Disabling PUT TRACE DELETE request in Apache Tomcat 6.0

I need to disable PUT, DELETE & TRACE HTTP requests on my Application Server, Apache Tomcat 6.0.

All other sources, i have searched till now, have directed me towards the limit parameter in httpd.conf, Hence I'd put it before-hand that I am not using Apache Web Server, and requests are directly being handled by Tomcat, and so there is no httpd.conf in picture.

Please suggest how should I do it on Tomcat?


Inside your WEBINF, add you can add a security constraint:


Alternatively, you can do these two things:

In server.xml, edit the <connector> element, add an attribute: allowTrace="false". Then edit the DefaultServlet: $CATALINA_HOME/conf/web.xml

<!-- blah blah blah -->

Need Your Help

How to change Formatting menu options in redactor?


By default, under the Formatting menu (when the button is clicked), there are these options:

Best way to conditionally link frameworks based on their availability in Xcode using Objective-C

objective-c ios frameworks

I'm developing an objective-c framework based off Cocoa touch and am looking at other frameworks for parsing data, both for JSON and XML.

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.