Hiding Stack Trace Messages

By default, JasperReports Server displays stack traces in certain error messages. Stack traces reveal some information about the application, and security experts recommend that an application not display them.

The following setting turns off stack traces in error messages. However, more serious error messages still display Java exceptions without the stack trace.

Hiding Stack Trace Messages

Configuration File

.../WEB-INF/applicationContext-security-web.xml

Property

Bean

Description

showStacktrace
Message

webAppSecurity
Filter

Set this value to false to prevent stack traces from appearing in error messages.

Restart your application server or redeploy the JasperReports Server web app for this change to take effect.

Version: 
Feedback
randomness