Stack Trace Visibility via JNDI lookup

by Bruce on June 7, 2010

We use a JNDI lookup to control whether a stack trace is visible. This allows us to have the stack trace visible in our development and test environments, but not in production. We have have maven deploy the correct catalina.properties according to your environment (which is outside the scope of this post). For example, in a test environment the catalina.properties.test would be deployed whereas the catalina.properties.prod would be deployed for production. There are other ways to accomplish turning stack traces on and off automatically according to your environment. Why not show the stack trace everywhere? Security, hide as much from a potential hacker (besides QA and the security team) as is possible.

applicationContext.xml

<jee:jndi-lookup jndi-name="ShowStackTrace" id="showStackTrace" />

context.xml
add this to the Container Resource element

<Environment name="ShowStackTrace" 
             type="java.lang.Boolean" 
            value="${screening.showStackTrace}" />

catalina.properties

screening.showStackTrace=false

and finally, have something like this in the jsp configured to display the exception…

<c:if test="${showStackTrace}">
    <div id="dev">
        <a href="#" id="exception-toggle">Show stack trace</a>
        <div id="exception" style="display:none;">
            <c:if test="${not empty exception}">
                <h3>${exception}</h3>
                <p>
                    <c:forEach items="${exception.stackTrace}" 
                                 var="trace">
                        ${trace}<br/>
                    </c:forEach>
                </p>
            </c:if>
        </div>
    </div>
</c:if>

Leave a Comment

Previous post:

Next post: