Matthew,
Looks like a little bug on solr. In jetty 9.1.something we changed the definition of the webdefault.xml file to avoid the "Uncovered http methods" warning. This is related to the security-constraint for the TRACE method. We used to have:
<security-constraint>
<web-resource-collection>
<web-resource-name>Disable TRACE</web-resource-name>
<url-pattern>/</url-pattern>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint/>
</security-constraint>
Which meant that according to the servlet spec there were indeed uncovered methods.
<security-constraint>
<web-resource-collection>
<web-resource-name>Disable TRACE</web-resource-name>
<url-pattern>/</url-pattern>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint/>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Enable everything but TRACE</web-resource-name>
<url-pattern>/</url-pattern>
<http-method-omission>TRACE</http-method-omission>
</web-resource-collection>
</security-constraint>
However, I notice that solr has the old definition in their etc/webdefault.xml file, and they have chosen to add the extra definition only to the web.xml file of their solr-webapp.
So the easiest thing for you to do is:
1. copy the extra security-constraint into the etc/webdefault.xml file so it applies to all webapps
2. let solr know :)
cheers
Jan