HTTP transformations

HTTP transformation rules let you modify HTTP requests and responses as they pass through WebSEAL. XSLT is used for this functionality. You can configure a Protected Object Policy (POP) to trigger the specified rules.

WebSEAL administrators can configure the following modifications. You can apply these transformations to HTTP requests and HTTP responses (except where otherwise noted):

  1. It is not possible to modify the body of the request or response. Similarly, you cannot modify cookies or headers that are inserted by WebSEAL. For example, the Host, iv-user and iv-creds junction headers.
  2. WebSEAL pages under the lib/html directory are referred to as HTML server response pages. These response pages are grouped into:
    • Account management pages.
    • Error message pages.

    You can configure the names of these response pages in the [acnt-mgt] stanza.