www.rodneybeede.com "I would love to change the world, but they won't give me the source code" - unknown

Restricting HTTP methods in Java J2EE 6 - Last Modified 2013-01-11 20:43 UTC - Created 2013-01-11 20:43 UTC

I found a neat new feature of J2EE 6 which simplifies security configuration of applications. You can now whitelist versus blacklist allowed HTTP methods in your web.xml:
			<web-resource-name>Disable unneeded HTTP methods by 403 Forbidden them</web-resource-name>
		<auth-constraint />

Reference: https://blogs.oracle.com/nithya/entry/new_security_features_in_glassfish