erro_java.lang.IndexOutOfBoundsException: Index: 0, Size: 0

Estou dsenvolvendo uma aplicação utilizando o eclipse + jsf 2.0 + spring + hibernate e toda vez que vou fazerum operação no banco ele me retorna este erro.

An Error Occurred:
Index: 0, Size: 0
ava.lang.IndexOutOfBoundsException: Index: 0, Size: 0
at java.util.ArrayList.RangeCheck(ArrayList.java:547)
at java.util.ArrayList.get(ArrayList.java:322)
at javax.faces.component.AttachedObjectListHolder.restoreState(AttachedObjectListHolder.java:165)
at javax.faces.component.UIComponentBase.restoreState(UIComponentBase.java:1432)
at com.sun.faces.application.view.StateManagementStrategyImpl$1.visit(StateManagementStrategyImpl.java:265)
at com.sun.faces.component.visit.FullVisitContext.invokeVisitCallback(FullVisitContext.java:151)
at javax.faces.component.UIComponent.visitTree(UIComponent.java:1485)
at javax.faces.component.UIComponent.visitTree(UIComponent.java:1496)
at com.sun.faces.component.visit.VisitUtils.doFullNonIteratingVisit(VisitUtils.java:75)
at com.sun.faces.application.view.StateManagementStrategyImpl.restoreView(StateManagementStrategyImpl.java:257)
at com.sun.faces.application.StateManagerImpl.restoreView(StateManagerImpl.java:181)
at com.sun.faces.application.view.ViewHandlingStrategy.restoreView(ViewHandlingStrategy.java:123)
at com.sun.faces.application.view.FaceletViewHandlingStrategy.restoreView(FaceletViewHandlingStrategy.java:448)
at com.sun.faces.application.view.MultiViewHandler.restoreView(MultiViewHandler.java:148)
at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:187)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:111)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:508)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at financeiro.web.filter.ConexaoHibernateFilter.doFilter(ConexaoHibernateFilter.java:14)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:369)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:112)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:168)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:291)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:662)

poste seu bean, mostrando a parte que acessa o banco

Meu bean
package financeiro.web;

import java.util.Calendar;

import javax.faces.application.FacesMessage;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.RequestScoped;
import javax.faces.context.FacesContext;
import java.util.List;

import financeiro.usuario.Usuario;
import financeiro.usuario.UsuarioRN;

//o bean é uma classe java qie fica entre a pagina web as classes java normal, ou as operações realizadas.
@ManagedBean(name=“usuarioBean”)
@RequestScoped
public class UsuarioBean {
private Usuario usuario = new Usuario();
private String confirmarSenha;
private List lista;
private String destinoSalvar;

public Usuario getUsuario() {
	return usuario;
}
public void setUsuario(Usuario usuario) {
	this.usuario = usuario;
}	
public String getConfirmarSenha() {
	return confirmarSenha;
}
public void setConfirmarSenha(String confirmarSenha) {
	this.confirmarSenha = confirmarSenha;
}


public String getDestinoSalvar() {
	return destinoSalvar;
}
public void setDestinoSalvar(String destinoSalvar) {
	this.destinoSalvar = destinoSalvar;
}
public String novo(){
	this.destinoSalvar = "usuarioSucesso";
	this.usuario = new Usuario();
	this.usuario.setAtivo(true);
	return "usuario";
}

public String editar(){
	this.confirmarSenha = this.usuario.getSenha();
	return "/publico/usuario";
}
public String salvar(){
	FacesContext context= FacesContext.getCurrentInstance();
	
	String senha = this.usuario.getSenha();
	if(!senha.equals(this.confirmarSenha)){
		FacesMessage facesMessage = new FacesMessage("A senha não foi confirmada corretamente");
		context.addMessage(null,facesMessage);
		return null;
	}
	UsuarioRN usuarioRN = new UsuarioRN();
	usuarioRN.salvar(usuario);
	
	return this.destinoSalvar;
}
public String excluir(){
	UsuarioRN usuarioRN = new UsuarioRN();
	usuarioRN.excluir(this.usuario);
	this.lista = null;
	return null;
}
public String ativar(){
	if(this.usuario.isAtivo())
		this.usuario.setAtivo(false);
	else
		this.usuario.setAtivo(true);		
	UsuarioRN usuarioRN = new UsuarioRN();
	usuarioRN.salvar(this.usuario);
	return null;
}
public List<Usuario> getLista(){
	if(this.lista == null){
		UsuarioRN usuarioRN = new UsuarioRN();
		this.lista = usuarioRN.listar();
	}
	return this.lista;
}
public String atribuiPermissao(Usuario usuario,String permissao){
	this.usuario = usuario;
	java.util.Set<String> permissoes = this.usuario.getPermissao();
	if (permissoes.contains(permissao)){
		permissoes.remove(permissao);
	}else{
		permissoes.add(permissao);
	}
	return null ;
}

}

Minha dao
package financeiro.usuario;
import java.util.List;
//esta classe contem apenas as assinaturas dos metodos refentes as operações em banco
public interface UsuarioDao {
public void salvar(Usuario usuario);
public void atualizar(Usuario usuario);
public void excluir(Usuario usuario);
public Usuario carregar(Integer codigo);
public Usuario buscarPorLogin(String login);
public List listar();
}

Minha DaoHibernate
package financeiro.usuario;
import java.util.List;
//esta classe contem apenas as assinaturas dos metodos refentes as operações em banco
public interface UsuarioDao {
public void salvar(Usuario usuario);
public void atualizar(Usuario usuario);
public void excluir(Usuario usuario);
public Usuario carregar(Integer codigo);
public Usuario buscarPorLogin(String login);
public List listar();
}

Meu applicationContext-security.xml

<?xml version="1.0" encoding="UTF-8"?>

<b:beans xmlns=“http://www.springframework.org/schema/security
xmlns:b=“http://www.springframework.org/schema/beans
xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance
xsi:schemaLocation=“http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd”>






<authentication-manager>
	<authentication-provider>
		<jdbc-user-service data-source-ref="financeiroDataSource"
			authorities-by-username-query="SELECT u.login, p.permissao 
										 FROM usuario u, usuario_permissao p 
										WHERE u.codigo = p.usuario 
										  AND u.login = ?"
			users-by-username-query="SELECT login, senha, ativo 
								   FROM usuario 
								  WHERE login = ?" />
	</authentication-provider>
</authentication-manager>

</b:beans>