tags:

views:

117

answers:

2
Q: 

Turn off TRACE in GlassFish v2

I need to turn off TRACE to help close XST security vulnerabilities. I've been looking, nothing obvious so far. Any help?

A: 

set enableTrace to false in http-service

bmw0128  2009-12-03 23:18:00
+1  A: 

"set enableTrace to false in http-service" matches Jeanfrancois Arcand's answer. JFA's answer has the 'syntax'. You will need to make the change in the domain.xml file. That file is in the config directory of your domain. The path to that file is (typically) GFINSTALL/domains/domain1/config/domain.xml

vkraemer  2009-12-11 23:56:12

related questions

Can I connect to SQL Server using Windows Authentication from Java EE webapp?
Retrieve list of defined roles in java ee 5
Is the offical Sun Java EE tutorial the best way to learn how to make Java web apps?
Top reason not to use EJB 3.0 again?
JMS message receiver filtering by JMSCorrelationID
What is the default session timeout for a Java EE website?
Servlet for serving static content
Are EJB still alive ?
what is j2ee/jee?
EJB3 Transaction Propogation
Most important problem solved by EJB 3?
Which EJB 3 persisent provider should I use?
Hosting control panel with JEE Application Server support?
What is the best place to store a configuration file in a java web application (war) ?
Mixing EJB 2.x BMP entity beans with Hibernate 3.x
JEE SqlResultSetMapping Syntax problem?
Is there a simpler way to deploy to WebSphere?
Tomcat vs Weblogic JNDI Lookup
Any data-driven open source JEE5 EJB3+JSF Sample Project out there?
data 'security' with java and hibernate
JSF Lifecycle and Custom components
Are there any alternatives to Gigaspaces?
Are there any studies comparing JEE vs. .NET?
How can I override an EJB 3 session bean method with a generic argument - if possible at all?
What's your "best practice" for the first Java EE Spring project?