IBM Security Access Manager for Web, Version 7.0

Scenario 5: Providing a response to a known HTTP request

This scenario illustrates how a HTTPResponseChange document can be used to generate a response directly from a request. In this scenario, if a cookie with name 'invalid-cookie' exists in the HTTP Request then the XSL transformation produces an HTTP Response that indicates an invalid cookie was detected.

Input documents

The following sample input documents are used for this scenario:

HTTP Request

<?xml version="1.0" encoding="UTF-8"?>
<HTTPRequest>
	<RequestLine>
		<Method>GET</Method>
		<URI>/en/us/</URI>
		<Version>HTTP/1.1</Version>
	</RequestLine>
	<Headers>
		<Header name="User-Agent">curl%2F7.18.2%20(i486-pc-linux-gnu)%20libcurl
		%2F7.18.2%20OpenSSL%2F0.9.8g%20zlib%2F1.2.3.3%20libidn%2F1.8</Header>
		<Header name="Host">www.ibm.com</Header>
		<Header name="Accept">*%2F*</Header>
	</Headers>
	<Cookies>
		<Cookie name="invalid-cookie">0</Cookie>
	</Cookies>
</HTTPRequest>

XSLT Rules

Note: These rules must be stored in an XSL document that is defined as a response resource with an associated POP. See Configuration.
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
	version="1.0">

	<!-- Firstly, strip any space elements -->
	<xsl:strip-space elements="*" />

	<!--
		Perform a match on the root of the document. Output the required
		HTTPRequestChange elements and then process templates.
	-->
	<xsl:template match="/">
		<xsl:apply-templates />
	</xsl:template>

	<!--
		Do nothing with Method
	-->
	<xsl:template match="//HTTPRequest/RequestLine/Method" />

	<!--
	Do nothing with URI
	-->
	<xsl:template match="//HTTPRequest/RequestLine/URI"/>

	<!--
	Do nothing with Version
	-->
	<xsl:template match="//HTTPRequest/RequestLine/Version" />

	<!--
	Do nothing with Headers
	-->
	<xsl:template match="//HTTPRequest/Headers" />

	<!-- 
	Check for the presence of a cookie name 'invalid-cookie'
	-->
	<xsl:template match="//HTTPRequest/Cookies/Cookie">
		<xsl:choose>
			<xsl:when test="@name = 'invalid-cookie'">
				<HTTPResponseChange action="replace">
					<Version>HTTP/1.1</Version>
					<StatusCode>503</StatusCode>
					<Reason>Not Implemented</Reason>
					<Header name="Date" action="add">Thu%2C%2016%20Sep%202010%2010</Header>
					<Header name="Server" action="add">IBM_HTTP_Server</Header>
					<Header name="Content-Type" action="add">text%2Fhtml%3Bcharset%3DUTF-8</Header>
					<Header name="Content-Language" action="add">en-US</Header>
					<Body>%3Ch1%3EError%3C%2Fh1%3E%0A%3Cp%3EInvalid%20cookie%20%3C%2Fp%3E</Body>
				</HTTPResponseChange>
			</xsl:when>
		</xsl:choose>
	</xsl:template>

</xsl:stylesheet>

Output XML document

In this scenario, the following XML document is output from the XSL transformation. This document defines the response that WebSEAL provides to the original HTTP request.

<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponseChange action="replace">
	<Version>HTTP/1.1</Version>
	<StatusCode>503</StatusCode>
	<Reason>Not Implemented<Reason>
	<Header name="Date" action="add">Thu%2C%2016%20Sep%202010%2010</Header>
	<Header name="Server" action="add"></Header>
	<Header name="Content-Type" action="add">text%2Fhtml%3Bcharset%3DUTF-8</Header>
	<Header name="Content-Language" action="add">en-US</Header>
	<Body>%3Ch1%3EError%3C%2Fh1%3E%0A%3Cp%3EInvalid%20cookie%20%3C%2Fp%3E</Body>
</HTTPResponseChange>


Feedback