I see. In that case, if you no longer have access to the original
application, you could jar up the contents of the application repository
to re-create the original application and then use that to deploy to a
different domain.

On 8/7/2013 10:42 AM, Zhang,Jun wrote:
>
> Thank you Hong for your quick reply.
>
> The destination node belongs to different domain. How do I benefit
> from create-application-reference in that situation?
>
> Jun
>
> *From:*Hong Zhang [mailto:hong.hz.zhang@oracle.com]
> *Sent:* Wednesday, August 07, 2013 9:34 AM
> *To:* users@glassfish.java.net
> *Subject:* Re: How can I create a .war file from the deployed content
> on the disk?
>
> If the application is already deployed to domain, you can just use
> "asadmin create-application-reference" command to deploy the
> application on an additional target (standalone instance etc).
>
> On 8/7/2013 10:19 AM, Zhang,Jun wrote:
>
> So that I can deploy the .war on another node's standalone
> instance. Is it right and enough to use the content at
> nodes/nodename/instancename?
>
> Thank you!
>
> Jun
>

I was wondering if anyone has and idea what the plan is for JCACHE (JSR-107, JSR-347) support in Glassfish?

It's well documented that JCACHE missed JEE7, but the consensus seems to be that the project will be completed well before JEE8. Some distribution providers (such as Inifinispan) are already claiming support.

I can't seem to find any information on the subject of Glassfish's roadmap, however.

Firstly, where would the support come from? Would a Glassfish sub-project (e.g. Shoal) implement the API, or would it be a case of dropping in the reference implementation jars?

Secondly, has anyone tried it yet? If so, how was it configured?

Any information would be greatly appreciated.

I found a certification spreadsheet for V4 and it only lists Windows 7 and 8 as certified for Glassfish V4. Are those the only Windows platforms that it runs on? What about on W2003 32-bit?

Hello,

when I try to inject a request scoped cdi bean into a singleton startup ejb I get a ContextNotActiveException. I am not sure if this is a bug or if this is not supported. The specification says that request scope is active ...

"during any remote method invocation of any EJB, during any asynchronous method invocation of any EJB, during any call to an EJB timeout method and during message delivery to any EJB message-driven bean, and ... "

Our architecture uses a lot of ApplicationScoped Services that use RequestScoped EntityManager to make sure that the EntityManager is used in a thread safe way. Unfortunately I can not use all our services when my entry point is the singleton startup ejb.

Does anyone have a suggestion or opinion concerning the problem above.

Best regards
André

Is the SIP Servlet 1.1 JAR still available somewhere? With the advent of WebRTC, it's useful to have a simple SIP signaling agent integrated in the Java server.

MobiCents only claims to run on Tomcat and JBoss.

Hi. I installed GlassFish 4 (open source edition) on my computer. After I have imported my own SSL certificates (for my website) and re-generated bundled certificates (i.e. the 2 certificates with alias s1as and glassfish-instance), I found that I cannot login administration console. However, with the same username and password, I can use asadmin (the command-line tool) to manage my GlassFish. I tried to change administrator password with "asadmin change-admin-password" but it didn't solve the issue.

Do you have experience on this issue?

Thanks in advance.

Hello all... I need help with the upgrade of some classes
I'm facing an old Java Project that creates some custom Realms but depends on some Glassfish 2.1.1 libraries. I need to use this project on Glassfish 3.1 so I have to use an upgrade of those classes.
The libraries and classes involved are:

appserv-rt.jar:

com.sun.enterprise.security.LoginException
com.sun.enterprise.security.auth.realm.NoSuchRealmException
com.sun.enterprise.deployment.PrincipalImpl
com.sun.enterprise.iiop.security.GSSUPName
com.sun.enterprise.iiop.security.AnonCredential
com.sun.enterprise.security.AppservAccessController
com.sun.enterprise.security.SecurityContext
com.sun.enterprise.security.auth.login.PasswordCredential
com.sun.enterprise.security.auth.login.X509CertificateCredential
com.sun.enterprise.security.auth.login.ServerLoginCallbackHandler
com.sun.enterprise.security.auth.realm.Realm
com.sun.enterprise.security.auth.realm.certificate.CertificateRealm
com.sun.enterprise.security.audit.AuditManagerFactory
com.sun.enterprise.security.audit.AuditManager
com.sun.enterprise.security.ClientSecurityContext
com.sun.enterprise.appclient.AppContainer
com.sun.enterprise.security.auth.login.LoginCallbackHandler
com.sun.enterprise.server.ApplicationServer
com.sun.web.security.WebProgrammaticLogin
com.sun.enterprise.security.UsernamePasswordStore
com.sun.appserv.security.ProgrammaticLoginPermission
com.sun.enterprise.security.auth.realm.IASRealm
com.sun.enterprise.security.auth.realm.BadRealmException
com.sun.enterprise.security.auth.realm.NoSuchUserException
com.sun.enterprise.security.auth.realm.InvalidOperationException
com.sun.enterprise.deployment.Group
com.sun.web.security.PrincipalGroupFactory
com.sun.enterprise.security.auth.realm.file.FileRealm
com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
com.sun.enterprise.security.auth.realm.ldap.LDAPRealm
com.sun.enterprise.security.auth.realm.solaris.SolarisRealm
com.sun.appserv.security.AppservRealm
com.sun.enterprise.security.auth.realm.User

appserv-deployment-client.jar:

com.sun.enterprise.util.i18n.StringManager
com.sun.logging.LogDomains

Is there any Glassfish 3.1 equivalent classes for them? I found that i.e. com.sun.enterprise.security.LoginException and com.sun.enterprise.security.auth.login.common.LoginException have the same API.. can I use it?
thanks

I cross posted this to the Hibernate Validator forum here [1] but I think there's a good chance this is Glassfish specific. As that post says:

This maybe a WELD-Glassfish issue but I started seeing it when I added seam-validation to my project to support injecting CDI beans into ConstraintValidators. Glassfish 3.1.2 which implements EE6 uses Bean Validation 1.0 (Hibernate Validator 4.3.0 Final) which does not out of the bo support this. So to make the magic happen I added seam-validation 3.0.0 Final with the bundled seam-solder.jar. That all works great, however, on deployment I am seeing the following eception (see below).

Thoughts?

-Noah

Code:
[#|2013-08-09T16:51:03.752-0400|INFO|glassfish3.1.2|org.jboss.weld.ClassLoading|_ThreadID=43;_ThreadName=Thread-2;|WELD-000119 Not generating any bean definitions from org.jboss.logging.JBossLogManagerLogger because of underlying class loading error|#]

[#|2013-08-09T16:51:03.752-0400|INFO|glassfish3.1.2|org.jboss.weld.ClassLoading|_ThreadID=43;_ThreadName=Thread-2;|catching
org.jboss.weld.resources.spi.ResourceLoadingException: Error loading class org.jboss.logging.JBossLogManagerLogger
at org.jboss.weld.resources.ClassTransformer.loadClass(ClassTransformer.java:152)
at org.jboss.weld.bootstrap.BeanDeployer.addClass(BeanDeployer.java:86)
at org.jboss.weld.bootstrap.BeanDeployer.addClasses(BeanDeployer.java:115)
at org.jboss.weld.bootstrap.BeanDeployment.createBeans(BeanDeployment.java:171)
at org.jboss.weld.bootstrap.WeldBootstrap.deployBeans(WeldBootstrap.java:336)
at org.glassfish.weld.WeldDeployer.event(WeldDeployer.java:179)
at org.glassfish.kernel.event.EventsImpl.send(EventsImpl.java:128)
at org.glassfish.internal.data.ApplicationInfo.load(ApplicationInfo.java:277)
at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:460)
at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:240)
at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:389)
at com.sun.enterprise.v3.admin.CommandRunnerImpl$1.execute(CommandRunnerImpl.java:348)
at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:363)
at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1085)
at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1200(CommandRunnerImpl.java:95)
at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1291)
at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1259)
at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:461)
at com.sun.enterprise.v3.admin.AdminAdapter.service(AdminAdapter.java:212)
at com.sun.grizzly.tcp.http11.GrizzlyAdapter.service(GrizzlyAdapter.java:179)
at com.sun.enterprise.v3.server.HK2Dispatcher.dispath(HK2Dispatcher.java:117)
at com.sun.enterprise.v3.services.impl.ContainerMapper$Hk2DispatcherCallable.call(ContainerMapper.java:354)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:724)
Caused by: java.lang.NoClassDefFoundError: org/jboss/logmanager/Level
at java.lang.Class.getDeclaredFields0(Native Method)
at java.lang.Class.privateGetDeclaredFields(Class.java:2387)
at java.lang.Class.getDeclaredFields(Class.java:1796)
at org.jboss.weld.util.reflection.SecureReflections$4.work(SecureReflections.java:102)
at org.jboss.weld.util.reflection.SecureReflections$4.work(SecureReflections.java:99)
at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:52)
at org.jboss.weld.util.reflection.SecureReflectionAccess.runAndWrap(SecureReflectionAccess.java:63)
at org.jboss.weld.util.reflection.SecureReflections.getDeclaredFields(SecureReflections.java:99)
at org.jboss.weld.introspector.jlr.WeldClassImpl.(WeldClassImpl.java:153)
at org.jboss.weld.introspector.jlr.WeldClassImpl.of(WeldClassImpl.java:118)
at org.jboss.weld.resources.ClassTransformer$TransformTypeToWeldClass.apply(ClassTransformer.java:49)
at org.jboss.weld.resources.ClassTransformer$TransformTypeToWeldClass.apply(ClassTransformer.java:40)
at com.google.common.collect.ComputingConcurrentHashMap.compute(ComputingConcurrentHashMap.java:206)
at com.google.common.collect.ComputingConcurrentHashMap.apply(ComputingConcurrentHashMap.java:100)
at com.google.common.collect.MapMaker$ComputingMapAdapter.get(MapMaker.java:515)
at org.jboss.weld.resources.ClassTransformer.loadClass(ClassTransformer.java:149)
... 36 more
Caused by: java.lang.ClassNotFoundException: org.jboss.logmanager.Level
at org.glassfish.web.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1509)
at org.glassfish.web.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1359)
... 52 more
|#]

[1] - https://forum.hibernate.org/viewtopic.php?f=9&t=1028048

We recently upgraded galssfish from 2.1 to 3.1.2 and now we are facing this issue where body of the http request data that is being received at the application side is truncated at around 65kb.

Is there any setting which got changed or any nob i need to tune to get this thing up and running.

Hello,

I'm using GlassFish 3.1.2.2 and I'm developing on top of it our custom JACC implementation. I'm testing the implementation with the REST WS which is using mutual X509 certificate authentication. The problem I see is that my Policy.implies method is called twice per WS invocation. Once it's called from RealmAdapter preAuthenticateCheck:

at com.sun.enterprise.security.web.integration.WebSecurityManager.checkPermissionWithoutCache(WebSecurityManager.java:415)
at com.sun.enterprise.security.web.integration.WebSecurityManager.checkPermission(WebSecurityManager.java:349)
at com.sun.enterprise.security.web.integration.WebSecurityManager.hasResourcePermission(WebSecurityManager.java:484)
at com.sun.web.security.RealmAdapter.invokeWebSecurityManager(RealmAdapter.java:848)
at com.sun.web.security.RealmAdapter.preAuthenticateCheck(RealmAdapter.java:1242)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)

and second time it's called by RealmAdapter hasResourcePersmission:

at com.sun.enterprise.security.web.integration.WebSecurityManager.checkPermissionWithoutCache(WebSecurityManager.java:415)
at com.sun.enterprise.security.web.integration.WebSecurityManager.checkPermission(WebSecurityManager.java:349)
at com.sun.enterprise.security.web.integration.WebSecurityManager.hasResourcePermission(WebSecurityManager.java:484)
at com.sun.web.security.RealmAdapter.invokeWebSecurityManager(RealmAdapter.java:848)
at com.sun.web.security.RealmAdapter.hasResourcePermission(RealmAdapter.java:742)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:568)

the first invocation is actually done without providing any invocation principal info down to the Policy implies method so Policy returns false in this case (resource is protected). The second invocation provides all the principal info and the authorization code of the Policy may decide if to grand or refuse access based on it.

My question is: is there any way how to avoid the first call to implies which is not providing any principal info? I see in the code that:

1239 if (helper != null && helper.getServerAuthConfig() != null) {
1240 return Realm.AUTHENTICATE_NEEDED;
1241 }
1242 isGranted = invokeWebSecurityManager(
1243 request, response, constraints);

if I do have helper != null and if it provides this server auth config, then I may run without this "pre-" implies call. My question here is how to configure the server or the service itself in a way that this condition is met and preAuth returns Realm.AUTHENTICATE_NEEDED;

Thanks a lot!
Karel

On 8/13/13 2:03 PM, Oliver B. Fischer wrote:
> Yes, I download it as Maven dependency.
We do this and don't face that particular problem.

The transitive dependencies should be avoided though, it would prevent
any such issue.
See https://java.net/jira/browse/GLASSFISH-20427.

Which maven version are you using ? Can you share a small pom that
reproduces the issue on your end ?

Thanks,
Romain
>
> Am 13.08.13 13:52, schrieb Romain Grecourt:
>> On 8/13/13 1:41 PM, Oliver B. Fischer wrote:
>>> Hi,
>>>
>>> I download the Zip distribution of GlassFish via Maven. Currently the
>>> download fails because of a missing dependency to
>>>
>>> org.glassfish.main.jdbc:templates:distribution-fragment:4.0
>>>
>>> I haven't found it at the main Maven repository =>
>>>
>>> http://bit.ly/13xaeYa
>>>
>>> Might it be possible that someone forgot to upload this artifact?
>> How do you download it ? Via a dependency [1] in a pom, with
>> dependency:get, or some other way ?
>>
>> Thanks,
>> Romain
>>
>> [1]
>>
>> org.glassfish.main.distributions
>> glassfish
>> 4.0
>> zip
>>
>>>
>>> Bye,
>>>
>>> Oliver
>>>
>>

I am upgrading Glassfish 3.01 to 4.0. I did a typical install of Glassfish 4.0. Now want to run asupgrade.bat from the new home but I can not find it? Where do I get this program from?

Hi,

I am currently migrating a webapp which is currently running on a clustered GF-2.1.1 instance to a clustered GF-3.1 environment.
The application configures session-replication using the old-school sun-web.xml (attached) and specifies the distributeable-tag, yet session-replication doesn't seem to work.

As I am not an expert when it comes to application servers, I have troubles finding out who to blame ;)
Should in theory GF-3.1 accept the same configuration as GF-2.1 did?
If so, it would be really great if somebody could give the attached config files a short sight, maybe its something ovious which I overlooked.

Thank you in advance, Clemens

PS: The file-upload feature of the forum seems to be broken, so I uploaded the files to my private server (web.xml has been shortened):
http://93.83.133.214/web.xml
http://93.83.133.214/sun-web.xml

Does anybody know if it is possible to use the new eclipselink 2.5 (for the jpa 2.1-extensions) in a normal glassfish 3.1.2.2. I need this possibility both for a standalone-GF and also for an embedded GF (for the tests).

I would need to use the new jpa 2.1-features (fetch plan/entity graphs) in my production environment.
Switching to GF 4.0 ist no option at the moment.

At the moment i am successfull in changing the eclipselink-jars for the glassfish, but the new features are still not available. That is clear for me, because the PersistenceContext-Annotation returns an EntityManagerWrapper-Object, which ist from glassfish and not from eclipselink. So it is clear, that the new Methods are not known.

Any ides or hints?

Does somebody have done this change and has positive feedback?

Or is it NOT POSSIBILE to make JPA 2.1 available on a Glassfish 3.1.2.2?

thank you in advance, andy

I understand that multimode is not intended to be a scripting solution.

But I also understand that there is a limited amount of property
substitution available in the configuration system, and that multimode is
very convenient for sequencing asadmin commands.

I was wondering if I could for example provide some sort of placeholder for
my data source names that I create programmatically via asadmin. It would
be nice to just be able to say, here's a multimode file; run it to
configure the server. Right now I do it twice: in cmd and sh files.

Best,
Laird

--
http://about.me/lairdnelson

Hi,

In the glassfish-4 release notes the following document is mentioned under hard/software requirements: http://glassfish.java.net/docs/4.0/glassfish40cert-matrix.xls

Please use open formats when publishing information on the net, like PDF or ODT.

Regards

This morning on all of our GlassFish servers, when we try to go to the
admin console on port 4848, we're getting a redirect with the error
message in the subject (screenshot attached). I've already asked our
network guys to check if it's on our side, but I thought I'd ask here as
well: is anybody else seeing this?

--
Glenn Holmer
Weyco Group, Inc.
phone: 414-908-1809
fax: 414-908-1601

I am trying to use the REST interface to the admin features from a remote machine, but within a primitive environment where HTTPS is not going to be an option. I get the expected 403, "Remote access is not allowed" messages. Is there any way I can configure things so that I can do remote access but not use https?

Hi.
I'm running glassfish 4 ( b89 ) and I'm getting this exception when trying to deply my application ( EAR ).

Exception while deploying the app [superapp] : Exception [EclipseLink-7018] (Eclipse Persistence Services - 2.5.0.v20130507-3faac2b): org.eclipse.persistence.exceptions.ValidationException
Exception Description: File error.
Internal Exception: java.io.FileNotFoundException: /home/webdev/bin/glassfish/glassfish/domains/domain1/logs /superapp_dap-product_product-pu_createDDL.jdbc (No such file or directory)]]

I looked up the error code and found

ECLIPSELINK-07018: File error.
Cause: You should never encounter this problem. It happens when test cases are executed.
Action: Contact Oracle Support Services.

I don't know if this error code is the right one because it has a zero in front of it. Any help would be appreciated. Thanks.

Many of you must be aware of the Javadoc HTML frame injection
vulnerability identified as CVE-2013-1571 in the June 2013 Oracle Java
SE Critical Patch Update advisory [1]. This vulnerability could also
be exploited on maven.java.net server when browsing a Javadoc artifact
deployed on it.

To address this vulnerability on maven.java.net server, we have disabled
the archive browsing functionality (source, Javadoc etc.) for maven artifacts
deployed on the server.

We understand from our traffic analysis that a very small percentage of
the java.net users use this feature. If you need to browse artifacts,
you can download them and browse the source/Javadocs using your
favorite IDE (just as you would do from Maven central).

Please be aware, If you do download older Javadoc artifacts (with this vulnerability)
from this Maven repository to host on your web server, you need to re-generate
the API documentation using the latest Javadoc tool and replace the pages with
the re-generated Javadoc output.

- Administrators for maven.java.net

[1]
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847...