Disabling HTTP Methods in Java Applications (Per WAR)
Issue
- How to disable HTTP methods in Java applications?
- How to disallow HTTP methods in Java deployments?
- For security reasons we would like to disable certain HTTP methods (PUT, DELETE, TRACE and OPTIONS) in Java. Is there a way to do this on application configuration?
- How to disable HTTP TRACE/OPTIONS method?
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- Red Hat JBoss Web Server (JWS)
- Apache Tomcat
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.