tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <>
Subject RE: accessing files external to webapp
Date Tue, 27 Jan 2004 13:54:02 GMT

This doesn't have to do with the security manager.  The classpath
resource locator will only work for things that are on your classpath,
naturally.  For J2EE/servlet containers like tomcat, your classpath is
very precisely defined:
So if your file is not in one of these directories, the classloader
resource lookup won't work.

Another way to access resources inside your webapp is via
ServletContext#getResource.  But since your file is outside the webapp,
this won't work either.  So you have to explicitly name the
directory/file, e.g. via a context-param or init-param in your web.xml,
and do a normal file I/O lookup for it (i.e. File myFile = new
File("/path/to/file"), if myFile.exists()...).

In general, it is desirable to keep your webapp as self-contained as

Yoav Shapira
Millennium ChemInformatics

>-----Original Message-----
>From: Lorrin Nelson []
>Sent: Monday, January 26, 2004 8:57 PM
>To: Tomcat Users List
>Subject: Re: accessing files external to webapp
>Hi again -- I'm still stumped by this problem and looking for help. But
>I did (duh) edit my Tomcat startup script to not use the -security
>option, so now at least I know that whatever's giving me headaches has
>nothing to do with the Security Manager.
>So to summarize -- what do I need to do to access files outside of my
>webapp besides take care of the security manager and Unix file
>permissions? (I thought that was it!) And should I use a mechanism
>than getClassLoader().getResource(path) to do so?
>Lorrin Nelson wrote:
>> Hi - I have what I think is a security permission problem, but I'm
>> sure.
>> I'm migrating an existing webapp from SuSE/Tomcat 4.0 to
>> 4.1. The SuSE box didn't have a security manager, the Debian one
>> In one of the business logic classes, I need to determine if a file
>> external to the webapp exists or not. The check (in a class named
>> is
>>     if (PickManager.class.getClassLoader().getResource(path) == null)
>> Using that technique, I can determine if files exist up to the
>> context path, but no futher. Since it worked fine on the SuSE box,
>> assuming it's a permission problem. However, in an act of desperation
>> went so far as to add
>>   permission;
>> to my grant block for all webapps in
>> /etc/tomcat4/policy.d/04webapps.policy, but still no luck.
>> The file in question is world-readable, so I don't think its a unix
>> permission problem clouding the picture.
>> Anyone have an what might be going on? Is there a diff't technique I
>> should use to check for a files' existence?
>> Thanks!
>> -Lorrin
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> For additional commands, e-mail:
>To unsubscribe, e-mail:
>For additional commands, e-mail:

This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message