Disabling HTTP Methods in JBoss EAP 4 or 5

Solution Verified - Updated -

Issue

  • How to disable HTTP methods in JBoss EAP 4?
  • How to disallow HTTP methods in JBoss EAP 4?
  • How to disable HTTP methods in JBoss EAP 5?
  • How to disallow HTTP methods in JBoss EAP 5?
  • For security reasons we would like to disable certain HTTP methods (PUT, CONNECT,DELETE, TRACE and OPTIONS) in JBoss. Is there a way to do this by using JBoss configuration?
  • We need to limit HTTP methods for JBOSS EAP 6.1. Please explain in detail where this is done in the EAP configuration. We are running EAP 6.1 in Domain mode and need to limit the HTTP methods for all instances running in the Domain.
  • Please provide the procedure to disable HTTP Options, PUT and DELETE Methods in JBoss EAP.
  • How to disable HTTP TRACE / OPTIONS method?
  • CONNECT Method Allowed in HTTP Server

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 4.x
    • 5.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content