JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle GlassFish Server 3.0.1 Release Notes

Document Information

1.  Oracle GlassFish Server 3.0.1 Release Notes

Revision History

What's New in the Oracle GlassFish Server 3.0.1 Release?

Support for Java EE Profiles

Modular Design

Support for Extending GlassFish Server

Update Tool Integration

Support for Scripting Languages

Web Services Interoperability Technologies (WSIT) Support

Enhancements to the appclient Utility

EclipseLink Integration

Move of HTTP Service Settings to Network Service

Changes Related to Administrator Authentication

Changes Related to the asadmin Utility

Changes Related to File Layout

Changes Related to Ant Tasks and the asant Utility

Changes Related to domain.xml Validation

Changes Related to Applications

force Option

Applications and Generated Directory Layout

domain.xml application Element

Stricter JAR Visibility Rules

Application Client deploy --retrieve and get-client-stubs Commands

Hardware and Software Requirements

Supported Platforms

System Virtualization Support

Required Disk Space

Required Free Ports

Important Patch Information

Required JDK Version

Path Settings for the JDK Software

Supported JDBC Drivers and Databases

Supported Browsers

mod_jk Support

Known Issues

Expired Root CA for CN=GTE CyberTrust Root 5, OU=GTE CyberTrust Solutions, Inc. (17405426)

Description

Solution

To Delete the GTE CyberTrust Root 5 Certificate From the Truststore

[OWSM] Interop Metro-WLS:NPE WSSECURTIYTOKEN NULL for WSSE:SECURITYTOKENREFERENCE (Issue 9716247)

Description

Workaround

[JDK_Issue] SSLHandshakeException when using JDK1.6.0_20 (Issue 12041)

Description

Workaround

[JDK_Issue] Performance degradation caused by invoking setSoLinger or setReuseAddress (Issue 7109)

Description

Workaround

[JDK_Issue] IO exception: invalid argument during longevity test (Issue 7529)

Description

Workaround

[JDK_Issue] Richaccess: java.io.IOException: Invalid argument from doSelect (Issue 8573)

Description

Workaround

GlassFish Server 3.0.1 on HP-UX when using jdk 1.6.0.07 (Issue 12206)

Description

Workaround

GF b22 failed to startup with JRockit jrmc-4.0.0-1.6.0 (Issue 12265)

Description

Workaround

File permissions on domain /applications directory can cause NullProcessException (Issue 6545)

Description

Workaround

Windows installation log file is not readable (Issue 4881)

Description

Workaround

Uninstallation fails on Windows 7 because of missing JDK error (Issue 12093)

Description

Workaround

Access to statistics for new virtual servers requires server restart (Issues 6238 and 6422)

Description

Workaround

[Open Installer] Option -l to relocate log files ignored on Windows (Issue 10693)

Description

Workaround

Issues occur with ZIP distribution if UAC enabled on Windows Vista (Issue 10755)

Description

Workaround

Null pointer exception thrown from com.sun.xml.wss.NonceManager.getInstance (Issue 11138)

Description

Workaround

[Open Installer] Start menus not displayed and then empty on Windows Vista and Windows 2008 (Issue 5087)

Description

Workaround

When specj application is deployed, asadmin get --monitor=true "server.*" results in I/O error (Issue 11163)

Description

Workaround

Standalone Update Tool fails with segmentation fault on Solaris (Issue 11222)

Description

Workaround

Ruby applications deployed on context root don't work with Admin Console (Issue 10854)

Description

Workaround

Java EE 6 Managed Bean support not available in app clients launched using Java Web Start (Issue 11257)

Description

Workaround

Warning messages when invoking appclient script on Mac OS X with Apple Java implementation (Issue 8644)

Description

Workaround

Launching an app client can give ClassNotFound error for the client's main class (Issue 11181)

Description

Workaround

Change to log file location requires server restart to take effect (Issue 11142)

Description

Workaround

Unable to open installation log files using links on the Summary screen on Linux and Mac OS (Issue 6621)

Description

Workaround

updatetool command does not work if you reinstall into the same install directory on Windows (Issue 8233)

Description

Workaround

[Update Center] Non-user directory access fails (Update Center Issue 1583)

Description

Workaround.

Inline help and CLI man page list incorrect servlet version 2.4 in X-Powered-By (Issue 11011)

Description

Workaround

[Embedded] Deployment of application containing activation-1.1.jar fails when using uber-jar (Issue 11149)

Description

Workaround

create-service fails to create service without AS_ADMIN_USER in passwordfile on Solaris (Issue 11119)

Description

Workaround

[Monitoring] Extra monitoring view for connector-connection-pools not available (Issue 11256)

Description

Workaround

[EclipseLink] Issues with ElementCollections of embeddables (EclipseLink Issue 296606)

Description

Workaround

Virtual server started twice (Issue 11195)

Description

Workaround

Problems debugging JPA (Issue 11274)

Description

Workaround

EJB interop for remote EJBs broken when target EJB is on the same host (Issue 11152)

Description

Workaround

Cannot send JMS messages between systems (Issue 11254)

Description

Workaround

Windows system menu is empty (Issue 11239)

Description

Workaround

Embedded ACC overly strict on current thread context class loader (Issue 11427)

Description

Workaround

EJB Timer Service config issue for MySQL (Issue 11428)

Description

Workaround

deploy subcommand fails against secure server (Issue 11439)

Description

Workaround

Expired certificate in GlassFish Server truststore (Issue 6852796)

Description

Workaround

GlassFish V3 should allow multiple applications with the same context root (7002834)

Description

Solution

Install Directory of application server not known. Specify either the installDir attribute or the asinstall.dir property (14837)

Description

Solution

Disabling Trace Request on GlassFish 3.0.1 (12650799)

Description

Solution

Restrictions

Unsupported Options in asadmin Commands

No Support for Client VM on Windows AMD64

GlassFish Server Documentation Set

Features Available Only in the Full Platform Profile

Java EE 6 Standards

Java EE 6 SDK

How to Report Problems and Provide Feedback

Additional Resources

Third-Party Web Site References

Accessibility Features

Known Issues

This section describes known issues in Oracle GlassFish Server 3.0.1 and any available workarounds.

Expired Root CA for CN=GTE CyberTrust Root 5, OU=GTE CyberTrust Solutions, Inc. (17405426)

Description

During startup of a GlassFish Server instance, an expired certificate is reported in the instance's server.log log file as follows:

The "GTE CyberTrust Root 5" certificate expired on August 15th 2013 

The log file shows the validity of the certificate as follows:

Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
...
 Validity: [From: Fri Aug 14 15:50:00 BST 1998,
  To: Thu Aug 15 00:59:00 BST 2013]

Solution

The solution depends on whether the instance is configured to use a server SSL certificate that uses this certificate as part of its trust path.

To Delete the GTE CyberTrust Root 5 Certificate From the Truststore

  1. Back up the existing certificate database file in the domain's configuration directory.
    1. Change to the domain's config directory.
      prompt% cd domain-dir/config
    2. Copy the certificate database file cacerts.jks.
  2. Delete the gtecybertrust5ca certificate from the certificate database.
    prompt% keytool -delete -alias gtecybertrust5ca -keystore cacerts.jks

    When prompted, provide the master password of the domain.

  3. If additional domains are to be created from the existing GlassFish Server installation, delete the expired certificate from the template keystores.

    Deleting the expired certificate prevents the certificate from being propagated to new domains.

    1. Back up the existing template keystores.
      1. Change to the templates directory of your GlassFish Server installation.
        prompt% cd as-install/lib/install/templates
      2. Copy the cacerts.jks file.
    2. Delete the gtecybertrust5ca certificate from the template keystore.
      prompt% keytool -delete -alias gtecybertrust5ca -keystore cacerts.jks

      When prompted, provide the master password of the domain.

  4. Restart the domain and any GlassFish Server instances or clusters.

[OWSM] Interop Metro-WLS:NPE WSSECURTIYTOKEN NULL for WSSE:SECURITYTOKENREFERENCE (Issue 9716247)

Description

There is an issue with web services communication between GlassFish Server Metro and Oracle WebLogic Server when using the Oracle Web Services Manager (OWSM) wss11_saml_token_with_message_protection_service_policy policy.

Workaround

The fix for this problem is in Oracle WebLogic Server 11.1.1.4.0. See the Oracle WebLogic product page for more information.

[JDK_Issue] SSLHandshakeException when using JDK1.6.0_20 (Issue 12041)

Description

SSL renegotiation fails against JDK 1.6.0_20, but works with JDK1.6.0_18. An exception similar to the following is written to the system.log file:

[#|2010-05-25T13:57:34.512-0700|WARNING|glassfish3.0.1|com.sun.grizzly. \
config.GrizzlyServiceListener|_ThreadID=24;_ThreadName=Thread-1; \
|processorTask.exceptionSSLcert javax.net.ssl.SSLHandshakeException: \
renegotiation is not allowed

This is a known issue caused by the disabling of SSL renegotiation in JDK 6u19 and above. Previously, GlassFish Server was able to perform SSL renegotiation for client certificates through the default HTTPS port (8181). However, a security vulnerability with SSL renegotiation surfaced, and SSL renegotiation was disabled in JDK 6u19.

The security vulnerability was in the TLS protocol (TLS 1.0 or later and SSLv3), and it was discovered that this vulnerability may allow an unauthenticated, remote attacker to conduct man-in-the-middle (MITM) type of attacks, where plain text may be injected as a prefix in a user's TLS session. More details about this vulnerability are available at http://extendedsubset.com/?p=8.

An interim fix was made in JDK 6u19 that disables TLS/SSL renegotiation in the Java Secure Sockets Extension (JSSE) by default. This stops the MITM attack, but applications that require the TLS/SSL renegotiation will not work. The remaining and real fix for this will be done in JDK 6u22. For more information about this, see http://blogs.oracle.com/sunsecurity/.

Workaround

JDK 6u19 provides a new system property, called sun.security.ssl.allowUnsafeRenegotiation, that enables TLS/SSL renegotiation. For more information, see http://java.sun.com/javase/javaseforbusiness/docs/TLSReadme.html. Setting this property to true in GlassFish Server GlassFish enables the renegotiation. However, it also makes GlassFish Server once again vulnerable to MITM attack.

[JDK_Issue] Performance degradation caused by invoking setSoLinger or setReuseAddress (Issue 7109)

Description

When the setSoLinger method or the setReuseAddess method is invoked, performance is degraded and the following exception is thrown:

[#|2009-01-26T00:33:56.325-0800|WARNING|sun-appserver9.1|
javax.enterprise.system.container.web|_ThreadID=17;
_ThreadName=SelectorReaderThread-8084;
_RequestID=11ae0030-c392-4217-8408-cfa7efe0a879;|setSoLinger
exception
java.net.SocketException: Invalid argument

This issue is caused by an issue with the JDK software. This issue is resolved in JDK version 7.

For more information, see Issue report 7109.

Workaround

None.

[JDK_Issue] IO exception: invalid argument during longevity test (Issue 7529)

Description

During an HTTP longevity test, the following exception is thrown 42 hours into the run:

[#|2009-04-05T17:41:26.537-0700|SEVERE|glassfish|javax.enterprise.system.core|
_ThreadID=15;_ThreadName=Thread-1;|doSelect
exception
java.io.IOException: Invalid argument

The instance and application are still accessible during the run.

This issue is caused by an issue with the JDK software. This issue is resolved in JDK version 7.

For more information, see Issue report 7529.

Workaround

None.

[JDK_Issue] Richaccess: java.io.IOException: Invalid argument from doSelect (Issue 8573)

Description

The following exception is seen:

[#|2009-06-20T06:05:57.942-0700|SEVERE|glassfish|
com.sun.grizzly.config.GrizzlyServiceListener|
_ThreadID=21;_ThreadName=Thread-2;|doSelect
IOException
java.io.IOException: Invalid argument

This is a JDK issue, scheduled to be fixed in JDK 1.6.0_18.

For more information, see Issue report 8573.

Workaround

Increase the maximum number of file descriptors to 10000 or greater (the default on Solaris is 64000). Once JDK 1.6.0_18 becomes available, install it.

GlassFish Server 3.0.1 on HP-UX when using jdk 1.6.0.07 (Issue 12206)

Description

Additional configuration information is required when running GlassFish Server 3.0.1 on HP-UX using 64–bit JDK 1.6.0.07. Specifically, the -client option must be replaced with -d64 in the <jvm-options/> section in the domain.xml file.

Workaround

You can add the -d64 JVM option directly to the domain.xml file. Alternatively, you can use the as-install/bin/asadmin command to add and remove JVM options. In both cases, after making the changes, the GlassFish Server domain must be restarted.

To Change JVM Options Using the asadmin Command

  1. Start the GlassFish Server domain.
    as-install/bin/asadmin start-domain
  2. Delete the -client JVM option.
    as-install/bin/asadmin delete-jvm-options "-client"
  3. Create the -d64 JVM option.
    as-install/bin/asadmin create-jvm-options "-d64"
  4. Stop and restart the GlassFish Server domain.
    as-install/bin/asadmin stop-domain
    as-install/bin/asadmin start-domain

GF b22 failed to startup with JRockit jrmc-4.0.0-1.6.0 (Issue 12265)

Description

GlassFish Server fails to start with JRockit Mission Critical Console 4.0.0-1.6.0 (JDK 1.6.0_17). Errors similar to the following are displayed at domain startup:

./asadmin start-domain
Waiting for DAS to start .Error starting domain: domain1.
The server exited prematurely with exit code 1.
Before it died, it produced the following output:

[WARN ][jrockit] MaxPermSize=192m ignored: Not a valid option for JRockit
[WARN ][jrockit] NewRatio=2 ignored: Not a valid option for JRockit
Unknown option or illegal argument: -XX:+LogVMOutput.
Please check for incorrect spelling or review documentation of startup options.

Could not create the Java virtual machine.

Command start-domain failed.

Workaround

Comment out the following two jvm-options in the domain.xml file for the domain:

For example:

<!-- <jvm-options>-XX:+LogVMOutput</jvm-options> -->
<!-- <jvm-options>-XX:LogFile=${com.sun.aas.instanceRoot}/logs/jvm.log</jvm-options> -->

File permissions on domain /applications directory can cause NullProcessException (Issue 6545)

Description

If a domain's /applications directory restricts access, or if you use directory deployment from a restricted directory, the server cannot read the files in the expanded directory. A NullProcessException error occurs during deployment.

For more information, see Issue report 6545.

Workaround

Change the file access settings for such directories to grant the server permission to read the directory contents.

Windows installation log file is not readable (Issue 4881)

Description

The time-stamp-install.log file cannot be read, because all lines written to the file are concatenated into a single long string.

For more information, see Issue report 4881.

Workaround

Use a different editor, and manually open the installation log file created under the %TEMP% directory.

Uninstallation fails on Windows 7 because of missing JDK error (Issue 12093)

Description

Uninstallation of GlassFish Server may fail on Windows 7 systems because Windows cannot find the required JDK installation. The problem may occur when the Java binaries are not installed through a standard Java SDK installer.

Workaround

Explicitly specify the location of the Java binaries when running the GlassFish Server uninstall utility from the command line. For example:

uninstall.exe -j "C:\Program Files\Java\jre6"

Access to statistics for new virtual servers requires server restart (Issues 6238 and 6422)

Description

Monitoring statistics about newly added virtual servers are available only after the server is restarted.

For more information, see the reports for Issue 6238 and Issue 6422.

Workaround

After adding a virtual server, restart the server to view monitoring data for the virtual server.

[Open Installer] Option -l to relocate log files ignored on Windows (Issue 10693)

Description

Option -l to relocate log files is ignored when used with options -a and -s and the log files are created in the default location.

For more information, see Issue report 10693.

Workaround

None.

Issues occur with ZIP distribution if UAC enabled on Windows Vista (Issue 10755)

Description

Some features will not work well on Windows Vista with User Account Control (UAC) enabled. One example is the Administration Console, which cannot be launched.

For more information, see Issue report 10755.

Workaround

Disable UAC and reboot.

Null pointer exception thrown from com.sun.xml.wss.NonceManager.getInstance (Issue 11138)

Description

Testing a JAX-RPC web service, with GlassFish message security provider enabled, throws the following exception in the server logs:

[#|2009-11-23T11:16:58.375+0005|SEVERE|glassfishv3.0|
javax.enterprise.resource.webservices.rpc.server.http|_ThreadID=25;_
ThreadName=http-thread-pool-8080-(2);|caught
throwable
java.lang.RuntimeException: com.sun.enterprise.security.jauth.AuthException

The default value of the nonce property does not work.

For more information, see Issue report 11138.

Workaround

To use message security with JAX-RPC web services, disable the nonce property in the configuration. See the Issue report for the complete steps for the workaround.

[Open Installer] Start menus not displayed and then empty on Windows Vista and Windows 2008 (Issue 5087)

Description

The Start menu group for GlassFish Server is not displayed after installation is first completed. If you log out and then log back in, the menu group is displayed but it is empty.

For more information, see Issue report 5087.

Workaround

None.

When specj application is deployed, asadmin get --monitor=true "server.*" results in I/O error (Issue 11163)

Description

The command asadmin get -m "server.*" returns all monitoring data pertaining to that server. When many applications are deployed, the amount of data is quite large and could take a long time to return. The client might time out with the following client-side error:

./asadmin get --monitor=true "server.*"
I/O Error: Read timed out
Command get failed.

For more information, see Issue report 11163.

Workaround

Minimize the amount of data that is returned to the client.

  1. Run the asadmin list -m "server.*" command, which returns the top-level elements.

  2. Select the top-level element for which details are needed, and use this as a filter. For example:

    > ./asadmin list -m "server.*"
    ...
    server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-cache
    server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-methods
    server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-methods.
    create-int-int-[Lorg\.spec\.jappserver\.supplier\.helper\.ComponentOrder
    
    server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-methods.
    findByPrimaryKey-java\.lang\.Integer
    server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-methods.generateXml
    server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-methods.getEJBLocalHome
    ...
    
    >./asadmin get -m
    "server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-methods.*"
    ...
    server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-methods.remove.
    methodstatistic-name
    = MethodStatistic
    server.applications.SPECjAppServer.supplier\.jar.POEnt.bean-methods.remove.
    methodstatistic-starttime
    = 1259604209775
    ...

Standalone Update Tool fails with segmentation fault on Solaris (Issue 11222)

Description

The standalone Update Tool started with the updatetool command fails with a segmentation fault on Solaris when installing add-on components.

For more information, see Issue report 11222.

Workaround

Ensure that your system conforms to the standalone Update Tool patch requirements as defined in the Update Center Release Notes.

Update Tool functionality in the Administration Console uses a different Java-based Update Center API and is not affected by this issue.

Ruby applications deployed on context root don't work with Admin Console (Issue 10854)

Description

If a Ruby application is deployed at contextroot '/' and the Administration Console is then accessed, accessing the Ruby application produces a 404 error.

For more information, see Issue report 10854.

Workaround

None.

Java EE 6 Managed Bean support not available in app clients launched using Java Web Start (Issue 11257)

Description

When using Java Web Start to launch an application client, any managed beans in the application client will not be recognized.

For more information, see Issue report 11257.

Workaround

Launch the application client using the appclient script. Managed beans in the application client will be supported normally.

Warning messages when invoking appclient script on Mac OS X with Apple Java implementation (Issue 8644)

Description

When you invoke the appclient script on Mac OS X systems with Java from Apple installed, the following stack trace is seen twice (only the first few lines are shown here):

Intentionally suppressing recursive invocation exception!
java.lang.IllegalStateException: recursive invocation
    at java.lang.ClassLoader.initSystemClassLoader(ClassLoader.java:1394)
    at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:1377)
    at sun.security.jca.ProviderConfig$1.run(ProviderConfig.java:64)
...

For more information, see Issue report 8644.

Workaround

None needed.

Despite the warning messages, the client will be launched successfully and run normally. These errors are from an issue in the Apple Java implementation.

Launching an app client can give ClassNotFound error for the client's main class (Issue 11181)

Description

A problem occurs when all of the following are true:

Attempts to launch the application client fail with the following error because one file generated on the server is placed in the wrong server directory and overwrites another generated file:

java.lang.ClassNotFoundException:(main-class-for-the-client)

For more information, see Issue report 11181.

Workaround

Change the name of the application client so it is not myAppClient.jar; specifically:

  1. Edit myApp/META-INF/application.xml so that the declaration of the client is <java>myClient.jar</java>. Note that you can use any name other than myAppClient.jar.

  2. Rename the directory myApp/myAppClient_jar to myApp/myClient_jar. Note that the client's subdirectory name must be the same as the application client URI in the application.xml file, with the .jar replaced with _jar.

  3. Deploy the application:

    asadmin deploy --retrieve localdir myApp
  4. Run the application client:

    appclient -client localdir/myAppClient.jar

Change to log file location requires server restart to take effect (Issue 11142)

Description

Changes to server log values on the General tab of the Logger Settings page in the Administration Console do not immediately take effect.

For more information, see Issue report 11142.

Workaround

Restart the server. All changes to the values on this page require a server restart to take effect.

Unable to open installation log files using links on the Summary screen on Linux and Mac OS (Issue 6621)

Description

Installation log files cannot be opened by clicking the links on the Summary page that displays at the end of the installation process in the graphical installer.

For more information, see Issue report 6621.

Workaround

Access the files manually. The names of the installation log and summary files are timestamp-install.log and timestamp-install-summary.html. On Linux and Mac systems these files are generated under the $TMP directory.

updatetool command does not work if you reinstall into the same install directory on Windows (Issue 8233)

Description

If you reinstall GlassFish Server (with Update Tool) in the same installation directory with the same defaults and invoke Update Tool using the updatetool command, you receive a message saying that Update Tool is not installed and are asked if you want to install it. This occurs on Windows systems only.

For more information, see Issue report 8233.

Workaround

Following uninstallation, manually remove the remaining .org* directory before reinstalling.

[Update Center] Non-user directory access fails (Update Center Issue 1583)

Description

This issue occurs intermittently on Windows and Mac OS systems. pkg(5) does not work on certain systems at certain times.

For more information, see Update Center Issue 1583.

Workaround.

None.

Inline help and CLI man page list incorrect servlet version 2.4 in X-Powered-By (Issue 11011)

Description

The inline help and CLI man page list servlet 2.4 in the X-Powered-By field. The correct version is servlet 3.0.

For more information, see Issue report 11011.

Workaround

None.

[Embedded] Deployment of application containing activation-1.1.jar fails when using uber-jar (Issue 11149)

Description

When using embedded with glassfish-embedded-all-3.0-b73.jar, deployment fails with the following error:

SEVERE: WEB9051: Error trying to scan the classes at
/private/var/folders/CV/CVhj8DvqEwGK5bdJKK9TaE   TI/-Tmp-
/gfembed6991712842235699248tmp/applications/xwiki-enterprise-web-2.0/
WEB-INF/lib/activation-1.1.jar for annotations in which a 
ServletContainerInitializer has expressed interest
java.util.zip.ZipException: error in opening zip file

The issue occurs because embedded uses a folder with plus signs (+), and plus signs in a path are converted into space characters " " when the path is decoded.

For more information, see Issue report 11149.

Workaround

A system property has been added that enables you to place temporary directories. The property is glassfish.embedded.tmpdir and can be set so the temporary domain directory is not placed in the user directory.

create-service fails to create service without AS_ADMIN_USER in passwordfile on Solaris (Issue 11119)

Description

create-service fails to create service without AS_ADMIN_USER in passwordfile on Solaris.

For more information, see Issue report 11119.

Workaround

None.

[Monitoring] Extra monitoring view for connector-connection-pools not available (Issue 11256)

Description

GlassFish Server uses a tree structure to track monitorable objects. Within that tree, the following view is not available to obtain connection pool statistics:

server.connector-service.resource-adapter-name.connection-pool-name.* or server.jms-service.connection-factories.connection-factory-name.* (for jms-ra-related pools).

For more information, see Issue report 11256.

Workaround

Use the server.resources.* view to obtain the statistics.

For more information about Monitoring, see Chapter 8, Administering the Monitoring Service, in Oracle GlassFish Server 3.0.1 Administration Guide.

[EclipseLink] Issues with ElementCollections of embeddables (EclipseLink Issue 296606)

Description

With weaving enabled, updates on an element collection of embeddables can potentially throw a null pointer exception.

For more information, see EclipseLink Issue report 296606.

Workaround

Two workarounds are available:

  1. Add the annotation @ChangeTracking(DEFFERED) on the embeddable and set the property eclipselink.weaving.internal to false.

    or

  2. Set the following properties to false in persistence XML: eclipselink.weaving.changetracking and eclipselink.weaving.internal.

Virtual server started twice (Issue 11195)

Description

After starting the domain and accessing localhost:4848, the following messages are seen in the server log:

[#|2009-11-27T16:21:57.091+1100|INFO|glassfishv3.0|
javax.enterprise.system.container.web.com.sun.enterprise.web|
_ThreadID=20;_ThreadName=Thread-1;|Created
virtual server server|#]
[#|2009-11-27T16:21:57.091+1100|INFO|glassfishv3.0|
javax.enterprise.system.container.web.com.sun.enterprise.web|
_ThreadID=20;_ThreadName=Thread-20;|Created
virtual server server|#]

These messages give the impression that the virtual server, server, was started twice. This is not the case. Virtual servers are only started once, but messages are logged multiple times.

For more information, see Issue report 11195.

Workaround

None.

Problems debugging JPA (Issue 11274)

Description

Debugging JPA is difficult because of limited messages from the server.

For more information, see Issue report 11274.

Workaround

Add the property org.eclipse.persistence.session.level=INFO to the logging.properties file. You can then use the Administration Console to control EclipseLink loggers.

EJB interop for remote EJBs broken when target EJB is on the same host (Issue 11152)

Description

EJB interoperability for remote EJBs is broken when the target EJB is on the same host (another GlassFish Server domain or another GlassFish Server 3.0.1 instance).

For more information, see Issue report 11152.

Workaround

Set the following property in jvm-options:

-Dorg.glassfish.orb.iiop.orbserverid=:

Cannot send JMS messages between systems (Issue 11254)

Description

By default, the default host name for the JMS service on GlassFish Server is localhost. To access the JMS service from another system, however, you must change the host name. You can change it to either the actual host name or to 0.0.0.0.

For more information, see Issue report 11254.

Workaround

To make the change, do one of the following:

  1. Use the Administration Console: Expand the Configuration, Java Message Service, and JMS Hosts nodes, select default_JMS_host, and edit the Host field.

    or

  2. Use an asadmin subcommand such as the following:

    • asadmin set server-config.jms-service.jms-host.default_JMS_host.host="0.0.0.0"

    • asadmin set server-config.jms-service.jms-host.default_JMS_host.host="hostname"

Windows system menu is empty (Issue 11239)

Description

When GlassFish Server is installed using the graphical installer, the installation completes successfully but only the top-level GlassFish Server v3 entry is added in the Windows system menu, and it is empty. This issue occurs with both the localized and English installers.

For more information, see Issue report 11239.

Workaround

None.

Embedded ACC overly strict on current thread context class loader (Issue 11427)

Description

The ACC expects the current thread's context class loader to be an ACCClassLoader. This is overly restrictive. Although this condition is met for appclient script and Java Web Start launches, it might not be met for the embedded case. Other functions inside the ACC require the class loader to be a URLClassLoader (or an instance of a subclass of URLClassLoader), but the loader does not need to be an ACCClassLoader.

For more information, see Issue report 11427.

Workaround

Two workarounds are available:

  1. Set -Djava.system.class.loader=org.glassfish.appclient.client.acc.ACCClassLoader.

    or

  2. In your Java program, instantiate an ACCClassLoader and set it to be the current thread's context class loader using Thread.currentThread().setContextClassLoader before using the embedded ACC classes and interfaces.

EJB Timer Service config issue for MySQL (Issue 11428)

Description

Able to create and store EJB timer in MySQL as user, but when trying to configure EJB Timer Service for MySQL, get the following exception (SQLException executing statement):

"CREATE TABLE EJB__TIMER__TBL (TIMERID
VARCHAR(255) NOT NULL, BLOB BLOB(64000), INITIALEXPIRATIONRAW BIGINT, SCHEDULE
VARCHAR(255), INTERVALDURATION BIGINT, OWNERID VARCHAR(255), STATE INTEGER,
LASTEXPIRATIONRAW BIGINT, PKHASHCODE INTEGER, CREATIONTIMERAW BIGINT,
CONTAINERID BIGINT, PRIMARY KEY (TIMERID))":
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in
your SQL syntax; check the manual that corresponds to your MySQL server version
for the right syntax to use near 'BLOB BLOB(64000), INITIALEXPIRATIONRAW BIGINT,
SCHEDULE VARCHAR(255), INTERVALDU' at line 1|#]

For more information, see Issue report 11428.

Workaround

Make sure that the datasource-classname specified for the timer pool represents an XA DataSource.

MySQL-specific steps:

  1. Unpack glassfishv3/glassfish/lib/install/applications/ejb-timer-service-app.war.

  2. Add the following to WEB-INF/classes/__ejb_timer_mappings.xml after <persistence-unit-metadata>:

    <persistence-unit-defaults>
    <delimited-identifiers/>
    </persistence-unit-defaults>
  3. Repackage the WEB-INF/classes/__ejb_timer_mappings.xml file.

  4. (This step required only if the current installation has already used the EJB Timer Service.) Manually create the EJB__TIMER__TBL in the database using this create statement:

    CREATE TABLE `EJB__TIMER__TBL` (`TIMERID` VARCHAR(255) NOT NULL,
    `BLOB` BLOB(64000), `INITIALEXPIRATIONRAW` BIGINT, `SCHEDULE` VARCHAR(255),
    `INTERVALDURATION` BIGINT, `OWNERID` VARCHAR(255), `STATE` INTEGER,
    `LASTEXPIRATIONRAW` BIGINT, `PKHASHCODE` INTEGER, `CREATIONTIMERAW` BIGINT,
    `CONTAINERID` BIGINT, PRIMARY KEY (`TIMERID`))

deploy subcommand fails against secure server (Issue 11439)

Description

The deploy subcommand fails against a secure server unless the --secure option is used.

For more information, see Issue report 11439.

Workaround

Use the --secure option when issuing the deploy subcommand against a secure server.

Expired certificate in GlassFish Server truststore (Issue 6852796)

Description

One of the authority certificates in the GlassFish Server truststore expired on January 7, 2010. The certificate is cacerts.jks. An error message is generated on startup indicating that the certificate has expired:

Version: V1
  Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
  Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2

  Key:  SunPKCS11-Solaris RSA public key, 1000 bits (id 17891456, session object)
  modulus:
  public exponent:
  Validity: [From: Tue Nov 08 19:00:00 GMT-05:00 1994,
               To: Thu Jan 07 18:59:59 GMT-05:00 2010]
  Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
  SerialNumber: [    02ad667e 4e45fe5e 576f3c98 195eddc0]

For more information, see Issue report 6852796.

Workaround

The expired authority certificate was removed in update 18 of Java SE 6. It will also be removed from the GlassFish Server truststore in a future update.

You can ignore the error messages and use the update, or you can eliminate the error messages. To stop receiving the error messages, use keytool to remove the certificate from the GlassFish Server truststore:

=> cd domains/domainX/config
=> cp cacerts.jks cacerts.jks.save
=> keytool -delete -keystore cacerts.jks -alias verisignserverca
Enter keystore password:

To prevent the expired certificate from reappearing in subsequently created domains, the certificate should also be removed from the template truststore:

=> cd glassfish/lib/templates
=> cp cacerts.jks cacerts.jks.save
=> keytool -delete -keystore cacerts.jks -alias verisignserverca
Enter keystore password:

For more information about the keystore password, see the information about master passwords and keystores in Authentication in Oracle GlassFish Server 3.0.1 Administration Guide.

GlassFish V3 should allow multiple applications with the same context root (7002834)

Description

The Domain Administration Server (DAS) in versions of GlassFish Server prior to version 2.1.1 did not allow multiple applications to be deployed using the same web context root, even if those applications were targeted for different GlassFish Server instances.

This behavior was changed in GlassFish Server 2.1.1 and has been carried forward to version 3.0.1. The GlassFish Server DAS now supports the deployment of applications using the same context root as long as those applications are deployed to different GlassFish Server instances. However, this new DAS support is not sufficiently documented.

Solution

Web Module Deployment Guidelines in Oracle GlassFish Server 3.0.1 Application Deployment Guide states:

Context Root. When you deploy a web module, if you do not specify a context root, the default is the name of the WAR file without the .war extension. The web module context root must be unique within the server.

Similarly, endpoint-address-uri in Oracle GlassFish Server 3.0.1 Application Deployment Guide states:

For servlet endpoints, this value is relative to the web application context root. For EJB endpoints, the URI is relative to root of the web server (the first portion of the URI is a context root). The context root portion must not conflict with the context root of any web application deployed to the same web server.

While both statements are technically accurate, it is useful to add the following further clarification:

The DAS in GlassFish Server versions 2.1.1, 3.0.1, and later support the deployment of multiple web applications using the same web context root as long as those applications are deployed to different GlassFish Server instances. Deploying multiple applications using the same context root within a single GlassFish Server instance will produce a DAS error.

Install Directory of application server not known. Specify either the installDir attribute or the asinstall.dir property (14837)

Description

The reference information and examples in The sun-appserv-deploy Task in Oracle GlassFish Server 3.0.1 Application Development Guide refer to an asinstalldir attribute, which is incorrect. In addition, the error message string returned by the sun-appserv-deploy Ant task incorrectly states, “Sepcify either the installDir attribute or the asinstall.dir property.”

Solution

Note the following corrections:

Disabling Trace Request on GlassFish 3.0.1 (12650799)

Description

If you apply patch-03 to GlassFish Server 3.0.1 and use the same domain configuration, the trace-enabled attribute is reset to its internal default value of true. This creates a security vulnerability in which some normally secure information is available without the administrator username and password.

Solution

Set the trace-enabled attribute to false. The syntax of the set(1) command is as follows:

asadmin> set config-name.network-config.protocols.protocol.protocol-name.http.trace-enabled="false"

For example:

asadmin> set c1-config.network-config.protocols.protocol.http-1.http.trace-enabled="false"