Our client is a division of a global €6.1B enterprise software and expert-information group — a pioneer in digitalizing workflows for regulated, high-stakes legal environments. Its mature legal ecosystem runs the complete operational lifecycle of law firms: case tracking, documentation, automation, core client records. The system splits into two layers. The proprietary Java engine and backend are the vendor's. The entire web companion — the secure surface where law firms meet their clients — was architected, built and kept in production by Graffino.
The client
The client operates in legal technology as part of a global enterprise software group, building the software that law firms in a highly regulated market run their practices on. The relevant product is an all-in-one legal ecosystem: case-related workflows, documentation, automation and the core legal records of the firms' own clients.
Graffino's territory was the web companion application — the front-facing, secure client interaction layer. Through it, the work law firms used to handle by phone, email and manual data entry became structured digital workflows:
The friction
The structural friction sat exactly where law firms met their end clients. The core engine was solid; the operational line in front of it wasn't:
In other words: not a marketing website, and not a greenfield app. A web platform operating inside a regulated, enterprise legal-tech product ecosystem, where the backend was non-negotiable and the tenants numbered in the hundreds.
The core engine is the vendor's. The entire web interaction layer — architecture, build and production — is Graffino's.
The approach
The companion application doesn't sit politely next to the core platform — it's wired into it. Three principles ran through the engineering:
What we architected
A WordPress multisite architecture carrying hundreds of isolated firm instances on one unified, maintainable codebase.
A custom theme paired with a highly reactive VueJS application layer — later refactored to Vue 3 and Vite in the V8 modernization stream.
SOAP API connectivity exchanging complex structured XML payloads with the vendor's legacy Java backend — natively, not through a shim.
Standard WordPress authentication cut out entirely, replaced with a custom login engine tied directly to the core platform's Java API.
An interactive, tree-based document viewer that formats menus and access automatically from permission keys pushed by the vendor's API.
Runtime cookie and payload session encryption, plus deep open-source antivirus binary scanning to validate every user document upload safely.
An independent Laravel application that lets the vendor auto-provision, configure and launch container-ready, self-hosted instances — single-click.
Complete system Dockerization, the Vue 3 / Vite frontend refactor and admin panel consolidation — delivered inside the living product.
Inside the system
Everything left and center is Graffino's scope. Authentication, permissions and data originate on the right — the web layer orchestrates them into a product.
Before / after
| Area | Before | After |
|---|---|---|
| Client interaction | Phone and email exchanges, unstructured requests | A structured, secure digital surface with real-time case data |
| Case updates | Manual entry, duplicated across systems | API-driven flows straight into the core platform |
| Documents | Files tracked across disconnected tools | Bulk upload, antivirus-scanned, permission-gated, routed |
| Authentication | Generic CMS login, separate from the platform | Custom engine bound directly to the core Java API |
| New firm onboarding | Manual instance setup | Single-click auto-provisioning of container-ready instances |
| Frontend stack | Aging application layer | Vue 3 + Vite + Docker — modernized without touching the core |
Verified outcomes
No inflated ROI math here — the outcomes below are the verified operational footprint of the platform and the architectural facts of the engagement.
Active law firms on the platform
Securely separated tenants — firms and their independent branches — activated, configured and served from one unified codebase.
Administrative friction
Digitized claims, appointment updates, counsel visibility and bulk uploads cut manual routing, duplicate entry and cross-system errors.
Core platform risk
Client-facing UX and performance revitalized — Vue 3, Vite, Docker — without the capital expense of replacing the central Java platform.
Tenant operations
Auto-provisioned, container-ready instances replaced manual setup for enterprise onboarding.
Security posture
Encrypted sessions and payloads, API-bound authentication, and antivirus scanning on every upload — fit for regulated legal work.
Vendor relationship
When the original integrator arrangement ended, the client bypassed agency structures and continued with Graffino directly — no outsourcing walls.
Production continuity
Consecutive production continuity across contract structures and technology generations.
Why it matters
This is what it takes to own a web layer inside an enterprise product: deep orchestration against a legacy API that won't bend, security infrastructure fit for legal records, tenant isolation at the scale of hundreds of firms, and the judgment to modernize a living system without ever putting it at risk. The vendor kept the engagement direct because the alternative — re-explaining all of that to a new partner — is the real cost of switching.
The pattern travels. Any enterprise with a proprietary core and a web-facing layer that needs to be architected, secured and continuously modernized — in fintech, insurance, healthcare or legal — has a version of the same problem. The same engineering discipline solves it.
Have a core platform that needs a world-class web layer?
We build and run API-driven web layers on top of enterprise infrastructure — legacy protocols, multi-tenant scale, regulated-industry security and all. Tell us what your core can't do alone.