Whenever Identity Server reports a 500 internal error due to an invalid input, the reason for failure is included in the response and visible on the browser.
This might cause a security issue as intruders can use this information to attack against Identity Server and ESP.
Configure the web.xml file for ESP as follows:
Open the web.xml file.
Update the file as follows:
<welcome-file-list> <welcome-file>index.html</welcome-file> </welcome-file-list> <error-page> <error-code>500</error-code> <location>/index.html</location> </error-page>
index.html can be any custom page. Similarly, you can configure web.xml for error-code 404 by adding one more <error-page> tag. For information about how to edit a file, see Modifying Configurations
in the NetIQ Access Manager 5.0 Administration Guide.