Advanced Security options

Hiding error stacks

By default, the DSS backend sends backend error stacks to logged-in users. This makes debugging and understanding easier.

This behavior can be disabled in the following way:

  • Stop DSS
./bin/dss stop
  • Edit the config/general-settings.json file
  • Locate the “security” top-level key in the JSON file. If it does not exist, create it as an empty JSON object
  • Within “security”, add or edit the following key : "hideErrorStacks" : true
  • Start DSS
./bin/dss start

Hiding version info

By default, the DSS backend sends DSS version information, even to non-logged in users

This behavior can be disabled in the following way:

  • Stop DSS
./bin/dss stop
  • Edit the config/general-settings.json file
  • Locate the “security” top-level key in the JSON file. If it does not exist, create it as an empty JSON object
  • Within “security”, add or edit the following key : "hideVersionStringsWhenNotLogged" : true
  • Start DSS
./bin/dss start

Example general-settings.json file

With the previous two options enabled, your general-settings.json could look like:

{
  "udr": true,
  "proxySettings": {
    "port": 0
  },
  "mailSettings": {},
  "maxRunningActivitiesPerJob": 5,
  "maxRunningActivities": 5,
  "ldapSettings": {
    "enabled": false,
    "useTls": false,
    "userFilter": "(\u0026(objectClass\u003dposixAccount)(uid\u003d{USERNAME}))",
    "displayNameAttribute": "cn",
    "emailAttribute": "mail",
    "enableGroups": true,
    "groupFilter": "(\u0026(objectClass\u003dposixGroup)(memberUid\u003d{USERNAME}))",
    "groupNameAttribute": "cn",
    "autoImportUsers": true
  },
  "computablesAvailabilityMode": "EXPOSED_ONLY",
  "globalCrossProjectBuildBehaviour": "STOP_AT_BOUNDARIES",
  "noLoginMode": false,
  "sessionsMaxTotalTimeHours": 0,
  "sessionsMaxIdleTimeHours": 0,
  "security" : {
    "hideVersionStringsWhenNotLogged" : true,
    "hideErrorStacks" : true,
    "secureCookies" : true
  }
}