My Oracle Support Banner

What Should be Returned for OPTIONS Method After It Was Disabled (Doc ID 2487457.1)

Last updated on SEPTEMBER 17, 2021

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.

Symptoms

<Document 1076314.1> shows how to restrict the access to HTTP methods such as OPTIONS or DELETE using security constraints in the {application_name}/WEB-INF/web.xml. After it's done, user will get response of "401 Unauthorized" when attempting to access application with HTTP methods that was restricted.

To provide end user friendly experience, "401 Unauthorized" error page was expected to be replaced with a customized page. It could be implemented in {application_name}/WEB-INF/web.xml with below setting:

Changes

 Restrict HTTP method of "OPTIONS" as  <Document 1076314.1> described

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.