tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Gainty" <mgai...@hotmail.com>
Subject Re: Webapp file permissions in Tomcat 5.5
Date Sun, 29 Jul 2007 18:01:42 GMT
in $CATALINA_HOME/conf/catalina.policy make these grants so tomcat has permission to the folder
(or specific file)
//substitute in the exact folder location to ${java.home}/lib the - at the end says ALL files
in that folder..

grant codeBase "file:${java.home}/lib/-" {
        permission java.security.AllPermission;
};

HTH/
Martin
--------------------------------------------------------------------------- 
This e-mail message (including attachments, if any) is intended for the use of the individual
or entity to which it is addressed and may contain information that is privileged, proprietary
, confidential and exempt from disclosure. If you are not the intended recipient, you are
notified that any dissemination, distribution or copying of this communication is strictly
prohibited.
--------------------------------------------------------------------------- 
Le présent message électronique (y compris les pièces qui y sont annexées, le cas échéant)
s'adresse au destinataire indiqué et peut contenir des renseignements de caractère privé
ou confidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il
est strictement interdit de le diffuser, de le distribuer ou de le reproduire.
----- Original Message ----- 
From: "Len Popp" <len.popp@gmail.com>
To: "Tomcat Users List" <users@tomcat.apache.org>
Sent: Sunday, July 29, 2007 9:57 AM
Subject: Re: Webapp file permissions in Tomcat 5.5


> Have you checked that the user account Tomcat runs under has
> permission to write files in the directory you're using?
> 
> Also, have you tried writing files in the temp directory provided by
> the container? (identified by context attribute
> "javax.servlet.context.tempdir")
> -- 
> Len
> 
> On 7/29/07, Marco <marco@mijnvereniging.info> wrote:
>> Hello,
>>
>>
>>
>>
>>
>> I am having problems making my webapps capable of doing read/write
>> statements. They fail with an 'permission denied' exception.
>>
>> The webapps run on the server with Plesk 8.1.1 and Tomcat 5.5.23-0jpp.2.fc6
>> installed.
>>
>>
>>
>> I use simple statements like:
>>
>>
>>
>> ----------------------------------------------------------------------------
>> ----------------------------------------------
>>
>>     try {
>>
>>       FileWriter filewriter = new
>> FileWriter("/var/www/vhosts/mydomain/httpdocs/test.html");
>>
>>       filewriter.write("Testline\n");
>>
>>       filewriter.close();
>>
>>     }
>>
>>     catch (IOException ex) {
>>
>>     }
>>
>> ----------------------------------------------------------------------------
>> ----------------------------------------------
>>
>>
>>
>> AND
>>
>>
>>
>> ----------------------------------------------------------------------------
>> ----------------------------------------------
>>
>>    Result = new File("/var/www/vhosts/mydomain/httpdocs/testdir").mkdirs();
>>
>> ----------------------------------------------------------------------------
>> ----------------------------------------------
>>
>>
>>
>>
>>
>>
>>
>> I have done a lot of research and testing, but al didn't work out:
>>
>>
>>
>> 1.       Modifying catalina.policy:
>> grant codeBase "file:${catalina.home}/psa-webapps/mydomain/-" {
>> permission java.io.FilePermission "/var/www/vhosts/asbreuk.biz/httpdocs/-",
>> "read";
>> permission java.io.FilePermission "/var/www/vhosts/asbreuk.biz/httpdocs/-",
>> "write";
>> permission java.io.FilePermission "/var/www/vhosts/asbreuk.biz/httpdocs/-",
>> "delete";
>> }
>>
>> 2.       Modifying catalina.policy:
>> grant codeBase "file:${catalina.home}/psa-webapps/mydomain/-" {
>> permission java.security.AllPermission;
>> }
>>
>> 3.       Modifying catalina.policy:
>> grant {
>> .....
>> .....
>> permission java.security.AllPermission;
>> }
>>
>> 4.       I have tried to modify files & directories in different places. The
>> idea was that perhaps some directories worked out fine and others were
>> denied.
>> In practice all directories failed.
>>
>> 5.       Searched the Tomat documentation:
>> http://tomcat.apache.org/tomcat-5.5-doc/security-manager-howto.html
>> All is said that modifying catalina.policy should do the trick. (not in my
>> case.)
>>
>> 6.       Searched the Tomcat FAQ:
>> All is said that modifying catalina.policy should do the trick.
>>
>> 7.       Searched on Google:
>> No solutions found. I found some interesting subject on the java-forum
>> though:
>> http://forum.java.sun.com/thread.jspa?threadID=5134898
>> <http://forum.java.sun.com/thread.jspa?threadID=5134898&messageID=9494541>
>> &messageID=9494541
>> In the end of this subject, it is said that the problem was solved by
>> upgrading from Tomcat 5.5. to Tomcat 6.0
>> Unfortunately, I cannot do this, because Tomcat 5.5.23-0jpp.2.fc6 is part of
>> Plesk 8.1.1.
>>
>>
>>
>>
>>
>> Could you please help me out of this?
>>
>>
>>
>>
>>
>> Kind Regards,
>>
>>
>>
>> Marco.
>>
>>
>>
>>
>>
>>
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
>
Mime
View raw message