jdbc realm FINE: [Web-Security] hasResource isGranted: false

Hello , I have a problem with JDBCREALM
the authentification pass correctly , but i'get an acces denied
user:M1
role : admin
group g_admin
this is my server.log :

FINE: [Web-Security] Setting Policy Context ID: old = null ctxID = realmtest/realmtest
FINE: [Web-Security] hasUserDataPermission perm: ("javax.security.jacc.WebUserDataPermission""/admin/j_security_check""POST")
FINE: [Web-Security] hasUserDataPermission isGranted: true
FINEST: Processing login with credentials of type: class com.sun.enterprise.security.auth.login.common.PasswordCredential
FINE: Logging in user [M1] into realm: myRealm using JAAS module: jdbcRealm
FINE: Login module initialized: class com.sun.enterprise.security.auth.login.JDBCLoginModule
SEVERE: SEC1112: Cannot validate user [M1] for JDBC realm.
FINE: Cannot validate user
java.lang.ArrayIndexOutOfBoundsException: 64
at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.isUserValid(JDBCRealm.java:444)
at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.authenticate(JDBCRealm.java:330)
at com.sun.enterprise.security.auth.login.JDBCLoginModule.authenticate(JDBCLoginModule.java:76)
at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:117)
at com.sun.appserv.security.AppservPasswordLoginModule.login(AppservPasswordLoginModule.java:143)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:382)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:240)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:153)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:514)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:455)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:268)
at org.apache.catalina.authenticator.AuthenticatorBase.processSecurityCheck(AuthenticatorBase.java:911)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:546)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:623)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)

FINEST: JDBC login succeeded for: M1 groups:[g_admin ]
FINE: JAAS login complete.
FINE: JAAS authentication committed.
FINE: Password login succeeded for : M1
FINE: Set security context as user: M1
FINE: [Web-Security] Setting Policy Context ID: old = null ctxID = realmtest/realmtest
FINE: [Web-Security] hasUserDataPermission perm: ("javax.security.jacc.WebUserDataPermission""/admin/adminpage.xhtml""GET")
FINE: [Web-Security] hasUserDataPermission isGranted: true
FINE: [Web-Security] Policy Context ID was: realmtest/realmtest
FINE: [Web-Security] Codesource with Web URL: file:/realmtest/realmtest
FINE: [Web-Security] Checking Web Permission with Principals : null
FINE: [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission""/admin/adminpage.xhtml""GET")
FINEST: JACC Policy Provider: PolicyWrapper.implies, context (realmtest/realmtest)- result was(false) permission (("javax.security.jacc.WebResourcePermission""/admin/adminpage.xhtml""GET"))
FINE: [Web-Security] hasResource isGranted: false
FINE: [Web-Security] hasResource perm: ("javax.security.jacc.WebResourcePermission""/admin/adminpage.xhtml""GET")
FINE: [Web-Security] Policy Context ID was: realmtest/realmtest
FINE: [Web-Security] Generating a protection domain for Permission check.
FINE: [Web-Security] Checking with Principal : M1
FINE: [Web-Security] Checking with Principal : g_admin
FINE: [Web-Security] Codesource with Web URL: file:/realmtest/realmtest
FINE: [Web-Security] Checking Web Permission with Principals : M1, g_admin
FINE: [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission""/admin/adminpage.xhtml""GET")
FINEST: JACC Policy Provider: PolicyWrapper.implies, context (realmtest/realmtest)- result was(false) permission (("javax.security.jacc.WebResourcePermission""/admin/adminpage.xhtml""GET"))
FINE: [Web-Security] hasResource isGranted: false
FINE: [Web-Security] hasResource perm: ("javax.security.jacc.WebResourcePermission""/admin/adminpage.xhtml""GET")

thank you for help