In addition, there are strict requirements on passwords, including minimum length, character set, validity period, and history (passwords must not be reused, which should be standard in any application where sensitive data is exchanged).