Datapower XQuery replace

Datapower XQuery replace

One of the clients that I’m working for discovered a problem with a SOAP web service querying an LDAP. The service could contain a ‘*’ in plain text in possibly different fields in the message. When the service is called it uses the ‘*’ as a wildcard. The system should handle the ‘*’ as plain text so we need to escape the character with ‘2a’ (escape for a LDAP filter query). So they looked in complete web service chain where the least impact was. They decided that an update in the DataPower configuration was the best option.
This is a small message example, but the ‘*’ can occur in couple different WSDL operations and in different fields.
<soap:Envelope xmlns:soap=”http://www.w3.org/2003/05/soap-envelope
               xmlns:tem=”http://tempuri.org/“>
   <soap:Header/>
   <soap:Body>
      <tem:FindUser>
        <tem:UserName>KMe_*</tem:UserName>
      </tem:FindUser>
   </soap:Body>
</soap:Envelope>
I immediately thought to use the function str:replace(). But unfortunately it is not supported in Datapower, which brought me to XQuery, as an alternative for XSLT. So this is the solution that I developed.
Because the replacement is only necessary for 3 operations from the WSDL I defined the policy-rule on WSDL operation level.
Below the XQuery code used to replace the ‘*’ into ‘2’a. The XQuery can be extended to handle other values that need to be escaped for example:  ( ) / NUL
xquery version “1.0”;
declare namespace local = “http://example.org”;
declare functionlocal:copy-replace($element as element()) {
  element {node-name($element)}
               {$element/@*,
                for $child in $element/node()
                return if ($child instance of element())
                       thenlocal:copy-replace($child)
                       else replace($child,‘*’,‘\2a’)
               }
};
local:copy-replace(/*)
The total number of requests that have a ‘*’ or other wildcards in the username is limited. To improve the performance I adapted the standard SQL-injection filter to search for ‘*’ and output the number of hits. This way when the hit count is 0 I can skip the XQuery transform action.
Author: Kim


Working at i8c
i8c is a system integrator that strives for an informal atmosphere between its employees, who have an average age of approx 30 years old. We invest a lot of effort in the professional development of each individual, through a direct connection between the consultants and the management (no multiple layers of middle management). We are based in Kontich, near Antwerp, but our customers are mainly located in the triangle Ghent-Antwerp-Brussels and belong to the top 500 companies in Belgium (Securex, Electrabel, UCB, etc…).
Quality Assurance
i8c is committed to delivering quality services and providing customer satisfaction. That’s why we invested in the introduction of a Quality Management System, which resulted in our ISO9001:2000 certification. This guarantees that we will meet your expectations, as a reliable, efficient and mature partner for your SOA & integration projects. i8c also signed the eTIC Benelux charter, which proves our commitment to ethical service delivery.