HTTP transformation rules

The HTTP requests and responses received by WebSEAL are expressed as XML objects and can be manipulated using XSL transformations.

You can use XSLT rules to represent the changes that you want to apply to the HTTP requests and responses as they pass through WebSEAL. WebSEAL uses the following two inputs for the HTTP transformations:

An XML representation of the HTTP request or HTTP response. Attributes from the credential can be added to the XML object, but the credential attributes cannot be manipulated by the XSL transformations.
An XSLT that determines how the request or response is modified.

The output from the transformation is an XML document that outlines the changes required to the HTTP request or HTTP response.

Note:

The XSLT rules are contained in a rules file. If a rules file is changed, you must restart the WebSEAL server for the changes to take effect.
Header fields must be URL encoded to avoid any XML issues. WebSEAL uses URL encoded header values during the transformation process.
The XML representation of the HTTP Response object includes an element <HTTPRequest> that contains all of the elements of the HTTP Request. This allows request elements to be used as part of the transformation of the HTTP Response.