« New Release: CryptoNark v0.3 - Less Crypto, More Nark! | Main | Groovy 1.6.6 is Out »


New HOWTO: Disable HTTP Methods in Tomcat

I've just published a new HOWTO article on my companion site for those who want to know (or are being made to learn how to do it by some security guy) how to disable access to methods within Tomcat. In Apache, it's really easy but doing it in Tomcat requires looking through the java servlet specification and learning about security constraints. The HOWTO provides a very high level overview of what a security constraint is and provides a couple of basic examples. Please let me know what you think!

HOWTO: Disable HTTP Methods in Tomcat

Incidentally, this works in JBoss, too, as well as any Java Servlet specification-compliant container


TrackBack URL for this entry:

Listed below are links to weblogs that reference New HOWTO: Disable HTTP Methods in Tomcat: