HTTP transformation rules let you modify HTTP requests and responses
as they pass through WebSEAL. XSLT is used for this functionality.
You can configure a Protected Object Policy (POP) to trigger the specified
rules.
WebSEAL administrators can configure the following modifications.
You can apply these transformations to HTTP requests and HTTP responses
(except where otherwise noted):
- Add a header
- Remove a header
- Modify an existing header
- Modify the URI (request only)
- Modify the method (request only)
- Modify the HTTP version
- Modify the HTTP status code (response only)
- Modify the status reason (response only)
- Add a cookie
- Remove a cookie
- Modify an existing cookie
- Add a body (response only)
Note: - It is not possible to modify the body of the request
or response. Similarly, you cannot modify cookies or headers that
are inserted by WebSEAL. For example, the Host, iv-user and iv-creds junction
headers.
- WebSEAL pages under the lib/html directory
are referred to as HTML server response pages. These
response pages are grouped into:
- Account management pages.
- Error message pages.
You can configure the names of
these response pages in the [acnt-mgt] stanza.