It seems to be a regression. We had a bug :
http://java.net/jira/browse/GLASSFISH-16209 and it appears the fix for that does not take care of a particular situation which is happening in your setup (that is causing the ArrayIndexOutOfBoundsException).
Please file a bug we will fix it for the 3.1.2 release and the meantime we will let you know if there is any workaround that you can do.
On 17-Aug-2011, at 3:20 AM, Glenn Holmer wrote:
> We have an app that we've been running under GlassFish 3.0.1, and we
> want to run it under 3.1.1. We've been running GlassFish fronted by
> Apache, which handles SSL, and everything works OK. For 3.1.1, we used
> these commands in place of the "old way" of putting the Tomcat jars in
> GlassFish's lib/ directory:
>
> asadmin create-http-listener --listenerport 8009 --listeneraddress 0.0.0.0 --defaultvs server jk-listener
> asadmin set server-config.network-config.network-listeners.network-listener.jk-listener.jk-enabled=true
>
> We are not yet using clustering/load balancing, so we are using the
> default "server-config" configuration. Apache correctly forwards most
> pages to GlassFish, except those that are protected.
>
> In web.xml, we have this:
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>phoenix_auth</web-resource-name>
> <description>Phoenix security</description>
> <!-- the pages which will be protected: -->
> <url-pattern>/customers/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> <http-method>HEAD</http-method>
> <http-method>PUT</http-method>
> <http-method>OPTIONS</http-method>
> <http-method>TRACE</http-method>
> <http-method>DELETE</http-method>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
> This all worked fine under 3.0.1 (unless I forgot to write down a step
> re. how we configured it).
>
> But under 3.1.1, when I hit a page under /customers/, I get this:
>
> [#|2011-08-16T16:38:07.075-0500|INFO|glassfish3.1.1|javax.enterprise.system.core.security|_ThreadID=22;_ThreadName=Thread-2;|JACC P
> olicy Provider:Failed Permission Check: context (" phoenix-jee6/phoenix-jee6-war-bo_war ") , permission (" (javax.security.jacc.Web
> UserDataPermission /customers/checkout.html GET) ") |#]
>
> [#|2011-08-16T16:38:07.076-0500|SEVERE|glassfish3.1.1|org.apache.catalina.connector.CoyoteAdapter|_ThreadID=22;_ThreadName=Thread-2
> ;|PWC3989: An exception or error occurred in the container during the request processing
> java.lang.ArrayIndexOutOfBoundsException: 1
> at com.sun.web.security.RealmAdapter.getHostAndPort(RealmAdapter.java:971)
> at com.sun.web.security.RealmAdapter.redirect(RealmAdapter.java:1090)
> at com.sun.web.security.RealmAdapter.hasUserDataPermission(RealmAdapter.java:941)
> at com.sun.web.security.RealmAdapter.hasUserDataPermission(RealmAdapter.java:865)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:511)
>
> What have we done wrong? Is something different in 3.1.1, or did we just
> miss a step?
>
> --
> ____________________________________________________________
> Glenn Holmer gholmer_at_weycogroup.com
> Software Engineer phone: 414-908-1809
> Weyco Group, Inc. fax: 414-908-1601
>