On 6/7/05, Peter Fellwock <[EMAIL PROTECTED]> wrote:
> Tomcat Gurus:
>
>
>
> How can I disable "put" and "delete" http methods?
>
Putting a security constraint in web.xml works. Try this in
applications web.xml. Usually it will be last element in the web.xml.
<security-constraint>
<web-resource-collection>
<web-resource-name>Disallowed Location</web-resource-name>
<url-pattern>*</url-pattern>
<http-method>DELETE</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
--
rgds
Anto Paul
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
