PostRFP employs a modular architecture for extensibility, flexibily and scaleability. There are three groups of components: Core, Management & Peripheral. Authentication and User Directory services are externalised through a generic Java interface, enabling integration with 3rd party user directories (LDAP, Active Directory) and with SSO (Single Sign On) providers. The hosted version of PostRFP uses Yale's CAS server for SSO, and an LDAP directory for user and organisation data. Core has no user interface.
At the heart of PostRFP is a robust Java application, PostRFP Core, which enforces business rules and provides persistence (database logic). SQL operations are externalised from application code enabling databases to be switched with comparitive ease.
The next component is "Management" which consists of a web application exposing a user interface for business operations such as issuing or submitting RFPs. It also provides an HTTP/XML web services (REST) interface for specialised user interface applications
"Peripheral" applications are specialised applications for generating richly collaborative and/or graphical user interfaces. Data access uses the XML/HTTP API provided by the Management layer.
This architecture provides PostRFP with an enviable combination of robustness and flexibility. All critical business processes are managed by the Core, which is rigorously tested and which has a tightly restricted set of responsibilities. Other components are responsible for user interface generation, whilst external systems provide Authentication and User Directory services. PostRFP can scale horizontally with ease, simply by adding more servers to take up Peripheral services. Development resources can work very effectively in parallel by working to either a limited set of Java interfaces or the XML/HTTP web services API.