由于通过xsan检测到tomcat服务器存在put&delete method.在通过查找后找到了disable的方法.
以下为tomcat5.5下的代码
由于tomcat5.0与tomcat5.5有很大区别.所以实际实现方法是不一样的.在修改时需要注意.而tomcat6.0还没有搞过disable过.所以还请自己搜下了.
以下为tomcat5.5下的代码
package
org.apache.catalina.valves;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.ValveContext;
import org.apache.catalina.valves.RequestFilterValve;
/**
* Concrete implementation of <code>RequestFilterValve</code> that filters
* HTTP requests based upon the string representation of the request method.
*
* in server.xml: <Valve className="org.apache.catalina.valves.HttpMethodValve"
* allow="comma-separated-string" deny="comma-separated-string" />
*
* where comma-separated-string is a list of HTTP methods (uppercase) separated
* by commas.
*
* Example: To disable PUT and DELETE methods on a standalone Tomcat 5 server,
*
* <Engine ...> <!-- or <Host> --> <Valve
* className="org.apache.catalina.valves.HttpMethodValve" deny="PUT,DELETE" />
* </Engine>
*
* @author Mark Anderson
* @version $Revision: 1.0 $ $Date: 2004/12/27 13:56:21 $
*/
public final class HttpMethodValve extends RequestFilterValve {
// ----------------------------------------------------- Instance Variables
/**
* The descriptive information related to this implementation.
*/
private static final String info = "org.apache.catalina.valves.HttpMethodValve/1.0";
// ------------------------------------------------------------- Properties
/**
* Return descriptive information about this Valve implementation.
*/
public String getInfo() {
return (info);
}
// --------------------------------------------------------- Public Methods
/**
* Extract the desired request property, and pass it (along with the
* specified request and response objects) to the protected
* <code>process()</code> method to perform the actual filtering. This
* method must be implemented by a concrete subclass.
*
* @param request
* The servlet request to be processed
* @param response
* The servlet response to be created
* @param context
* The valve context used to invoke the next valve in the current
* processing pipeline
*
* @exception IOException
* if an input/output error occurs
* @exception ServletException
* if a servlet error occurs
*/
public void invoke(Request request, Response response)
throws IOException, ServletException {
ServletRequest sreq = request.getRequest();
if (sreq instanceof HttpServletRequest) {
HttpServletRequest hreq = (HttpServletRequest) sreq;
process(hreq.getMethod(), request, response);
}
}
}
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.ValveContext;
import org.apache.catalina.valves.RequestFilterValve;
/**
* Concrete implementation of <code>RequestFilterValve</code> that filters
* HTTP requests based upon the string representation of the request method.
*
* in server.xml: <Valve className="org.apache.catalina.valves.HttpMethodValve"
* allow="comma-separated-string" deny="comma-separated-string" />
*
* where comma-separated-string is a list of HTTP methods (uppercase) separated
* by commas.
*
* Example: To disable PUT and DELETE methods on a standalone Tomcat 5 server,
*
* <Engine ...> <!-- or <Host> --> <Valve
* className="org.apache.catalina.valves.HttpMethodValve" deny="PUT,DELETE" />
* </Engine>
*
* @author Mark Anderson
* @version $Revision: 1.0 $ $Date: 2004/12/27 13:56:21 $
*/
public final class HttpMethodValve extends RequestFilterValve {
// ----------------------------------------------------- Instance Variables
/**
* The descriptive information related to this implementation.
*/
private static final String info = "org.apache.catalina.valves.HttpMethodValve/1.0";
// ------------------------------------------------------------- Properties
/**
* Return descriptive information about this Valve implementation.
*/
public String getInfo() {
return (info);
}
// --------------------------------------------------------- Public Methods
/**
* Extract the desired request property, and pass it (along with the
* specified request and response objects) to the protected
* <code>process()</code> method to perform the actual filtering. This
* method must be implemented by a concrete subclass.
*
* @param request
* The servlet request to be processed
* @param response
* The servlet response to be created
* @param context
* The valve context used to invoke the next valve in the current
* processing pipeline
*
* @exception IOException
* if an input/output error occurs
* @exception ServletException
* if a servlet error occurs
*/
public void invoke(Request request, Response response)
throws IOException, ServletException {
ServletRequest sreq = request.getRequest();
if (sreq instanceof HttpServletRequest) {
HttpServletRequest hreq = (HttpServletRequest) sreq;
process(hreq.getMethod(), request, response);
}
}
}