We were recently working on a project that involved sending a high volume of inbound SWIFT messages into an internal repository which would generate requests to other internal systems, depending on their content. As the internal repository was an encrypted system, we needed to assign WS-Security to sign these request messages so that they could be verified against the system in order to receive a valid response.
The tool allows us to sign these messages using WS-Security and WS-Addressing. We were signing these messages with a Timestamp Token, Username Token and a Signature using WS-Security and using WS-Addressing to set the destination. We needed to test these messages in the SIT environment and found that they were not being verified against the system.
The StarBase project team worked extensively with support to emulate the environment externally so that we could dig deeper and find the root of the problem.
Solving this problem was a key factor to ensure that the project could progress otherwise test execution could not begin. We managed to initially fix the issue with the Timestamp Token, Username Token and Signature fields; however the WS-Addressing element was amending the SWIFT message as it was leaving the tool so it was not validating correctly with the system.
We researched further into how the message was being sent from the tool and found that there was a single character being added to the message which caused the validation to fail.
A fix was implemented and a new version of the toolwas provided which enabled the project to progress.