【问题描述】

PAS如何禁用WebDAV或者禁用不安全的HTTP方法

【解决方案】

以hello应用为例，hello应用部署在默认实例server上端口为8080。

配置步骤：

1、停止PAS
2、修改 {PAS安装目录}/pas6/pas/domains/domain1/config/default-web.xml
   在 <welcome-file-list>和<login-config>之间增加如下配置（注：禁用方法根据实际情况配置）：
   <security-constraint>
    <web-resource-collection>
        <web-resource-name>fortune</web-resource-name>
        <url-pattern>/*</url-pattern>
        <http-method>PUT</http-method>
        <http-method>MOVE</http-method>
        <http-method>COPY</http-method>
        <http-method>DELETE</http-method>
        <http-method>PROPFIND</http-method>
        <http-method>SEARCH</http-method>
        <http-method>MKCOL</http-method>
        <http-method>LOCK</http-method>
        <http-method>UNLOCK</http-method>
        <http-method>PROPPATCH</http-method>
        <http-method>HEAD</http-method>
        <http-method>OPTIONS</http-method>
        <http-method>TRACE</http-method>
    </web-resource-collection>
    <auth-constraint></auth-constraint>
</security-constraint>

3、启动PAS

4、使用 curl -X OPTIONS http://localhost:8080 -I  命令测试