No. By default HTTP Trace is not defined in the Tomcat configurations which, per Tomcat documentation, means it is disabled.
You can verify if this setting has been manually changed in your install of Enforce by following the steps below:
- On the Enforce server, browse to <install root>\Vontu\Protect\tomcat\conf
- Open the file 'server.xml'
- Locate the '<Connector ...>' tag and look for an 'allowTrace' variable
- If there is no 'allowTrace' variable or if it is defined and set to 'false', then HTTP Trace is disabled
- If it exists and is set to 'true', the HTTP Trace method is enabled (this is not the default and would indicate it has been manually changed at some point)
- 'Connector' tag with HTTP Trace explicity enabled:
<Connector URIEncoding="UTF-8" acceptCount="100" clientAuth="false" debug="0" disableUploadTimeout="true" enableLookups="false" keystoreFile="conf/.keystore" keystorePass="protect" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="443" scheme="https" secure="true" sslProtocol="TLS" allowTrace="true" />
WARNING: Modifying the 'server.xml' file in any way will place your install of Enforce in an unsupportable state and could render your server inoperable or unstable.