ISAM HTTP XSL Transformation Rule to Modify request Parameters

I had to write an XSL Stylesheet to modify a request parameter – I had to modify a request parameter in a TFIM SAML request from RelayState to Target, here is what I used changing request text from “something” to “another”:

<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="" version="1.0">
	This is a template stylesheet which should be used as a guide when
	using WebSEAL's HTTP Transformation engine. This sample is relevant to
	a request only.
   <!-- Firstly, strip any space elements -->
   <xsl:strip-space elements="*" />
		Perform a match on the root of the document. Output the required
		HTTPRequestChange elements and then process templates.
   <xsl:template match="/">
         <xsl:apply-templates />
		Match on the URI. Any URI processing should happen within this
   <xsl:template match="//HTTPRequest/RequestLine/URI">
      <xsl:variable name="output">
         <xsl:call-template name="string-replace-all">
            <xsl:with-param name="text" select="node()" />
            <xsl:with-param name="replace" select="'something'" />
            <xsl:with-param name="by" select="'anotherthing'" />
         <xsl:value-of select="$output" />
   <xsl:template match="//HTTPRequest/Scheme">
      <!--  Is the request http or https -->
   <xsl:template name="string-replace-all">
      <xsl:param name="text" />
      <xsl:param name="replace" />
      <xsl:param name="by" />
         <xsl:when test="contains($text, $replace)">
            <xsl:value-of select="substring-before($text,$replace)" />
            <xsl:value-of select="$by" />
            <xsl:call-template name="string-replace-all">
               <xsl:with-param name="text" select="substring-after($text,$replace)" />
               <xsl:with-param name="replace" select="$replace" />
               <xsl:with-param name="by" select="$by" />
            <xsl:value-of select="$text" />

You can test your XSL HTTP Transformation rule using the same tool I’ve used to Certificate XSLT mapping:

You can use my sample request as the input:

<?xml version="1.0" encoding="UTF-8"?>
      <Attributes />
      <Header name="accept">text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</Header>
      <Header name="accept-encoding">gzip, deflate, br</Header>
      <Header name="accept-language">en,en-AU;q=0.5</Header>
      <Header name="connection">keep-alive</Header>
      <Header name="host"></Header>
      <Header name="user-agent">Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Firefox/45.0</Header>
      <Header name="cache-control">max-age=0</Header>
      <Header name="dnt">1</Header>
      <Cookie name="PD-S-SESSION-ID">1_2_1_m6E7qH-JEvsY+KzrA5Y0FV6+ytubVMFRVqtklCZ52LUgLirM</Cookie>
      <Cookie name="AMWEBJCT!%2Fmga!JSESSIONID">00000tXmknP_KAXDaouCehZcNoJ:024ec1af-2336-4ef8-bb40-7dbebaafa82b</Cookie>
      <Cookie name="PD_STATEFUL_b34e3aba-c971-11e5-9f37-000c297edf67">%2Fmga</Cookie>
      <Cookie name="IV_JCT">%2Fmga</Cookie>

And the output should be:

<?xml version="1.0" encoding="UTF-8"?>

Apply it to your desired URL using a POP or using the URL matching like shown below:


# The following files are currently available for this configuration entry:
# - transform.xml
# - Empty
change = transform.xml


request-match = request:GET /snoop/dump.jsp*someparam*

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Up ↑

%d bloggers like this: