I have a client that gets error messages in the following format when his report contains errors. He want to turn the CAF security error messaging off. I looked online and found the following URL that says to go to Cognos Configuration and turn Enable CAF Validate to FALSE. This sounds good, but I have Enable CAF validation = True and I do not get hte CAF messages.
How do you turn the CAF security error messages off?
DPR-ERR-2082 An error has occurred. Please contact your administrator. The complete error has been logged by CAF with SecureErrorID:2014-12-02-16:40:26.478-#9
Disable CAF (Cognos Application Firewall) for more detailed error messages?
http://www-01.ibm.com/support/docview.wss?uid=swg21512998
It would be a bad idea to disable the CAF (Cognos Application Firewall). It helps protect your Cognos environment, from a security standpoint. It does not show error details to the user because that could, in theory, reveal information to someone trying to hack around the CAF.
If the client readily admits it is because his report has errors, he should give the SecureErrorID to his admin who can look up the detailed information in the log files. Perhaps it will reveal a pattern that can be used to avoid the problem in the first place.
The client is writing reports and getting lots of errors.. He does not want to ask his admin to look through the logs to realize that he has some syntax errors. None of my other clients have this feature (what ever it is turned on). How can he get the actual error message returned to him?
As far as I know, the logs is the only way. Someone can correct me if I am wrong.
For what it's worth, I almost never get these errors. Something unusual is going on, perhaps your client is going about something the wrong way. That is why I suggested asking at least one time. This may uncover something your client is doing that can be avoided in the future, thus eliminating the problem altogether.
Try this "How Cognos return the complete message instead of the CAF error..":
https://www-304.ibm.com/support/docview.wss?uid=swg21340537
There is a capability called 'View Detailed Errors', I usually make sure that all Authors have this capability. If the admin does not want to grant access to him, then he should be able to click the 'Validate' button and see the detailed error messages without having to contact the Admin.