I'm trying to deploy a web application to NetWeaver 6.40 patch 102141.313 -- this is the latest free trial version.
The web application has a servlet, and that servlet has 2 distinct mappings.
One of the mappings is a protected web resource, the other is not.
When I try to go to the protected mapping, I get a 500 HTTP status. The cause is a StringArrayOutOfBounds error.
User Guest, IP address
Cannot check HTTP request for mapped servlets and filters. HTTP error [500 Internal Server Error] will be returned.
java.lang.StringIndexOutOfBoundsException: String index out of range: 27
at java.lang.String.charAt(String.java:444)
at com.sap.engine.services.servlets_jsp.server.runtime.context.SessionServletContext.findMapping(SessionServletContext.java:813)
at com.sap.engine.services.servlets_jsp.server.runtime.context.SessionServletContext.checkUser(SessionServletContext.java:252)
at com.sap.engine.services.servlets_jsp.server.runtime.context.ApplicationContext.checkMap(ApplicationContext.java:417)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.checkRequest(HttpHandlerImpl.java:68)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:826)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
The following web.xml will reproduce the problem if you just create a single hello.jsp to go with it.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<web-app>
<display-name>test</display-name>
<servlet>
<servlet-name>hello</servlet-name>
<display-name>hello</display-name>
<jsp-file>/hello.jsp</jsp-file>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>hello</servlet-name>
<url-pattern>/a/hello/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>hello</servlet-name>
<url-pattern>/b/hello/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>60</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>testSecurityZone</web-resource-name>
<url-pattern>/a/hello/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<description>Role required</description>
<role-name>Guest</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name></realm-name>
</login-config>
<security-role>
<description>A Role or all authenticated users</description>
<role-name>Guest</role-name>
</security-role>
</web-app>
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.