Poking around the code, it looks like there is no way to configure this without a code change.
Reading the following post, http://jetty.4.x6.nabble.com/Disable-HTTP-TRACE-in-Jetty-5-x-td12964.html, it seems it may not be necessary though. The TRACE method by default, while enabled, does not return content. Can you test and see if that satisfies the security issue? If disabling TRACE is needed, and my analysis of the need for a code change is correct, then a jira entry would be the next best step. -- View this message in context: http://activemq.2283324.n4.nabble.com/how-to-disable-TRACE-method-on-port-61614-tp4680056p4680088.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.