-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Health Net Secure (HNS) is designed to provide a secure method for accessing the Ministry of Health's HL7v2 messaging services. It consists of 2 major components, a client and an ESB server.
The HNS-Client
is an optional component, it replaces the old HNClient and is intended to be a stop-gap solution for transitioning existing client applications to the new HNS-ESB without any modification to the client application. HNS-Client runs in the background on a clients server, and will allow client applications to send messages to it via the same connection protocol as the old HNClient (HL7XFER). The modern client incorporates a number of improvements including modern encryption protocols, and improves on a number of “pain points” experienced by current users of the HNClient such as encryption key management.
The HNS-ESB
exposes Ministry of Health HL7v2 services via an API Gateway. It is used to audit, and securely route any type of HL7v2 messages to their appropriate message service provider, such as RAPID or Pharmanet. This application acts as a single point of access for the HNClient-v2 application and it is not backwards compatible with the old HNClient.
The application performs an authorization check against the JWT that must be passed in the Authorization header and also does light message validation before routing the message to a final destination.
The following diagram shows a conceptual view of the new HNS architecture, and which components will be modified as part of the HNI Modernization project.
Component | Technology | Additional Notes |
---|---|---|
API Application Framework | Spring Boot | JDK 11 |
HL7v2 Messaging Framework | HAPI | |
Code Repository | GitHub | https://github.com/bcgov/moh-hni-esbhttps://github.com/bcgov/moh-hnclient-v2 |
Container Environment Platform | OpenShift Container Platform (OCP) | |
Database | PostgreSQL | Uses Patroni Clustering for HA. https://developer.gov.bc.ca/Patroni-Cluster-Setup-in-Openshift-4 |
Dependency Manager | Maven | For API |
Container Platform | Docker | |
Pipeline Orchestration | Github Actions & Argo CD | https://github.com/bcgov/moh-hni-esb/actions & https://argocd-shared.apps.silver.devops.gov.bc.ca/applications/ |
Manifest repository | Github | https://github.com/bcgov-c/tenant-gitops-c5839f |
Auth Provider | Keycloak | MoH Keycloak |
Secure Key/Password Storage | SVN | https://subversion.hlth.gov.bc.ca/svn/HNSecure/branches/HNIModernization. We will move to Vault for secret management: https://developer.gov.bc.ca/BC-Government-Vault-Secrets-Management |
API Gateway | KONG CE | https://developer.gov.bc.ca/API-Gateway-(powered-by-Kong-CE) |