William already mentioned that it has to do with the security policy your application uses. It looks like your web app has restricted permissions (eg, cannot access certain files)
Security policy is defined in the .policy files and can be passed as a parameter to the JVM at the start-up time (this is applicable to the standalone applications).
The default security policy used in the Tomcat is defined in the catalina.policy file that you will find in <tomcat_home>\conf folder. I suggest that you look into this file as it explains how to define security policy for a particular web application.