Technical features
- Asyncronous and synchronous MDN
- Key and certificate management
- Partner management
- Digital signatures
- Message encryption
- Secure transport (SSLv3, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3)
- Support for TLS client authentication
- System task to auto clear old log entries
- Data compression (AS2 1.1)
- Multiple attachments (AS2 1.2)
- Multinational support: Localized to german, english and french
Integration
- Easy integration to existing systems, using a partner based file system interface
- Integrated scheduler picks up data from directories
- Message post processing (scripting on receipt)
- Pluggable into any servlet container like Tomcat, Jetty, ...
- All versions are delivered with an embedded HSQLDB database system.
The mendelson AS2 offers a plugin concept for additional functionality. There exist additional plugins for the commercial edition to support external database systems like PostgreSQL, Maria DB, MySQL*, Oracle DB* - The mendelson AS2 is written in pure Java - this enables an easy Docker and Kuberetes integration
Monitoring
- Web interface for transaction monitoring
- Email event notification, could be extended by OAUTH2 authentication by a plugin
Encryption and signatures
The following encryption algorithms are supported:
- Triple DES
- DES
- RC2-40
- RC2-64
- RC2-128
- RC2-196
- RC4-40
- RC4-56
- RC4-128
- AES-128
- AES-192
- AES-256
- AES-128 (RSAES_OAEP)
- AES-192 (RSAES_OAEP)
- AES-256 (RSAES_OAEP)
The following hash algorithms are supported:
- SHA-1
- MD5
- SHA-224 (SHA-2)
- SHA-256 (SHA-2)
- SHA-384 (SHA-2)
- SHA-512 (SHA-2)
- SHA-1 (RSASSA-PSS)
- SHA-224 (SHA-2, RSASSA-PSS)
- SHA-256 (SHA-2, RSASSA-PSS)
- SHA-384 (SHA-2, RSASSA-PSS)
- SHA-512 (SHA-2, RSASSA-PSS)
- SHA-3-224 (SHA-3)
- SHA-3-256 (SHA-3)
- SHA-3-384 (SHA-3)
- SHA-3-512 (SHA-3)
- SHA-3-224 (SHA-3, RSASSA-PSS)
- SHA-3-256 (SHA-3, RSASSA-PSS)
- SHA-3-384 (SHA-3, RSASSA-PSS)
- SHA-3-512 (SHA-3, RSASSA-PSS)
Accepted certificates and keys
- Trusted certificates, self signed certificates
- SHA-1 signed certficates, SHA-2 signed certificates
- Trusted by any CA
- Elliptic curve keys/certificates, RSA keys/certificates
Architecture
mendelson AS2 could send and receive AS2 messages from and to trading partners via HTTP and HTTPS. It supports synchronous MDN and asynchronous MDN.
There runs an additional poll thread for every partner that polls special directories per partner and sends matching files to the mendelson AS2 server.
Please have a look at the following diagram for an overview of the inluded components of the mendelson AS2 package. All these components install out-of-the-box if you are using the installer. The main difference in the architecture between the commercial version and the community version (open source) is that in the commercial version the user interface and the AS2 server are running in different processes and could even run on different machines/operation systems while the server could run as service. The community version acts as a desktop system, user interface and server are running in the same process.
AS2 Server:
The server is the core component. It is responsible for the transaction processing
and cares for encryption, digital signatures and the communication to all the
other components.
AS2 Client (Rich client)
The AS2 client contains the transaction management, partner management, certificate
management (commercial version only). It allows to set all server properties and configure the system.
AS2 Client (Web client)
This is an optional component, it allows to monitor the AS2 transactions via a browser.
Database
The database server stores all information about the transactions and the master
data of partners, subjects etc. This could be either the embedded database system or (for the commercial edition with an additional plugin) an external database server (PostgreSQL, MySQL).
HTTP Server:
The HTTP server acts as a servlet container for the message receipt servlet.
It host alos some information pages. The servlet sends received messages via
RMI to the server. There is a HTTP server included in the installation package but its also possible to deploy the AS2 receiver in any other servlet container.
AS2 Sender:
This component sends messages and MDN (async) to the trading partner. It also
received MDN if the MDN of an outbound transmission is set to sync.
Notification:
Allows the notification via mail if there occured any event that requires user interaction.
Optional components for the mendelson AS2 (plugin concept)
The basic functionality of the mendelson AS2 can be extended by some functions and architectures by a plugin concept.We currently offer the following plugins:
- Plugin Java API
- Plugin REST API
- Plugin PostgreSQL database
- Plugin MySQL database
- Plugin HA (High availability) architecture
- Plugin OAUTH2 for SMTP and HTTP authentication
- Plugin HSM - allows to integrate your Hardware Security Modules
- Plugin WebInterface
Plugin Java API
With the help of this plugin you can access the functions of the mendelson AS2 in your own products by simply including the mendelson AS2 as lib in your Java projects. You then have the possibility to use the send and receive functions of the mendelson AS2 via a simple java API without needing a running mendelson AS2 server.
Save yourself the time and effort of implementing the proven functions of the mendelson AS2 yourself and benefit from mendelsons know-how.
Plugin REST API
This plugin allows the access to the mendelson AS2 via a REST API. If you want to integrate the system into your own web based environment, this is the right plugin for you.
Plugin PostgreSQL database
This plugin allows you to replace the internal supplied HSQLDB database with an external database system (PostgreSQL), which of course can also run on another system. Part of this plugin is also a wizard for data migration of your previous dataset.
This plugin has been tested with several versions of PostgreSQL (12.1, 12.4, 13.0, 13.1) and runs also fine with the PostgreSQL databases of cloud providers (e.g. AWS PostgreSQL).
Plugin MySQL database
This plugin allows you to replace the internal supplied HSQLDB database with an external database system (MySQL), which of course can also run on another system. Part of this plugin is also a wizard for data migration of your previous dataset. This plugin also includes the possibility to switch to MariaDB drivers.
MySQL is a registered trademark of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Plugin HA (High availability) architecture
This plugin allows you to combine several mendelson AS2 systems in a redundant cluster and thus obtain both fail-safety and scaling of performance. Prerequisite for each node of the HA network is a plugin PostgreSQL and a plugin HA. You can build the architecture with load balancer and external database server either in-house or also realize it via cloud providers.
In the HA architecture, you can stop individual nodes, add new ones as needed, and also perform updates to individual nodes without affecting the overall system.
The HA plugin thus offers you the possibility to flexibly adapt the mendelson AS2 system to your needs.
Plugin OAUTH2
This plugin adds OAUTH2 authentication posibilities to the AS2 message send process, async MDN send process and the mail notification process via SMTP.
Plugin HSM
This plugin allows to integrate HSM (Hardware Security Modules). It allows to manage your private keys and execute cryptographic operations in external devices/smartcards to harden your security. The communication interface to your HSM is PKCS#11.
Plugin WebInterface
This plugin allows view the transactions and details of them via a web browser.
*MySQL and Oracle DB are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.