By default, JasperReports Server displays stack traces in certain error messages. Stack traces reveal some information about the application, and security experts recommend that an application not display them.
The following setting turns off stack traces in error messages. However, more serious error messages still display Java exceptions without the stack trace.
Hiding Stack Trace Messages | ||
Configuration File | ||
.../WEB-INF/applicationContext-security-web.xml | ||
Property | Bean | Description |
showStacktrace | webAppSecurity | Set this value to false to prevent stack traces from appearing in error messages. |
Restart your application server or redeploy the JasperReports Server web app for this change to take effect.
Recommended Comments
There are no comments to display.