IBM Security Access Manager for Web, Version 7.0

Scenario 2: Modifying the headers only (HTTPResponse)

This scenario illustrates how to modify the headers in an HTTP Response. The XSLT in this example adds a new header called RESPONSE_A with the value VALUE_A if it does not exist.

Input documents

The following sample input documents are used for this scenario:

HTTP Response

<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponse>
	<ResponseLine>
		<Version>HTTP/1.1</Version>
		<StatusCode>200</StatusCode>
		<Reason>OK</Reason>
	</ResponseLine>
	<Headers>
		<Header name="Date">Thu%2C%2016%20Sep%202010%2010
			%3A57%3A52%20GMT</Header>
		<Header name="Server">IBM_HTTP_Server</Header>
		<Header name="Content-Type">text%2Fhtml%3Bcharset%3DUTF-8</Header>
		<Header name="Content-Language">en-US</Header>
	</Headers>
	<Cookies>
		<Cookie name="PD-S-SESSION-ID">
			<Content>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Content>
			<Path>/</Path>
			<Domain>domainA.com</Domain>
			<Expires>Wed, 09 Jun 2021 10:18:14 GMT</Expires>
			<Secure>1</Secure>
			<HTTPOnly>0</HTTPOnly>
		</Cookie>
	</Cookies>
</HTTPResponse>

XSLT Rules

Note: These rules must be stored in an XSL document that is defined as a response resource with an associated POP. See Configuration.
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
	version="1.0">

	<!--Firstly, strip any space elements -->
	<xsl:strip-space elements="*" />
	
	<!-- 
		Perform a match on the root of the document. Output the required
		HTTPResponseChange elements and then process templates.	
	-->
		<xsl:template match="/">
			<HTTPResponseChange>
				<xsl:apply-templates />
			</HTTPResponseChange>
		</xsl:template>
	
	<!-- 
		Do nothing to the Version
	-->	
	<xsl:template match="//HTTPResponse/ResponseLine/Version" />

	<!-- 
		Do nothing to the StatusCode
	-->	
	<xsl:template match="//HTTPResponse/ResponseLine/StatusCode" />


	<!-- 
		Do nothing to the Reason
	-->	
	<xsl:template match="//HTTPResponse/ResponseLine/Reason" />

	<!-- 
		Match on the Headers. Add a new header called RESPONSE_A 
		if it does not exist.
	-->
	<xsl:template match="//HTTPResponse/Headers">
		<xsl:choose>
			<xsl:when test="Header/@name='RESPONSE_A'"/>
			<xsl:otherwise>
				<Header action="add" name="RESPONSE_A">
					VALUE_A
				</Header>
			</xsl:otherwise>
		</xsl:choose>
	</xsl:template>

<!-- 
		Do nothing to the Cookies
	-->	
	<xsl:template match="//HTTPResponse/Cookies" />

</xsl:stylesheet>

Output XML document

In this scenario, the following XML document is output from the XSL transformation. This document outlines changes for WebSEAL to perform on the original HTTP response.

<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponseChange>
	<Header action="add" name="RESPONSE_A">VALUE_A</Header>
</HTTPResponseChange>
Parent topic: Example HTTP transformation scenarios

Feedback