按網上的方法,在web.xml文件中增加了禁用非Post、get方法后
<security-constraint>
<web-resource-collection>
<web-resource-name>SSL</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint>
</auth-constraint>
</security-constraint>
測試一直沒有生效。后來無意中發現,這段代碼是插在web.xml中間的,必須要放在最后面才可行!!!