From: Shing Wai Chan <shing.wai.chan_at_oracle.com>
Date: Thu, 14 Jun 2012 12:56:10 -0700

On 6/14/12 7:35 AM, Bobby Bissett wrote:
> Hi all,
>
> I have 3 small questions. Ok, maybe the middle one is a medium question.
>
> 1)
> In this line from our server log, what does the "ABC/ABC" context
> mean? Our application is called ABC (hypothetically), but it's
> deployed at / so am curious about the format of the context.
According to my understanding, it is <app name>/<context-root>.
>
> [#|2012-06-14T00:42:32.624-0700|INFO|glassfish3.1.2|javax.enterprise.system.core.security|_ThreadID=32;_ThreadName=Thread-2;|JACC
> Policy Provider:Failed Permission Check: context ("
> PPCDConsole/PPCDConsole ") , permission ("
> (javax.security.jacc.WebUserDataPermission
> /nice%20ports%2C/Tri%6Eity.txt%2ebak GET) ") |#]
>
> Yes, we're protecting /* with
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>, thus the
> message.
>
> 2)
> The above request is one of hundreds or thousands that are obviously
> intrusion attempts. If I detect these, is there any way at the
> container level to block requests from the IP address (obtained
> through HttpServletRequest#getRemoteAddr), or would I have to do that
> manually at the servlet/filter/etc level? I know that doesn't do much
> for security, but it could cut down on the noise in the logs.
You can try to use RemoteAddrValve.
>
> 3)
> Want me to file a bug for the following? It's in the log right after
> the above entry.
>
> [#|2012-06-14T00:42:32.624-0700|SEVERE|glassfish3.1.2|org.apache.catalina.connector.CoyoteAdapter|_ThreadID=32;_ThreadName=Thread-2;|PWC3989:
> An exception or error occurred in the container during the request
> processing
> java.util.MissingResourceException: Can't find resource for bundle
> java.util.PropertyResourceBundle, key missing_http_header.host
> at java.util.ResourceBundle.getObject(ResourceBundle.java:402)
> at java.util.ResourceBundle.getString(ResourceBundle.java:362)
> at com.sun.web.security.RealmAdapter.getHostAndPort(RealmAdapter.java:973)
> at com.sun.web.security.RealmAdapter.redirect(RealmAdapter.java:1097)
> at com.sun.web.security.RealmAdapter.hasUserDataPermission(RealmAdapter.java:945)
> at com.sun.web.security.RealmAdapter.hasUserDataPermission(RealmAdapter.java:869)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:511)
> at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:623)
> at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
> at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
> at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
> at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
> at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)
> at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)
> at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)
> at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)
> at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
> at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
> at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
> at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
> at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
> at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
> at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
> at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
> at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
> at java.lang.Thread.run(Thread.java:679)
> |#]
File an issue to security.
>
> Thanks,
> Bobby