当网站启用不安全的http方法是,相关的处理方式就是在网站的web.xml中配置先关的安全策略
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
当然,如果对于一台服务器上的多个网站都要进行这样处理会非常的麻烦,因此可以在Tomcat容器中的web.xml中配置这一条安全策略。