In the case of unexpected errors, most application servers show a default error page. This default error page mostly contains information such as stack traces. Showing full stack traces in a production environment is regarded as a security risk. To avoid this vulnerability, you can configure your own error pages in the web.xml file of your web application. For your convenience, the product contains a ready-to-use error handling servlet. The following example shows how to configure this servlet in the web.xml file:

<servlet id="DefaultErrorHandler">
         <servlet-name>DefaultErrorHandler</servlet-name>
         <servlet-class>com.softwareag.cis.server.DefaultErrorServlet</servlet-class>
</servlet>
 
<servlet-mapping>
     <servlet-name>DefaultErrorHandler</servlet-name>
     <url-pattern>/DefaultErrorHandler</url-pattern>
</servlet-mapping>
 
<error-page>
      <exception-type>java.lang.Throwable</exception-type >
      <location>/DefaultErrorHandler</location>
</error-page>

The following is a sample error page that has been generated by the com.softwareag.cis.server.DefaultErrorServlet:

As an alternative to this default error handling servlet, you can add your own error handling servlets and/or error pages.