I've been learning Java for about a month now, and not very familiar with a client/server situation like this one.
Basically I ran into a situation where our client java software (GUI) displayed a nullpointerexception popup but no stack trace on the client side. Someone had to go check the server side for the stack trace.
My question is, shouldn't the client side receive this precious information as well? Are situations like that ok, the rationale being one only needs one copy of the stack trace?
Not really. It is not recommended to show the way your app works from behind to the client. Mainly for security reasons. Your stacktrace shows all the objects being called, methods and if compiled with debug info, even lines. That's too much information for the client, it is ok to have it on the server.
This among SQL injection, Cross side script and others that I cannot remember, improper exception handling is a security vulnerability.
EDIT:
Here are other vulnerabilities ( although I don't see this one listed :( )
http://en.wikipedia.org/wiki/Vulnerability_(computing)
The client only needs to know hat it needs to know.
In alot of cases it perfectly fine to not show any stacktraces on your client.
Your users should get clear error messages but dont care about a stacktrace.
For debugging purposes a stacktrace is generally lost anyway, application gives errors, users restart it and gone is any excpetion, so if you need to know the errors use a logging framework.
Related
I am trying to elaborate SIP messages coming to an Asterisk server and edit them on the fly using Java.
AMI is supposed to work fine with that. Although I can't send any SIP messages though the socket, cause every-time I tried to edit chan_sip.c the server breaks down. So I haven't find a way to access this information from other classes of the manager. I don't want to save those information to a file or database cause this will delay the whole process.
Using Kamailio is not an option cause I want to make a comparison of both solutions so I need Asterisk.
Is there any path I should follow to get this done? I can't figure why editing chan_sip.c bothers Asterisk making him nonfunctional..
Seams like no way with your qualification. Task seams really complex for me(i have more then 10 years experience, including asteirsk internal and c/c++ programming).Try do that using dialplan only
Edited note: FYI, application extensively muti-threaded based desgined so may be something wrong in code. I need some time to trace code and get back in details.
thanks.
I am working on a java ee web application in NetBeans. I am trying to debug the behavior of the application but the behavior I'm seeing is confusing.
I am running the application through NetBeans in Tomcat. Within NetBeans, I select "Debug" from the root of the Project Tree and I can send one request to the application I've written. Breakpoints are hit and I get unique results from the application.
However, every subsequent time I try to send a request to my application, I get the exact same incorrect result (even if I clear the cache on Chrome) and the Netbeans IDE doesn't stop at any of the defined breakpoints. Is this to be expected? Does a Servlet get mangled in memory once it runs through the debugger once? Do I need to stop and restart/reattach the NetBeans debugger every time I want to debug the application? Is there something I'm doing wrong when using the debugger? Does this indicate a problem with the code I've written in my Servlet?
Thanks,
Jason Mazzotta
rjsang's point on the cache might be valid, and is worth investigating.
However, it might also be that something is breaking earlier than you expect, causing you to never even reach the break pointed lines.
I would suggest:
Look into liberally sprinkling your code with debug logging statements (using a good logging framework such as Log4J with SLF4j)
Throw more breakpoints at the problem - start with the very first line you expect to be hit from your request. And the go even higher/earlier, if possible.
Tail that Tomcat log (catalina.out) - you might spot something catastrophic happening there.
Good luck.
Hí,
I'm doing my second App, and The second one is a little bit complex, it's backup tool.
In some devices works perfect in others not.
I would like if is there a way to do my own Exceptions catcher to my server or log cats or smth, and receive them, and known if my app needs some fix or not etc.
Greetens and thanks
David
As pointed out, you can use ACRA. The site states:
Acra catches exceptions, retrieves lots of context data and send them
to the backend of your choice.
and that is what you seem to need. The Quick Setup Guide is there on the homepage itself.
You can also look into BugSense which you can use as a back end for your ACRA.
If you are using ACRA, you can use BugSense as your backend.
The only change you need to do is specify in formUri BugSense's url
and your API key:
#ReportsCrashes(formUri =
"http://www.bugsense.com/api/acra?api_key=YOUR_API_KEY", formKey="")
I'm currently maintaining a Desktop Java application that has a small to medium user base. I often get some pretty useless mails saying that "something went wrong" and I'm left digging through the source code, often unable to reproduce the problem.
Now I'm wondering if there is a library that would allow me to collect Exceptions when they happen, present a small dialog to the users and if/when they agree, post the stack trace to my webserver. Basically what I'm looking for is something similar to Application Crash Report for Android (ACRA), but for desktop Java applications.
If you are using SLF4J and Logback, you can configure an appender to send detailed error reports to a Ctrlflow Automated Error Reporting server (which offers filtering and aggregation of incoming reports + dashboards + email digest). This blog post has all the information on how to configure Logback accordingly.
If you want to present your user with a confirmation dialog first, you may have to extend the existing appender, though – unless your “Desktop Java application” is an “Eclipse Rich Client Platform applications.” In that case the work has already been done for you. See this webinar for more information.