My Oracle Support Banner

What Should be Returned for OPTIONS Method After It Was Disabled (Doc ID 2487457.1)

Last updated on AUGUST 17, 2023

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.


<Document 1076314.1> shows how to restrict the access to HTTP methods such as OPTIONS or DELETE using security constraints in the {application_name}/WEB-INF/web.xml. After it's done, user will get response of "401 Unauthorized" when attempting to access application with HTTP methods that was restricted.

To provide end user friendly experience, "401 Unauthorized" error page was expected to be replaced with a customized page. It could be implemented in {application_name}/WEB-INF/web.xml with below setting:


 Restrict HTTP method of "OPTIONS" as  <Document 1076314.1> described


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.