We are using Glassfish 2.1.1 and 18.104.22.168. We have attempted to disable these HTTP methods using "traceEnabled=false" and nothing is working. The results of doing HTTP OPTIONS is always showing these methods.
> OPTIONS / HTTP/1.1
> User-Agent: curl/7.31.0
> Accept: */*
< HTTP/1.1 200 OK
< X-Powered-By: Servlet/2.5
* Server Sun GlassFish Enterprise Server v2.1.1 is not blacklisted
< Server: Sun GlassFish Enterprise Server v2.1.1
< Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS
< Content-Type: text/html; charset=iso-8859-1
< Content-Length: 0
< Date: Thu, 11 Jul 2013 16:07:57 GMT
We are looking for step-by-step instructions to configure each version of Glassfish to disable PUT, DELETE and TRACE methods.