Hello Professional Sun Users,
According to
http://web.archive.org/web/20041204161933/http://sunsolve.sun.com/search/document.do?assetkey=1-26-57670-1
we can disable the HTTP TRACE by adding the following lines of code into obj.conf:
[code]
<Client method="TRACE">
AuthTrans fn="set-variable" remove-headers="transfer-encoding" set-headers="content-length: 20114-1" error="501"
</Client>
[/code]
However, it was not working as expected, please kindly find the result at below:
[code]
$ telnet localhost 81
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
TRACE / HTTP/1.1
Host: test
HTTP/1.1 413 Request Entity Too Large
Server: Sun-ONE-Application-Server/7.0.0_01
Date: Tue, 06 Jan 2009 13:47:49 GMT
Content-length: 168
Content-type: text/html
Connection: close
<HTML><HEAD><TITLE>Request Entity Too Large</TITLE></HEAD>
<BODY><H1>Request Entity Too Large</H1>
A request entity is longer than the server can handle.
</BODY></HTML>Connection closed by foreign host.
[/code]
Below is my obj.conf:
[code]
# Sun Microsystems, Inc. - obj.conf
# You can edit this file, but comments and formatting changes
# might be lost when the admin server makes changes.
# Use only forward slashes in pathnames--backslashes can cause
# problems. See the documentation for more information.
<Object name="default">
<Client method="TRACE">
AuthTrans fn="set-variable" remove-headers="transfer-encoding" set-headers="content-length: 28731-1" error="501"
</Client>
AuthTrans fn="match-browser" browser="*MSIE*" ssl-unclean-shutdown="true"
NameTrans fn="ntrans-j2ee" name="j2ee"
NameTrans fn="pfx2dir" from="/mc-icons" dir="D:/Sun/AppServer7/lib/icons" name="es-internal"
NameTrans fn="document-root" root="$docroot"
PathCheck fn="nt-uri-clean"
PathCheck fn="find-pathinfo"
PathCheck fn="find-index" index-names="index.html,home.html"
PathCheck fn="check-acl" acl="default"
ObjectType fn="type-by-extension"
ObjectType fn="force-type" type="text/plain"
Service method="(GET|HEAD)" type="magnus-internal/imagemap" fn="imagemap"
Service method="(GET|HEAD)" type="magnus-internal/directory" fn="index-common"
Service method="(GET|HEAD|POST)" type="*~magnus-internal/*" fn="send-file"
Error fn="error-j2ee"
AddLog fn="flex-log" name="access"
</Object>
<Object name="j2ee">
ObjectType fn="force-type" type="text/html"
Service fn="service-j2ee" method="*"
</Object>
<Object name="cgi">
ObjectType fn="force-type" type="magnus-internal/cgi"
Service fn="send-cgi"
</Object>
<Object name="es-internal">
PathCheck fn="check-acl" acl="es-internal"
</Object>
[/code]
and my server1-obj.conf:
[code]
# Use only forward slashes in pathnames--backslashes can cause
# problems. See the documentation for more information.
<Object name="default">
<Client method="TRACE">
AuthTrans fn="set-variable" remove-headers="transfer-encoding" set-headers="content-length: 28731-1" error="501"
</Client>
AuthTrans fn="match-browser" browser="*MSIE*" ssl-unclean-shutdown="true"
NameTrans fn="ntrans-j2ee" name="j2ee"
NameTrans fn=pfx2dir from=/mc-icons dir="D:/Sun/AppServer7/lib/icons" name="es-internal"
NameTrans fn=document-root root="$docroot"
PathCheck fn=nt-uri-clean
PathCheck fn="check-acl" acl="default"
PathCheck fn=find-pathinfo
PathCheck fn=find-index index-names="index.html,home.html"
ObjectType fn=type-by-extension
ObjectType fn=force-type type=text/plain
Service method=(GET|HEAD) type=magnus-internal/imagemap fn=imagemap
Service method=(GET|HEAD) type=magnus-internal/directory fn=index-common
Service method=(GET|HEAD|POST) type=*~magnus-internal/* fn=send-file
Error fn="error-j2ee"
AddLog fn=flex-log name="access"
</Object>
<Object name="j2ee">
ObjectType fn=force-type type=text/html
Service fn="service-j2ee" method="*"
</Object>
<Object name="cgi">
ObjectType fn=force-type type=magnus-internal/cgi
Service fn=send-cgi
</Object>
<Object name="es-internal">
PathCheck fn="check-acl" acl="es-internal"
</Object>
[/code]
On the other hand, I also tried other alternative, which is:
http://blogs.sun.com/meena/entry/disabling_trace_in_sun_java
Whereby I add the following code into both my generated.server1.acl and genwork.server1.acl
[code]
deny absolute (http_trace, http_put, http_delete, http_move, http_mkdir, http_rmdir) user="anyone";
[/code]
again it was not working as expected, please kindly find my result at below:
[code]
$ telnet localhost 81
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
TRACE / HTTP/1.1
Host: foo
HTTP/1.1 413 Request Entity Too Large
Server: Sun-ONE-Application-Server/7.0.0_01
Date: Tue, 06 Jan 2009 14:23:47 GMT
Content-length: 168
Content-type: text/html
Connection: close
<HTML><HEAD><TITLE>Request Entity Too Large</TITLE></HEAD>
<BODY><H1>Request Entity Too Large</H1>
A request entity is longer than the server can handle.
</BODY></HTML>Connection closed by foreign host.
[/code]
[code]
$ telnet localhost 81
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
OPTIONS / HTTP/1.0
HTTP/1.1 200 OK
Server: Sun-ONE-Application-Server/7.0.0_01
Date: Tue, 06 Jan 2009 14:24:45 GMT
Content-length: 0
Content-type: magnus-internal/directory
Allow: HEAD, GET
Connection: close
Connection closed by foreign host.
[/code]
my generated.server1.acl file:
[code]
version 3.0;
acl "es-internal";
deny absolute (http_options, http_trace, http_put, http_delete, http_move, http_mkdir, http_rmdir) user="anyone";
deny absolute (http_options, http_trace, http_put, http_delete, http_move, http_mkdir, http_rmdir) user="all";
acl "default";
authenticate (user,group) {
prompt = "=";
};
deny absolute (all) user="all";
deny absolute (all) user="anyone";
[/code]
and my genwork.server1.acl file:
[code]
version 3.0;
acl "es-internal";
deny absolute (http_options, http_trace, http_put, http_delete, http_move, http_mkdir, http_rmdir) user="anyone";
deny absolute (http_options, http_trace, http_put, http_delete, http_move, http_mkdir, http_rmdir) user="all";
acl "default";
authenticate (user,group) {
prompt = "=";
};
deny absolute (all) user="all";
deny absolute (all) user="anyone";
[/code]
Anyone mind to advise where I have did wrong?
Thank you
[Message sent by forum member 'draggy' (draggy)]
http://forums.java.net/jive/thread.jspa?messageID=324271