Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Tomcat Users »

Re: accessing files external to webapp

Lorrin Nelson

2004-01-26

Replies:

Hi again -- I'm still stumped by this problem and looking for help. But
I did (duh) edit my Tomcat startup script to not use the -security
option, so now at least I know that whatever's giving me headaches has
nothing to do with the Security Manager.

So to summarize -- what do I need to do to access files outside of my
webapp besides take care of the security manager and Unix file
permissions? (I thought that was it!) And should I use a mechanism other
than getClassLoader().getResource(path) to do so?

Thanks!

-Lorrin


Lorrin Nelson wrote:
> Hi - I have what I think is a security permission problem, but I'm not
> sure.
>
> I'm migrating an existing webapp from SuSE/Tomcat 4.0 to Debian/Tomcat
> 4.1. The SuSE box didn't have a security manager, the Debian one does.
>
> In one of the business logic classes, I need to determine if a file
> external to the webapp exists or not. The check (in a class named
> PickManager.java) is
>   if (PickManager.class.getClassLoader().getResource(path) == null)
>
> Using that technique, I can determine if files exist up to the webapps'
> context path, but no futher. Since it worked fine on the SuSE box, I'm
> assuming it's a permission problem. However, in an act of desperation I
> went so far as to add
>
>  permission java.security.AllPermission;
>
> to my grant block for all webapps in
> /etc/tomcat4/policy.d/04webapps.policy, but still no luck.
>
> The file in question is world-readable, so I don't think its a unix file
> permission problem clouding the picture.
>
> Anyone have an what might be going on? Is there a diff't technique I
> should use to check for a files' existence?
>
> Thanks!
>
> -Lorrin
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
> For additional commands, e-mail: tomcat-user-help@(protected)
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)



©2008 junlu.com - Jax Systems, LLC, U.S.A.