Table of Contents
The security page evaluates five checks and provides fixes if check fails.
- Firewalld status
- InfoPage status
- Demo directory status
- Password encryption status
- ipAddressesAllowed status
Fixing Security Issues¶
Whether or not you elect to fix an issue is up to you.
To fix a security issue, simply click the “Fix Now” button as shown.
It’s important to limit the IPs that have access to your JRI instance to the database(s) being served.
The info page shows important information and should be disabled.
Clicking the Fix Now button will disable the page in your application.properties file.
The demo directory should be deleted in production environments.
Clicking the button will encrypt all un-encrypted passwords in your application.properties file.
Whenever a new password is added via a Data Source, you can encrypt via this location.
You may see an error displayed: ERROR StatusLogger No log4j2 configuration file found. Using default configuration… The error is due to configuration and does not effect encryption.
Restrict access to JRI based on IP address
Each time a Data Source password is added via the Data Source tab, you will see the status for password encryption change.
Please see https://github.com/daust/JasperReportsIntegration#security for additional information.