tomcat

如何禁止

如何禁止DELETE、PUT、OPTIONS、TRACE、HEAD等协议访问应用程序应用程序呢?

解决方法 
第一步:修改应用程序的web.xml文件的协议

?
1
2
3
4
5
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
 version="2.4">

第二步:在应用程序的web.xml中添加如下的代码即可

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
<security-constraint>
 <web-resource-collection>
  <url-pattern>/*</url-pattern>
  <http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
 </web-resource-collection>
 <auth-constraint>
 </auth-constraint>
 </security-constraint>
 <login-config>
 <auth-method>BASIC</auth-method>
 </login-config>
【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/guxiaobei/p/7942543.html