Hi all,
I have 3 small questions. Ok, maybe the middle one is a medium question.
1)
In this line from our server log, what does the "ABC/ABC" context
mean? Our application is called ABC (hypothetically), but it's
deployed at / so am curious about the format of the context.
[#|2012-06-14T00:42:32.624-0700|INFO|glassfish3.1.2|javax.enterprise.system.core.security|_ThreadID=32;_ThreadName=Thread-2;|JACC
Policy Provider:Failed Permission Check: context ("
PPCDConsole/PPCDConsole ") , permission ("
(javax.security.jacc.WebUserDataPermission
/nice%20ports%2C/Tri%6Eity.txt%2ebak GET) ") |#]
Yes, we're protecting /* with
<transport-guarantee>CONFIDENTIAL</transport-guarantee>, thus the
message.
2)
The above request is one of hundreds or thousands that are obviously
intrusion attempts. If I detect these, is there any way at the
container level to block requests from the IP address (obtained
through HttpServletRequest#getRemoteAddr), or would I have to do that
manually at the servlet/filter/etc level? I know that doesn't do much
for security, but it could cut down on the noise in the logs.
3)
Want me to file a bug for the following? It's in the log right after
the above entry.
[#|2012-06-14T00:42:32.624-0700|SEVERE|glassfish3.1.2|org.apache.catalina.connector.CoyoteAdapter|_ThreadID=32;_ThreadName=Thread-2;|PWC3989:
An exception or error occurred in the container during the request
processing
java.util.MissingResourceException: Can't find resource for bundle
java.util.PropertyResourceBundle, key missing_http_header.host
at java.util.ResourceBundle.getObject(ResourceBundle.java:402)
at java.util.ResourceBundle.getString(ResourceBundle.java:362)
at com.sun.web.security.RealmAdapter.getHostAndPort(RealmAdapter.java:973)
at com.sun.web.security.RealmAdapter.redirect(RealmAdapter.java:1097)
at com.sun.web.security.RealmAdapter.hasUserDataPermission(RealmAdapter.java:945)
at com.sun.web.security.RealmAdapter.hasUserDataPermission(RealmAdapter.java:869)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:511)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:623)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:679)
|#]
Thanks,
Bobby