IBM Security Verify

 View Only

  • 1.  Avoid WebSEAL Sending Empty Headers to Junctions

    Posted Mon April 29, 2024 06:51 AM

    Hi,

    Is there any way to keep WebSEAL from sending a header value to a junction, if the said header's value is empty?

    Our current configuration is setting a junction header value in the WebSEAL configuration file: http-header-attributes = attribute_name:::header_name

    When the attribute_name attribute is set, the header_name header is sent over the junction as expected with that value, but when the attribute_name is not set or empty, the header is still sent through as "header_name: " which is what I am trying to avoid

    Thanks



    ------------------------------
    Martin van der Wel
    ------------------------------


  • 2.  RE: Avoid WebSEAL Sending Empty Headers to Junctions
    Best Answer

    Posted Mon April 29, 2024 04:48 PM

    Martin,

     

    Unfortunately there is no way to prevent WebSEAL from inserting an empty header if the credential attribute is missing – a design decision was made to always include the HTTP header.

     

    Having said this, it would be relatively easy to create a Lua transformation rule which selectively adds a credential attribute as a HTTP header: https://www.ibm.com/docs/en/sva/10.0.7?topic=transformations-lua-transformation.

     

    I hope that this helps.

     

    Scott A. Exton
    Senior Software Engineer
    Chief Programmer - IBM Security Verify Access
    IBM Master Inventor

    cid4122760825*<a href=image002.png@01D85F83.85516C50">

     

     

     




    Original Message


  • 3.  RE: Avoid WebSEAL Sending Empty Headers to Junctions

    Posted Tue April 30, 2024 09:28 AM

    Thanks Scott,

    This is most helpful, we will look into the transformation rules

    Regards,

    Martin



    ------------------------------
    Martin van der Wel
    ------------------------------

    Original Message