Good Morning!
In the report export process, it has been identified that the application is including the connection user and password in the exported files. This practice is a violation of the Brazilian General Law on Personal Data Protection (LGPD), as it exposes sensitive user information and poses a security risk.
In light of this, steps must be taken to ensure compliance with the LGPD. It is recommended that this information be encrypted or deleted from the export files so that end users do not have access to this sensitive data.
Attached is a printout illustrating the identified situation.
Should you require any further information or clarification, please feel free to contact us.
Sincerely
Report Export
-
- Posts: 53
- Joined: Mon May 30, 2022 7:35 pm
Report Export
- Attachments
-
- password.png (28.6 KiB) Viewed 7668 times
-
- Posts: 6245
- Joined: Tue Mar 20, 2018 5:34 am
Re: Report Export
Hello,
You can remove the connection string from the report and set it before the report rendering from the code.
Thank you.
You can remove the connection string from the report and set it before the report rendering from the code.
Thank you.
-
- Posts: 53
- Joined: Mon May 30, 2022 7:35 pm
Re: Report Export
Hello, good afternoon!
What connection string would that be?
Because when you export a report, it makes the connection to ElasticAPM. This library being impossible to mess with.
Sincerely
What connection string would that be?
Because when you export a report, it makes the connection to ElasticAPM. This library being impossible to mess with.
Sincerely
Re: Report Export
Hello.
You can clear connection string on save report & setup it before render.
You can clear connection string on save report & setup it before render.
Code: Select all
((StiSqlDatabase) report.getDictionary().getDatabases().get(0)).setConnectionString(value)