DataPower API Gateway
only

Configuring the XSLT policy for DataPower API Gateway

Follow these steps to configure the XSLT policy for DataPower® API Gateway in the assembly user interface.

About this task

Note: This topic describes the XSLT policy implementation in the DataPower API Gateway. If you are using the DataPower Gateway (v5 compatible), see Configuring the XSLT policy for DataPower Gateway (v5 compatible). For more information about the different types of gateway, see API Connect gateway types.

For information about how to configure the policy in your OpenAPI source, see xslt.

Procedure

  1. In the navigation pane, click Develop icon in the navigation pane Develop, then select the APIs tab.
    The Develop page opens.
  2. Click the title of the API that you want to work with, or create a new API.
  3. Select the Gateway tab, then click Policies in the navigation pane.
    For more information about working with the assembly editor for an API, see The assembly editor.
  4. Find the XSLT policy in the palette, and drag the policy onto your canvas.
  5. Specify the following properties.
    Table 1. XSLT policy properties
    Property label Required Description Data type
    Title Yes The title of the policy.

    The default value is xslt.

    string
    Description No A description of the policy. string
    Input No Indicates whether this XSLT input document uses the context current payload, or if there is no input.

    The check box is cleared by default, which indicates that there is no input.

    boolean
    Serialize output No If you select this option, the output tree that is generated by the XSLT policy is serialized. The content of message.body is updated with the serialized binary data rather than the XML tree.

    The check box is cleared by default, which indicates that the output tree is not serialized.

    boolean
    Source Yes The XSLT transform source to execute. string
    XSLT version No The XSLT processor version. The default value is XSLT10. string
    Strict No Whether to enable strict XSLT error checking. Non-strict operations attempt to recover from certain errors, such as use of undeclared variables, calling undeclared templates, and so forth. By default, strict XSLT error checking is enabled. boolean
    Profile rule No Whether to enable stylesheet profiling. This option should not be used in production environments. By default, stylesheet profiling is disabled. boolean
    Debug rule No Whether to run the stylesheet, XQuery script, and JSONiq script in debug mode. When a stylesheet, XQuery script, or JSONiq script is run in debug mode, it generates a custom web page instead of displaying its normal output. The web page details exactly what occurred during execution, including the values of variables and where particular pieces of the output came from. This option should not be used in production environments. By default, debug mode is disabled. boolean
    Streaming rule No Whether the stylesheet must be run in streaming mode. Transformation of the document begins before the input is fully parsed. Not all stylesheets can be streamed. If the stylesheet cannot be streamed, an error is generated and the input is not processed. By default, streaming mode is disabled. boolean
    Attempt streaming rule No Whether to attempt to run the stylesheet in streaming mode. Transformation of the document begins before the input is fully parsed. Not all stylesheets can be streamed. If the stylesheet cannot be streamed, a warning is generated during compilation and the stylesheet is read in the entire input as normal at execution time. By default, attempting to run the stylesheet in streaming mode is disabled. boolean
    Minimum output escaping rule No Whether to escape output produced from the stylesheet during processing. Minimal escaping is particularly useful when handling non-English character sets. By default, minimum escaping is disabled. boolean
    Maximum stack size No The maximum number of bytes that the stack is allowed to use while executing a stylesheet or other compiled content. This setting is used to block infinite recursion. The minimum value is 10 kilobytes, or 10,240 bytes. The maximum value is 100 megabytes, or 104,857,600 bytes. The default value is 1 megabyte, or 1,048,576 bytes. integer
    WS-I Basic Profile validation No The validation behavior to apply to WSDL files that are checked for conformance to section 5 of WS-I Basic Profile (version 1.0, April 2004). The default setting is Warn.
    Ignore
    Disables conformance checking.
    Warn
    Logs warnings for violations.
    Fail
    Forces conformance. Fails if the file contains any violation.
    string
    Validate message body No The validation behavior for the soap:Body. The default setting is Strict.
    Strict
    Validates this part of the message against the WSDL definition. Allows only messages that contain this part and that match the WSDL definition.
    Lax
    Validates this part of the message against the WSDL definition. If the message contains this part and the WSDL definition does not define this part, allow the message. If the message contains this part and the WSDL definition defines this part, allow the message only when there is a match.
    Skip
    Disables validation of this part of the message.
    string
    Validate message headers No

    The validation behavior for the soap:Header. The default setting is Lax.

    Strict
    Validates this part of the message against the WSDL definition. Allows only messages that contain this part and that match the WSDL definition.
    Lax
    Validates this part of the message against the WSDL definition. If the message contains this part and the WSDL definition does not define this part, allow the message. If the message contains this part and the WSDL definition defines this part, allow the message only when there is a match.
    Skip
    Disables validation of this part of the message.
    string
    Validate message fault details No Specifies the validation behavior for the fault detail. The default setting is Strict.
    Strict
    Validates this part of the message against the WSDL definition. Allows only messages that contain this part and that match the WSDL definition.
    Lax
    Validates this part of the message against the WSDL definition. If the message contains this part and the WSDL definition does not define this part, allow the message. If the message contains this part and the WSDL definition defines this part, allow the message only when there is a match.
    Skip
    Disables validation of this part of the message.
    string
    Require wrappers on fault details specified by type No Whether to require compatibility with RPC-style wrappers. By default, RPC-style wrappers are not required. boolean
    Specifically allow xsi:type='SOAP-ENC:Array' rule No Whether to allow the schema to accept most uses of elements with xsi:type='SOAP-ENC:Array' consistent with SOAP 1.1 Section 5, even when these attributes violate the XML Schema specification. Normally, the xsi:type attribute must name a type equal to or derived from the actual type of the element. For schemas compiled with this option, xsi:type is accepted specifically for the SOAP 1.1 Encoding 'Array' complex type if the element type is derived from SOAP-ENC:Array. The opposite is the normal allowable case. By default, elements with xsi:type='SOAP-ENC:Array' are not accepted. boolean
    Validate SOAP 1.1 encoding rule No Whether to perform extra schema validation following the encoding rules in SOAP 1.1 Section 5. When enabled, members of SOAP arrays are validated, attributes such as @id and @href are allowed even if they are not allowed by the schema, and @href values are checked to ensure that they have a corresponding @id element. By default, the extra validation is not performed. boolean
    Wildcards ignore xsi:type rule No Whether xs:any elements in the schema validate only child elements by name. The XML Schema specification requires that, if a wildcard matches an element but that element does not have an element declaration, the element is instead validated according to an xsi:type attribute on it. This option ignores those xsi:type attributes. It should be used for cases such as SOAP envelope validation where a further validation step will validate the contents matching the wildcard, possibly using the SOAP 1.1 encoding rules. By default, xsi:type attributes are not ignored. boolean
    Strict SOAP envelope version No Whether to strictly follow the SOAP binding in the WSDL. When enabled, only messages bound to SOAP 1.2 appear in SOAP 1.2 envelopes and only messages bound to SOAP 1.1 appear in SOAP 1.1 envelopes. By default, strict SOAP binding is disabled. boolean
    Debug XACML policy No Whether to compile XACML policies with debug information. Note that the XACML debugging messages are also controlled by the log event in the XACML category. Use the debug log level to view the full XACML debugging messages. By default, XACML policies are not compiled with debug information. boolean
    Accept MTOM/XOP optimized messages No Specifies whether the schema or WSDL document accepts messages where base64-encoded binary content was optimized according to the MTOM/XOP specifications. XOP binary-optimization replaces base64-encoded binary data with an xop:Include reference element that references the unencoded binary data located in an attachment. By default, MTOM/XOP optimized messages are disabled.
    • When disabled, such optimized messages are rejected by validation of the optimized form. Rejection occurs because the schema specifies a simple type that accepts base64-encoded data, such as xs:base64Binary or xs:string, but the message contains an xop:Include element instead.
    • When enabled, an xop:Include element can optionally appear in place of content for any XML Schema simple type that validates base64-encoded binary data. The xop:Include element itself will be validated according to the built-in schema in store:///schemas/xop.xsd.
    boolean
  6. Specify a version for the policy by clicking the Source icon OpenAPI Source icon, and completing the version section of the policy YAML. For example:
    execute:
      - xslt:
          version: 2.1.0
          title: xslt
      ...
    You must specify a version for the policy that is compatible with the gateway that you are using. When the API is published, if the version is incompatible with the gateway, a validation error is thrown that specifies the available versions.
  7. Click Save.