File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Tomcat and the fly likes acces denied java.io.FilePermission Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "acces denied java.io.FilePermission " Watch "acces denied java.io.FilePermission " New topic
Author

acces denied java.io.FilePermission

Alexandre Cuvillier
Greenhorn

Joined: Feb 24, 2003
Posts: 3
Hi,
I have a sun cobalt linux server.
With Apache tomcat installed.
The jsp pages work properly, the problem is when I call a classe.
java.security.AccessControlException: access denied (java.io.FilePermission /home/.sites/143/site2/web/WEB-INF/classes read)
Here is my tmcat policy, I tried to grant for everything but there is nothing to do
// Permissions for tomcat.
// javac
grant codeBase "file:${java.home}/../lib/-" {
permission java.security.AllPermission;
};
grant {
// Allow everything for now
permission java.security.AllPermission;
};
// Tomcat gets all permissions
grant codeBase "file:${tomcat.home}/lib/-" {
permission java.security.AllPermission;
};
grant codeBase "file:${tomcat.home}/classes/-" {
permission java.security.AllPermission;
};
// Example webapp policy
// By default Tomcat grants read access on webapp dir and read of the
// line.separator, path.separator, and file.separator PropertyPermissions.
// Any permissions you grant here are in addition to the default.
// Disabled for Cobalt Linux
// grant codeBase "file:${tomcat.home}/webapps/matchcote" {
// Allow the example web application to read all java properties
// permission java.util.PropertyPermission "*", "read,write,delete";
// };
grant
{ permission java.util.PropertyPermission "*", "read";
}
grant {
// OS Specific properties to allow read access
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
// JVM properties to allow read access
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission "java.vm.specification.version", "read";
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "file.separator", "read";
};
grant codeBase "file:/home/sites/www.matchcote.com/web/-" {
permission java.net.SocketPermission "localhost:1024-", "listen,connect,resolve";
permission java.util.PropertyPermission "*", "read,write";
permission java.lang.RuntimePermission "accessClassInPackage.sun.io";
};
grant codeBase "file:/home/.sites/143/site2/web/-" {
permission SocketPermission "localhost:1024-", "listen,connect,resolve";
permission java.util.PropertyPermission "*", "read,write";
permission java.io.FilePermission "/home/.sites/143/site2/-", "read,write,delete";
permission java.io.FilePermission "/home/.sites/143/site2/web/WEB-INF/classes/*", "read,write";
permission java.lang.RuntimePermission "accessClassInPackage.sun.io";
};
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16158
    
  21

Unlike applets, J2EE servers aren't constrained in their ability to access local files = at least unless you override the standard access rules. However, you can get this error if the Tomcat process doesn't have OS-level access to the file even though you have Java access rights.
Or, in other words, OS access limitations supercede Java permissions.


Customer surveys are for companies who didn't pay proper attention to begin with.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: acces denied java.io.FilePermission