JBOSS HTTP 메소드 제한 방법

JBOSS HTTP 메소드 제한 방법

web.xml 파일 수정

<security-constraint>       <web-resource-collection>     <web-resource-name>restricted methods</web-resource-name>     <url-pattern>/*</url-pattern>     <http-method>PUT</http-method>     <http-method>DELETE</http-method> <http-method>HEAD</http-method> <http-method>OPTIONS</http-method> </web-resource-collection> <auth-constraint /> </security-constraint>

 

 

테스트 방법

 

[root@xxx test01]# curl -v -X TRACE http://192.168.131.130:8080/simple/index.jsp

* About to connect() to 192.168.131.130 port 8080 (#0)

*   Trying 192.168.131.130... connected

* Connected to 192.168.131.130 (192.168.131.130) port 8080 (#0)

> TRACE /simple/index.jsp HTTP/1.1

> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2

> Host: 192.168.131.130:8080

> Accept: */*

>

< HTTP/1.1 405 Method Not Allowed

< Server: Apache-Coyote/1.1

< Allow: OPTIONS

< Content-Length: 0

< Date: Thu, 25 Sep 2014 20:19:08 GMT

<

* Connection #0 to host 192.168.131.130 left intact

* Closing connection #0

 BY 차규철