按网上的方法,在web.xml文件中增加了禁用非Post、get方法后
<security-constraint>
<web-resource-collection>
<web-resource-name>SSL</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint>
</auth-constraint>
</security-constraint>
测试一直没有生效。后来无意中发现,这段代码是插在web.xml中间的,必须要放在最后面才可行!!!