If an HTTP transformation rule modifies the URI or host header of the request, WebSEAL reprocesses the transformed request.
This reprocessing ensures that the transformation does not bypass WebSEAL authorization. This behavior also means that administrators can define HTTP transformations rules to send requests to different junctions.
WebSEAL performs reprocessing (and authorization) on the first HTTP transformation only. Transformed requests undergo HTTP transformation again if there is an appropriate POP attached to the associated object space. See Protected Object Policy (POP). However, WebSEAL does not reprocess the new requests that result from these subsequent transformations.