It is working fine in GlassFish v3 web container.
Do you have any web application deployed in your server?
If not, then it is related to
https://glassfish.dev.java.net/issues/show_bug.cgi?id=11234
If there is at least one web application deployed, then it should be
working fine in GlassFish v3.
Shing Wai Chan
glassfish_at_javadesktop.org wrote:
> I am asking the same old question as solution has not worked with my case.
>
> The question is " How to disable TRACE, PUT, DELETE protocols in Glassfish V3 prelude?
>
> Through admin gui console I added "traceEnabled" property and set its value "false" under http-listener. It is not working . The Nikto is showing message like
> -------------------------------
> OSVDB-0 : Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS
> ---------------------------------
>
> Then I found "domain.xml" file under .../lib/templets folder. I manually added the following entry under <http-service>
>
> ------------------------------------------------
> <property value="false" name="traceEnabled" />
> </http-service>
> ------------------------------------------------
> It also not worked as per expectation. NiKto is till showing the message indicating the TRACE is enabled.
>
> Please help
> [Message sent by forum member 'sspadmin' ]
>
> http://forums.java.net/jive/thread.jspa?messageID=374263
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>