The HTTP requests and responses received by
WebSEAL are expressed as XML objects and can be manipulated using
XSL transformations.
You can use XSLT rules to represent the changes that you want to
apply to the HTTP requests and responses as they pass through WebSEAL.
WebSEAL uses the following two inputs for the HTTP transformations:
- An XML representation of the HTTP request or HTTP
response. Attributes from the credential can be added to the XML object,
but the credential attributes cannot be manipulated by the XSL transformations.
- An XSLT that determines how the request or response is modified.
The output from the transformation is an XML document that outlines
the changes required to the HTTP request or HTTP response.
Note: - The XSLT rules are contained in a rules file. If a rules file
is changed, you must restart the WebSEAL server for the changes to
take effect.
- Header fields must be URL encoded to avoid any XML issues. WebSEAL
uses URL encoded header values during the transformation process.