We have a customer requirement to disable some HTTP methods like DELETE and TRACE for some specific services like Oozie. Is this possible to do from Cloudera Manager?
I did try manually changing the web.xml in the configuration directories of the services but any restart or configuration refresh done from Cloudera Manager overrides the configuration changes. Any help would be greatly appreciated.
May I know which particular web.xml did you tweak? I see these xmls gets refreshed on every restart
/var/lib/oozie/tomcat-deployment/conf/web.xml /var/lib/oozie/tomcat-deployment/conf/ssl/ssl-web.xml /var/lib/oozie/tomcat-deployment/webapps/oozie/WEB-INF/web.xml
The script which copies these files is /opt/cloudera/parcels/CDH/lib/oozie/tomcat-deployment.sh which would give you clues on the source files from which the above files gets copied to.
I don't think there is a "simple" method in amabri configurations.
But I would try to look in the web app configuration path, then the web.xml, ssl.xm ... and see if you can intervene at that level.
In other contexts these kinds of limitations were handled "before" they came to the ambari interfaces.