This section documents the processes that make up a running ArkCase system. Each of the below systems is a separate operating system process.
ArkCase Web Application
The ArkCase webapp provides the user interface and REST APIs that users and other systems use to perform their job functions.
The ArkCase webapp is a Java web archive (war) file. It must be hosted on an Apache Tomcat servlet container, running on Java 8.
ArkCase External Portal
The ArkCase webapp may be used in conjunction with an external portal. The external portal allows the public to request services, or check the status of their service requests; for instance, citizens may use a FOIA portal to submit FOIA requests, and to check the status of their in-process requests.
The external portal is split into two separate operating system processes.
- A REST external portal, which provides REST API and authentication services to the UI portal. The REST external portal is a Java war file; it can be hosted on any servlet container, and requires Java 8. The REST external portal in turn calls REST services provided by the ArkCase webapp, and so the REST external portal must be able to communicate via HTTP with the ArkCase webapp.
The ArkCase webapp uses an embedded Apache Solr search engine. Solr 7.2.1 is supported and tested with the current ArkCase version.
The ArkCase webapp uses the Content Management Interoperability Services (CMIS) protocol to store, retrieve, and version folders and files. ArkCase is tested and supported on Alfresco Content Services 5.1 and above.
Records Management, Document Retention, and Compliance
The ArkCase webapp provides an optional interface to a records management repository. There is no standard interface or protocol for records management, so each different records management vendor must be supported using their own API. Alfresco Governance Services is the only supported records management repository.
The ArkCase webapp stores structured metadata in a relational database. ArkCase supports MySQL, PostgreSQL, Oracle RDBMS, and PostgreSQL.
The ArkCase webapp uses Pentaho as a reporting engine. Pentaho 8.0 is tested and supported by ArkCase.
Any system capable of providing the above capabilities can run ArkCase. Specifically:
- Apache Tomcat (required for the ArkCase webapp and the ArkCase external REST/authentication portal)
- Any HTTP server (required for the ArkCase external UI portal)
- Java 8 (required for the ArkCase webapp, the ArkCase external REST/authentication portal, ActiveMQ, Solr, and Pentaho)
- CMIS services (required for the ArkCase webapp)
- MySQL, PostgreSQL, MS SQL Server, or Oracle database
- LDAP, Active Directory, or ADFS (required for authentication)
In practice, most customers deploy to CentOS version 7 hosts, with Active Directory or ADFS as the authentication mechanism.
Aside from the ArkCase External Portal, all components / operating system processes listed above should be available only to ArkCase users. To the extent possible, normal users should be restricted to the ArkCase web application; only system administrators and operators should have direct access to the other components.
Obviously the ArkCase External Portal must be available to the external users. As stated above, the external portal consists of a user interface and a REST/authentication portal.
The user interface must be deployed such that external users can interact with it; for FOIA systems, this effectively means every citizen within the scope of the FOIA agency (all US citizens for federal FOIA agencies; all state citizens for a state FOIA department; all city residents for a local FOIA department, and so on).
The user interface is of course hosted in the user's web browser. This web browser must be able to make HTTP requests to the REST/authentication portal; to the REST/authentication portal must also be available to all external users.
The REST/authentication portal in turn makes REST API calls to the ArkCase webapp. The ArkCase webapp should be configured so that only the REST/authentication portal can connect to it (along with the authorized internal users, of course).