Scenario 4: Modifying cookies only (HTTPResponse)
This scenario illustrates how to add, modify, and remove cookies in an HTTP Response. The XSLT in this example makes the following updates:
- Adds a cookie called NEW_COOKIE.
- Updates the EXISTING_COOKIE cookie domain to be domainB.com.
- Removes the cookie called OLD_COOKIE.
Input documents
The following sample input documents are used for this scenario:
HTTP Response
<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponse>
<ResponseLine>
<Version>HTTP/1.1</Version>
<StatusCode>503</StatusCode>
<Reason>Service Unavailable</Reason>
</ResponseLine>
<Headers>
<Header name="Date">Thu%2C%2016%20Sep%202010%2010
%3A57%3A52%20GMT</Header>
<Header name="Server">IBM_HTTP_Server</Header>
<Header name="Content-Type">text%2Fhtml%3Bcharset%3DUTF-8</Header>
<Header name="Content-Language">en-US</Header>
</Headers>
<Cookies>
<Cookie name="EXISTING_COOKIE">
<Value>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Value>
<Path>/</Path>
<Domain>domainA.com</Domain>
<Expires>Wed, 09 Jun 2021 10:18:14 GMT</Expires>
<Secure>1</Secure>
<HTTPOnly>0</HTTPOnly>
</Cookie>
<Cookie name="OLD_COOKIE">
<Value>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Value>
<Path>/</Path>
<Domain>domainA.com</Domain>
<Expires>Mon, 07 Jun 2021 11:18:21 GMT</Expires>
<Secure>1</Secure>
<HTTPOnly>0</HTTPOnly>
</Cookie>
</Cookies>
</HTTPResponse>XSLT Rules
Note: These
rules must be stored in an XSL document that is defined as a response
resource with an associated POP. See Configuration.
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
version="1.0">
<!--Firstly, strip any space elements -->
<xsl:strip-space elements="*" />
<!--
Perform a match on the root of the document. Output the required
HTTPResponseChange elements and then process templates.
-->
<xsl:template match="/">
<HTTPResponseChange>
<xsl:apply-templates />
</HTTPResponseChange>
</xsl:template>
<!--
Do nothing to the Version
-->
<xsl:template match="//HTTPResponse/ResponseLine/Version" />
<!--
Do nothing to the StatusCode
-->
<xsl:template match="//HTTPResponse/ResponseLine/StatusCode" />
<!--
Do nothing to the Reason
-->
<xsl:template match="//HTTPResponse/ResponseLine/Reason" />
<!--
Do nothing to the Headers.
-->
<xsl:template match="//HTTPResponse/Headers" />
<!--
Match on the Cookies. Add a new cookie called NEW_COOKIE if
it does not exist.
-->
<xsl:template match="//HTTPResponse/Cookies">
<xsl:choose>
<xsl:when test="Cookie/@name=’NEW_COOKIE’" />
<xsl:otherwise>
<Cookie action="add" name="NEW_COOKIE">
<Content>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Content>
<Path>/</Path>
<Domain>domainA.com</Domain>
<Expires>Mon, 07 Jun 2021 10:12:14 GMT</Expires>
<Secure>1</Secure>
<HTTPOnly>0</HTTPOnly>
</Cookie>
</xsl:otherwise>
</xsl:choose>
<!-- Update the value of the EXISTING_COOKIE cookie -->
<xsl:if test="Cookie/@name='EXISTING_COOKIE'">
<Cookie action="update" name="EXISTING_COOKIE">
<Domain>domainB.com</Domain>
</Cookie>
</xsl:if>
<!-- Delete the OLD_COOKIE cookie -->
<xsl:if test="Cookie/@name='OLD_COOKIE'">
<Cookie action="remove" name="OLD_COOKIE" />
</xsl:if>
</xsl:template>
</xsl:stylesheet>Output XML document
In this scenario, the following XML document is output from the XSL transformation. This document defines the changes for WebSEAL to perform on the original HTTP response.
<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponseChange>
<Cookie action="add" name="NEW_COOKIE">
<Content>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Content>
<Path>/</Path>
<Domain>domainA.com</Domain>
<Expires>Mon, 07 Jun 2021 10:12:14 GMT</Expires>
<Secure>1</Secure>
<HTTPOnly>0</HTTPOnly>
</Cookie>
<Cookie action="update" name="EXISTING_COOKIE">
<Domain>domainB.com</Domain>
</Cookie>
<Cookie action="remove" name="OLD_COOKIE"></Cookie>
</HTTPResponseChange>