On 02/15/2013 10:37 PM, Bill Shannon wrote:
> In addition to Ron's proposal that allows application developers to
> choose this behavior, I would be happy to allow the Servlet container
> to have a configurable option to control this behavior. Something like
> this: A Servlet container may provide a configurable option to select
> whether the default behavior for uncovered methods is ALLOW or DENY.
> This option may be configured on a per-application granularity or
> larger. Note that setting this default to DENY may cause some
> applications to fail. I think it's useful to give both administrators
> and application developers control over this behavior.
+1.
I think that's a good compromise. This option would have been
unavoidable in a container like Tomcat, and this clears out a
portability concern.
Rémy