What Should be Returned for OPTIONS Method After It Was Disabled
(Doc ID 2487457.1)
Last updated on AUGUST 17, 2023
Applies to:
Oracle WebLogic Server - Version 10.3.6 and laterInformation in this document applies to any platform.
Symptoms
<Document 1076314.1> shows how to restrict the access to HTTP methods such as OPTIONS or DELETE using security constraints in the {application_name}/WEB-INF/web.xml. After it's done, user will get response of "401 Unauthorized" when attempting to access application with HTTP methods that was restricted.
To provide end user friendly experience, "401 Unauthorized" error page was expected to be replaced with a customized page. It could be implemented in {application_name}/WEB-INF/web.xml with below setting:
Changes
Restrict HTTP method of "OPTIONS" as <Document 1076314.1> described
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |