 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / September 2006give servlet permission to create file
Hi! I am creating a servlet that uploads a file from the users computer to my servers computer. When I write the file to the server I am getting continually an access denied message. Which sux, because Im paying for the space on the serve, why cant I write to it programatically?! Anyway Im wondering if there is a certain server setting that I can ask them to change, or a permission that i should be asking for, or something. I mean surely other people must want to write files to their servers, right? Thanks for any (non-evil) thoughts, including a better hosting service that is cheap (not making any money off of site). Thanks! Error message is below. org.apache.jasper.JasperException: access denied (java.io.FilePermission /pleaseWork.jb write) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:372) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:292) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:236) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) sun.reflect.GeneratedMethodAccessor326.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) java.lang.reflect.Method.invoke(Method.java:585) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:239) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:517) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:266) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:157) and we're using apache tomcat as the server... > Hi! > [quoted text clipped - 29 lines] > org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:266) > org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:157) .... > I am creating a servlet that uploads a file from the users computer to > my servers computer. ... > org.apache.jasper.JasperException: access denied > (java.io.FilePermission /pleaseWork.jb write) I *suspect* 1) that your host *does* allow writing to files, but files located within your own directories. 2) Anything pointing to the 'root' e.g. file '/..' is in *their* directories, rather than yours. You might try a 'getRealPath' to find where that file is really (trying) to go. Andrew T. I just called my hosting company, who say I have all the appropriate access priviledges... Which I would rather not believe, but they say its true... Here is what my code reads as: String curDir = application.getRealPath(""); System.out.println(curDir); File filFile = new File(curDir + "/pleaseWork.txt"); out.println(filFile.getAbsolutePath()); //filFile.createNewFile(); //breaks here! any idea what IM doing wrong?!?!! > .... > > I am creating a servlet that uploads a file from the users computer to [quoted text clipped - 13 lines] > > Andrew T. Please refrain from top-posting - I find it most confusing. > I just called my hosting company, who say I have all the appropriate > access priviledges... > > Which I would rather not believe, but they say its true... I believe them. Their answer does not surprise me. (I have heard similar answers from my own web-host/s!) > Here is what my code reads as: > > String curDir = application.getRealPath(""); > System.out.println(curDir); When I suggested using getRealPath, what I meant was .. a) Use getRealPath on the string that indicates 'root' - "/". b) Print the result. c) Tell *us* that result here... Andrew T. Trying to write a file using FIle x = new File (var + "myNewFile.txt"); where var equals.... BAD -> request.getServletPath() BAD -> request.getRemoteHost() BAD -> request.getRemoteAddr() BAD -> request.getRequestURL() BAD -> getServletContext().getRealPath("/") :( Im at a lose. What am I doing wrong? My hosting company tells me that I have all the proper permissions. > Please refrain from top-posting - I find it most confusing. > [quoted text clipped - 18 lines] > > Andrew T. sorry, I did not print the path that was generated. Since they restart the server at 3am, I uploaded a new file, outputting the path. So tomorrow I will be able to write the path here... > Trying to write a file using > [quoted text clipped - 39 lines] > > > > Andrew T. Noted your next post, but just quickly.. > Trying to write .. Stop! Let's just find out exactly where we are before anyone tries writing (or even thinking of writing) anything. >...a file using > > FIle x = new File (var + "myNewFile.txt"); Now. Drop the filename for the moment and try the file name "." to indicate 'the current directory' as understood by the server at this moment in time. Then (assuming even that is successful) try printing it out to ..HTML or whatever. Also, please refrain from top-posting. I find it most confusing. Andrew T. > Noted your next post, but just quickly.. > [quoted text clipped - 19 lines] > > Andrew T. will try tonight. Will report results tomorrow morning, if I am asleep before 4am > > Noted your next post, but just quickly.. > > [quoted text clipped - 19 lines] > > > > Andrew T. Problem. It gets the path to c:\tomcat\, Im on a shared hosting plan. I dont think that they will tell me what the path is to my home directory... Ill give it a shot anyway. Any other ideas? > > > Noted your next post, but just quickly.. > > > [quoted text clipped - 24 lines] > It gets the path to c:\tomcat\, Im on a shared hosting plan. I dont > think that they will tell me what the path is to my home directory... Oh duh. It links to the current SET working directory! maybe Ill be lucky :) only tried it on my tomcat server, where the home directory was set to c:\tomcat > Ill give it a shot anyway. > > Any other ideas? > Noted your next post, but just quickly.. > [quoted text clipped - 19 lines] > > Andrew T. None of it is working. The second I call myFile.createNewFile(); it breaks every time. The closest I think Ive come to a solution is being able to print out the this.getServletContext().getRealPath("/") /var/chroot/home/content/a/d/a/adartie2/html/ where I still cant create a file in that directory. what a pain in my arse. I feel lost. Before I continue I should point out that I am hoping some of the server-side guru's can jump into this thread, it's a while since I've uses the server stuff and I'm a little rusty. .. > > > FIle x = new File (var + "myNewFile.txt"); > > [quoted text clipped - 4 lines] > > Then (assuming even that is successful) try > > printing it out to ..HTML or whatever. ... > None of it is working. The second I call myFile.createNewFile(); it > breaks every time. Like I said - until you're confident you know where you are in the structure (or perhaps convince *me* that you are attempting to write into your home directories), writing is a bit premature.. but.. > The closest I think Ive come to a solution is being able to print out > the > this.getServletContext().getRealPath("/") > /var/chroot/home/content/a/d/a/adartie2/html/ OK.. where is that in relation to your site? If I visit the domain, and end up getting served the /index.html (or whatever is your default homepage) ..where would that file live, within the path shown above? I am guessing it is either .. /var/chroot/home/content/index.html ..or.. /var/chroot/home/content/a/d/a/adartie2/html/index.html Is either of those correct? Andrew T. > Before I continue I should point out that I am hoping > some of the server-side guru's can jump into this [quoted text clipped - 36 lines] > > Andrew T. Thanks for the response Andrew. I scoured my hosting company's site, and found this: " This is the absolute path for your Linux hosting account: /home/content/1/2/3/username/html/ Where "/1/2/3/" are the first three letters of your user name and "username" is the user name you used to set up your hosting account. For example, if your user name were "johndoe," then your absolute path would be: /home/content/j/o/h/johndoe/html " so in addition to your suggestions, I tried to write the new file to /home/content/a/d/a/adartie2/k.txt still no luck. :( .... > This is the absolute path for your Linux hosting account: > [quoted text clipped - 9 lines] > so in addition to your suggestions, I tried to write the new file to > /home/content/a/d/a/adartie2/k.txt That would make it the directory *above* your main homepage directory.. I am not sure if site users (you) are supposed to be able to programmatically write files there! Why not try writing a file in ..... /home/content/a/d/a/adartie2/html/temp/a.txt (Note the 'temp' directory to keep these file(s) separate from your real site, make that directory first, manually). BTW - Did you say something rude to the server people around here? I am wonderrring why not one of them has jumped in to point out the errors I am making.. Andrew T. I got it.... sort of. my host is only allowing me to write to the \tmp\ directory. Which sux, but Ill deal with it. I guess im giong to have to email myself the files as they come in. That was the problem, Im not allowed to write to my actual account directory. Isnt that ridiculous? Perhaps I should consider changing hosts. Thank you so much for your help! Ive learned a lot from you. > Before I continue I should point out that I am hoping > some of the server-side guru's can jump into this [quoted text clipped - 36 lines] > > Andrew T. > I got it.... sort of. > [quoted text clipped - 4 lines] > That was the problem, Im not allowed to write to my actual account > directory. It does strike me as 'familiar' that there are only specific areas into which you can write. I can't say that 'temp' sounds right, but I'd defer to the server operators. >..Isnt that ridiculous? No. Servers are *very* carefully controlled, for good reason. A problem that allows a malicious or stupid end user, or faulty code, to (for example) attempt a write of 54Gig might be something that not only brings your site crashing down, but probably the server and everyone else's sites! If they can help avoid that by limiting site owners to writing in specific dirrectories, it is a benefit to all who have sites coming off that server. >...Perhaps I should consider changing hosts. I wold not recommend being so rash. Nothing you have told me about this host really surprises me, & I suspect any other host will have similar restrictions. > Thank you so much for your help! You're welcome. >...Ive learned a lot from you. ...hmmm. Trouble is - I still have a lot to learn about it! ( Have you heard the saying 'the blind leading the blind'? ;) Andrew T. >( Have you heard the saying 'the blind leading the blind'? ;) of course, but perhaps that way both will learn how to see. > > I got it.... sort of. > > [quoted text clipped - 40 lines] > > Andrew T. "tiewknvc9" <aotemp@hotmail.com> said: >I just called my hosting company, who say I have all the appropriate >access priviledges... > >Which I would rather not believe, but they say its true... ... >Here is what my code reads as: > [quoted text clipped - 4 lines] > >out.println(filFile.getAbsolutePath()); Well, what do you get printed as the current directory? Does it look like something to which you should have write access?  SignatureWolf a.k.a. Juha Laiho Espoo, Finland (GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++ "...cancel my subscription to the resurrection!" (Jim Morrison) >When I write the file to the server I am getting continually an access >denied message. Which sux, because Im paying for the space on the [quoted text clipped - 4 lines] >something. I mean surely other people must want to write files to >their servers, right? >org.apache.jasper.JasperException: access denied >(java.io.FilePermission /pleaseWork.jb write) We were having very similar issues in our hosted environment. It turned out that the Tomcat Security Manager had been enabled, and basically denied everything by default. So they had to go tweak the policies to allow the things we needed. In addition to file access permissions, we had problems with sockets and also accessing system properties. Take a look at the following links... there is probably something similar in the tomcat 5.x documentation as well. http://tomcat.apache.org/tomcat-4.1-doc/security-manager-howto.html http://tomcat.apache.org/tomcat-3.3-doc/tomcat-security.html The policy files are: $CATALINA_HOME/conf/catalina.policy $JAVA_HOME/jre/lib/security/java.policy Good luck... scott I hope its not security! I actually asked them if I had the proper permissions, and they said that I did. They could always be screwing with me though.... If I cant get it to work in the next few days, Im going to have to find a new host :( > >When I write the file to the server I am getting continually an access > >denied message. Which sux, because Im paying for the space on the [quoted text clipped - 28 lines] > > scott Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.