How to explicitly block HTTP method PUT or DELETE from Tomcat used by catalog ?