Security Monitor

Table of Contents

• Security Monitor
  • Overview
  • Checks
  • Fixing Security Issues
  • Firewalld
  • InfoPage
  • Demo Directory
  • Password Encryption
  • ipAddressesAllowed

Overview

Click the Security tab to open the Security Checks page.

This will open the screen below.

Checks

The security page evaluates five checks and provides fixes if check fails.

• Firewalld status
• InfoPage status
• Demo directory status
• Password encryption status
• ipAddressesAllowed status

Fixing Security Issues

Whether or not you elect to fix an issue is up to you.

To fix a security issue, simply click the “Fix Now” button as shown.

Firewalld

It’s important to limit the IPs that have access to your JRI instance to the database(s) being served.

InfoPage

The info page shows important information and should be disabled.

Clicking the Fix Now button will disable the page in your application.properties file.

Demo Directory

The demo directory should be deleted in production environments.

Password Encryption

Clicking the button will encrypt all un-encrypted passwords in your application.properties file.

Whenever a new password is added via a Data Source, you can encrypt via this location.

Note

You may see an error displayed: ERROR StatusLogger No log4j2 configuration file found. Using default configuration… The error is due to configuration and does not effect encryption.

ipAddressesAllowed

Restrict access to JRI based on IP address

Note

Each time a Data Source password is added via the Data Source tab, you will see the status for password encryption change.

Please see https://github.com/daust/JasperReportsIntegration#security for additional information.