« New Release: CryptoNark v0.3 - Less Crypto, More Nark! | Main | Groovy 1.6.6 is Out »

11/25/2009

New HOWTO: Disable HTTP Methods in Tomcat

I've just published a new HOWTO article on my companion site for those who want to know (or are being made to learn how to do it by some security guy) how to disable access to methods within Tomcat. In Apache, it's really easy but doing it in Tomcat requires looking through the java servlet specification and learning about security constraints. The HOWTO provides a very high level overview of what a security constraint is and provides a couple of basic examples. Please let me know what you think!

HOWTO: Disable HTTP Methods in Tomcat

Incidentally, this works in JBoss, too, as well as any Java Servlet specification-compliant container

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01156fbc6fe6970c012875dcabb7970c

Listed below are links to weblogs that reference New HOWTO: Disable HTTP Methods in Tomcat:

Comments