This scenario illustrates how a HTTPResponseChange document can be used to generate a response directly from a request. In this scenario, if a cookie with name 'invalid-cookie' exists in the HTTP Request then the XSL transformation produces an HTTP Response that indicates an invalid cookie was detected.
The following sample input documents are used for this scenario:
HTTP Request
<?xml version="1.0" encoding="UTF-8"?>
<HTTPRequest>
<RequestLine>
<Method>GET</Method>
<URI>/en/us/</URI>
<Version>HTTP/1.1</Version>
</RequestLine>
<Headers>
<Header name="User-Agent">curl%2F7.18.2%20(i486-pc-linux-gnu)%20libcurl
%2F7.18.2%20OpenSSL%2F0.9.8g%20zlib%2F1.2.3.3%20libidn%2F1.8</Header>
<Header name="Host">www.ibm.com</Header>
<Header name="Accept">*%2F*</Header>
</Headers>
<Cookies>
<Cookie name="invalid-cookie">0</Cookie>
</Cookies>
</HTTPRequest>
XSLT Rules
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
version="1.0">
<!-- Firstly, strip any space elements -->
<xsl:strip-space elements="*" />
<!--
Perform a match on the root of the document. Output the required
HTTPRequestChange elements and then process templates.
-->
<xsl:template match="/">
<xsl:apply-templates />
</xsl:template>
<!--
Do nothing with Method
-->
<xsl:template match="//HTTPRequest/RequestLine/Method" />
<!--
Do nothing with URI
-->
<xsl:template match="//HTTPRequest/RequestLine/URI"/>
<!--
Do nothing with Version
-->
<xsl:template match="//HTTPRequest/RequestLine/Version" />
<!--
Do nothing with Headers
-->
<xsl:template match="//HTTPRequest/Headers" />
<!--
Check for the presence of a cookie name 'invalid-cookie'
-->
<xsl:template match="//HTTPRequest/Cookies/Cookie">
<xsl:choose>
<xsl:when test="@name = 'invalid-cookie'">
<HTTPResponseChange action="replace">
<Version>HTTP/1.1</Version>
<StatusCode>503</StatusCode>
<Reason>Not Implemented</Reason>
<Header name="Date" action="add">Thu%2C%2016%20Sep%202010%2010</Header>
<Header name="Server" action="add">IBM_HTTP_Server</Header>
<Header name="Content-Type" action="add">text%2Fhtml%3Bcharset%3DUTF-8</Header>
<Header name="Content-Language" action="add">en-US</Header>
<Body>%3Ch1%3EError%3C%2Fh1%3E%0A%3Cp%3EInvalid%20cookie%20%3C%2Fp%3E</Body>
</HTTPResponseChange>
</xsl:when>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>
In this scenario, the following XML document is output from the XSL transformation. This document defines the response that WebSEAL provides to the original HTTP request.
<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponseChange action="replace">
<Version>HTTP/1.1</Version>
<StatusCode>503</StatusCode>
<Reason>Not Implemented<Reason>
<Header name="Date" action="add">Thu%2C%2016%20Sep%202010%2010</Header>
<Header name="Server" action="add"></Header>
<Header name="Content-Type" action="add">text%2Fhtml%3Bcharset%3DUTF-8</Header>
<Header name="Content-Language" action="add">en-US</Header>
<Body>%3Ch1%3EError%3C%2Fh1%3E%0A%3Cp%3EInvalid%20cookie%20%3C%2Fp%3E</Body>
</HTTPResponseChange>