Example: Retrieving ADI from the request query string

Example: Retrieving ADI from the request query string

The following example authorization rule requires the name of the client's ZIP code as passed in the query string of a GET request (as submitted in response to a form). The client request is set up to include the ZIP code value in the "zip" field of the request query string.
https://www.service.com/location?zip=99999

The use of the AMWS_qs_ prefix in the rule alerts the authorization evaluation process the required ADI is available in the client request and that WebSEAL knows how to find, extract, and return this ADI.
<xsl:if test='AMWS_qs_zip = "99999"'>!TRUE!</xsl:if>

WebSEAL is designed to know how to handle the extraction of ADI information form the request:
[aznapi-configuration]
resource-manager-provided-adi = AMWS_qs_

WebSEAL looks for this information in the request query string under the field name "zip". WebSEAL extracts the value contained in the "zip" field and returns it to the authorization evaluation process.
The example authorization rule is evaluated to be true if the value provided in the request's query string "zip" field is "99999".In a similar manner, information required to evaluate an authorization rule can come from the request POST body or the request header.
Parent topic: ADI retrieval from the WebSEAL client request