1. 技术文章
  2. How to make Apache Tomcat accept DELETE method

How to make Apache Tomcat accept DELETE method

坚强是说给别人听的谎言 提交于 2019-11-26 20:57:28

问题


I'm working on a project of RESTful web services, i'm using Apache Tomcat and JAX-RS.

I want to accept DELETE requests from client but whenever i send a DELETE request from Advanced REST client Chrome plugin it gives response code 403 Forbidden.

So how can i make Apche Tomcat accept DELETE request?


回答1:


Tomcat was blocking DELETE methods for me because of my CORS filters.

I needed new filters registered in my web.xml file. Here's an example of a very permissive one:

<filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
    <init-param>
        <param-name>cors.allowed.headers</param-name>
        <param-value>Accept,Accept-Encoding,Accept-Language,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,Connection,Content-Type,Host,Origin,Referer,Token-Id,User-Agent, X-Requested-With</param-value>
    </init-param>
    <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>*</param-value>
    </init-param>
    <init-param>
        <param-name>cors.allowed.methods</param-name>
        <param-value>GET, POST, PUT, DELETE, OPTIONS, HEAD</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CorsFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>



回答2:


Here are the reasons why you can get a 403 Forbidden from Tomcat for a DELETE request:

On each HTTP DELETE request processed by this servlet, the following processing shall be performed:

  • If modifications to the static resources are not allowed (set by a configuration parameter), return HTTP status 403 (forbidden).

  • If an attempt is made to delete a resource from /META-INF or /WEB-INF, return HTTP status 403 (forbidden).

  • If the requested resource does not exist, return HTTP status 404 (not found)

  • Unbind the resource from the directory context containing the static resources for this web application. If successful, return HTTP status 204 (no content). Otherwise, return HTTP status 405 (method not allowed).

Source: http://tomcat.apache.org/tomcat-5.5-doc/catalina/funcspecs/fs-default.html

Make sure you adhere to the tomcat specifications to avoid any problem.




回答3:


One more suggestion, double check the URL of your call and make sure it points to your intended servlet.

I got the same error when I mistyped a service URL in my code. I had api/roles/Service/roles when I needed api/rolesService/roles, fixing the typo resolved the error.You would expect a 404, but with DELETE on Tomcat, you get a 403.




回答4:


To enable other http methods in tomcat, configure in web.xml

<servlet>
    <servlet-name>default</servlet-name>
    <servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
    <init-param>
        <param-name>debug</param-name>
        <param-value>0</param-value>
    </init-param>
    <init-param>
        <param-name>listings</param-name>
        <param-value>false</param-value>
    </init-param>
    <init-param>
        <param-name>readonly</param-name>
        <param-value>false</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

Parameters debug and listings are loaded by default in tomcat, while the default readonly is true, meaning that only GET and POST are available.

Other params available are:

     debug               Debugging detail level for messages logged     
                         by this servlet.  [0]                          

     fileEncoding        Encoding to be used to read static resources   
                         [platform default]                             

     input               Input buffer size (in bytes) when reading      
                         resources to be served.  [2048]                

     listings            Should directory listings be produced if there 
                         is no welcome file in this directory?  [false] 
                         WARNING: Listings for directories with many    
                         entries can be slow and may consume            
                         significant proportions of server resources.   

     output              Output buffer size (in bytes) when writing     
                         resources to be served.  [2048]                

     readonly            Is this context "read only", so HTTP           
                         commands like PUT and DELETE are               
                         rejected?  [true]                              

     readmeFile          File to display together with the directory    
                         contents. [null]                               

     sendfileSize        If the connector used supports sendfile, this  
                         represents the minimal file size in KB for     
                         which sendfile will be used. Use a negative    
                         value to always disable sendfile.  [48]        

     useAcceptRanges     Should the Accept-Ranges header be included    
                         in responses where appropriate? [true]


来源:https://stackoverflow.com/questions/17853812/how-to-make-apache-tomcat-accept-delete-method

标签
java
tomcat7
jax-rs
http-status-code-403
http-delete
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!