由于通过xsan检测到tomcat服务器存在put&delete method.在通过查找后找到了disable的方法.
以下为tomcat5.5下的代码
由于tomcat5.0与tomcat5.5有很大区别.所以实际实现方法是不一样的.在修改时需要注意.而tomcat6.0还没有搞过disable过.所以还请自己搜下了.
以下为tomcat5.5下的代码
package
org.apache.catalina.valves;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.ValveContext;
import org.apache.catalina.valves.RequestFilterValve;
/***/ /**
*Concreteimplementationof<code>RequestFilterValve</code>thatfilters
*HTTPrequestsbaseduponthestringrepresentationoftherequestmethod.
*
*inserver.xml:<ValveclassName="org.apache.catalina.valves.HttpMethodValve"
*allow="comma-separated-string"deny="comma-separated-string"/>
*
*wherecomma-separated-stringisalistofHTTPmethods(uppercase)separated
*bycommas.
*
*Example:TodisablePUTandDELETEmethodsonastandaloneTomcat5server,
*
*<Engine...><!--or<Host>--><Valve
*className="org.apache.catalina.valves.HttpMethodValve"deny="PUT,DELETE"/>
*</Engine>
*
*@authorMarkAnderson
*@version$Revision:1.0$$Date:2004/12/2713:56:21$
*/
public final class HttpMethodValve extends RequestFilterValve ... {
//-----------------------------------------------------InstanceVariables
/***//**
*Thedescriptiveinformationrelatedtothisimplementation.
*/
privatestaticfinalStringinfo="org.apache.catalina.valves.HttpMethodValve/1.0";
//-------------------------------------------------------------Properties
/***//**
*ReturndescriptiveinformationaboutthisValveimplementation.
*/
publicStringgetInfo()...{
return(info);
}
//---------------------------------------------------------PublicMethods
/***//**
*Extractthedesiredrequestproperty,andpassit(alongwiththe
*specifiedrequestandresponseobjects)totheprotected
*<code>process()</code>methodtoperformtheactualfiltering.This
*methodmustbeimplementedbyaconcretesubclass.
*
*@paramrequest
*Theservletrequesttobeprocessed
*@paramresponse
*Theservletresponsetobecreated
*@paramcontext
*Thevalvecontextusedtoinvokethenextvalveinthecurrent
*processingpipeline
*
*@exceptionIOException
*ifaninput/outputerroroccurs
*@exceptionServletException
*ifaservleterroroccurs
*/
publicvoidinvoke(Requestrequest,Responseresponse)
throwsIOException,ServletException...{
ServletRequestsreq=request.getRequest();
if(sreqinstanceofHttpServletRequest)...{
HttpServletRequesthreq=(HttpServletRequest)sreq;
process(hreq.getMethod(),request,response);
}
}
}
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.ValveContext;
import org.apache.catalina.valves.RequestFilterValve;
/***/ /**
*Concreteimplementationof<code>RequestFilterValve</code>thatfilters
*HTTPrequestsbaseduponthestringrepresentationoftherequestmethod.
*
*inserver.xml:<ValveclassName="org.apache.catalina.valves.HttpMethodValve"
*allow="comma-separated-string"deny="comma-separated-string"/>
*
*wherecomma-separated-stringisalistofHTTPmethods(uppercase)separated
*bycommas.
*
*Example:TodisablePUTandDELETEmethodsonastandaloneTomcat5server,
*
*<Engine...><!--or<Host>--><Valve
*className="org.apache.catalina.valves.HttpMethodValve"deny="PUT,DELETE"/>
*</Engine>
*
*@authorMarkAnderson
*@version$Revision:1.0$$Date:2004/12/2713:56:21$
*/
public final class HttpMethodValve extends RequestFilterValve ... {
//-----------------------------------------------------InstanceVariables
/***//**
*Thedescriptiveinformationrelatedtothisimplementation.
*/
privatestaticfinalStringinfo="org.apache.catalina.valves.HttpMethodValve/1.0";
//-------------------------------------------------------------Properties
/***//**
*ReturndescriptiveinformationaboutthisValveimplementation.
*/
publicStringgetInfo()...{
return(info);
}
//---------------------------------------------------------PublicMethods
/***//**
*Extractthedesiredrequestproperty,andpassit(alongwiththe
*specifiedrequestandresponseobjects)totheprotected
*<code>process()</code>methodtoperformtheactualfiltering.This
*methodmustbeimplementedbyaconcretesubclass.
*
*@paramrequest
*Theservletrequesttobeprocessed
*@paramresponse
*Theservletresponsetobecreated
*@paramcontext
*Thevalvecontextusedtoinvokethenextvalveinthecurrent
*processingpipeline
*
*@exceptionIOException
*ifaninput/outputerroroccurs
*@exceptionServletException
*ifaservleterroroccurs
*/
publicvoidinvoke(Requestrequest,Responseresponse)
throwsIOException,ServletException...{
ServletRequestsreq=request.getRequest();
if(sreqinstanceofHttpServletRequest)...{
HttpServletRequesthreq=(HttpServletRequest)sreq;
process(hreq.getMethod(),request,response);
}
}
}