Scenario 5: Providing a response to a known HTTP request
This scenario illustrates how a HTTPResponseChange document can be used to generate a response directly from a request. In this scenario, if a cookie with name 'invalid-cookie' exists in the HTTP Request then the XSL transformation produces an HTTP Response that indicates an invalid cookie was detected.
Input documents
The following sample input documents are used for this scenario:
HTTP Request
<?xml version="1.0" encoding="UTF-8"?>
<HTTPRequest>
<Scheme>https</Scheme>
<RequestLine>
<Method>GET</Method>
<URI>/en/us/</URI>
<Version>HTTP/1.1</Version>
</RequestLine>
<Headers>
<Header name="User-Agent">curl%2F7.18.2%20(i486-pc-linux-gnu)%20libcurl
%2F7.18.2%20OpenSSL%2F0.9.8g%20zlib%2F1.2.3.3%20libidn%2F1.8</Header>
<Header name="Host">www.ibm.com</Header>
<Header name="Accept">*%2F*</Header>
</Headers>
<Cookies>
<Cookie name="invalid-cookie">0</Cookie>
</Cookies>
</HTTPRequest>
XSLT Rules
Note: These rules must be stored in an XSL document that is defined as a request
resource with an associated POP. See Configuration.
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
version="1.0">
<!-- Firstly, strip any space elements -->
<xsl:strip-space elements="*" />
<!--
Perform a match on the root of the document. Output the required
HTTPRequestChange elements and then process templates.
-->
<xsl:template match="/">
<HTTPRequestChange />
<xsl:apply-templates />
</xsl:template>
<!--
Do nothing with Method
-->
<xsl:template match="//HTTPRequest/RequestLine/Method" />
<!--
Do nothing with URI
-->
<xsl:template match="//HTTPRequest/RequestLine/URI"/>
<!--
Do nothing with Version
-->
<xsl:template match="//HTTPRequest/RequestLine/Version" />
<!--
Do nothing with Headers
-->
<xsl:template match="//HTTPRequest/Headers" />
<!--
Check for the presence of a cookie name 'invalid-cookie'
-->
<xsl:template match="//HTTPRequest/Cookies/Cookie">
<xsl:choose>
<xsl:when test="@name = 'invalid-cookie'">
<HTTPResponseChange action="replace">
<Version>HTTP/1.1</Version>
<StatusCode>503</StatusCode>
<Reason>Not Implemented</Reason>
<Header name="Date" action="add">Thu%2C%2016%20Sep%202010%2010</Header>
<Header name="Server" action="add">IBM_HTTP_Server</Header>
<Header name="Content-Type" action="add">text%2Fhtml%3Bcharset%3DUTF-8</Header>
<Header name="Content-Language" action="add">en-US</Header>
<Body>%3Ch1%3EError%3C%2Fh1%3E%0A%3Cp%3EInvalid%20cookie%20%3C%2Fp%3E</Body>
</HTTPResponseChange>
</xsl:when>
</xsl:choose>
</xsl:template>
<xsl:template match="//HTTPRequest/Credential" />
</xsl:stylesheet>
Output XML document
In this scenario, the following XML document is output from the XSL transformation. This document defines the response that WebSEAL provides to the original HTTP request.
<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponseChange action="replace">
<Version>HTTP/1.1</Version>
<StatusCode>503</StatusCode>
<Reason>Not Implemented<Reason>
<Header name="Date" action="add">Thu%2C%2016%20Sep%202010%2010</Header>
<Header name="Server" action="add"></Header>
<Header name="Content-Type" action="add">text%2Fhtml%3Bcharset%3DUTF-8</Header>
<Header name="Content-Language" action="add">en-US</Header>
<Body>%3Ch1%3EError%3C%2Fh1%3E%0A%3Cp%3EInvalid%20cookie%20%3C%2Fp%3E</Body>
</HTTPResponseChange>