OBCT
asked on
Servlet AccessControlException
I've written a basic servlet to get the hang server side programming and some problems have come up.
The following code is 'meant' to create an instance of Properties, then if a properties file exists, then load the data.
The properties file contains a list of ip's as the key and the amount of times each ip has visited the site.
In a nutshell, its a basic hit counter.
The problem is that when I run the servlet, it throws a AccessControlException.
"/public_html/admin/" is the path that I'm attempting to write the file to, however I'm not sure if that is the correct path...
On my ftp, the path exists however it's a shared linux server so maybe I'm missing a few things in the path or something...
Anyway, heres the code...
package com.wrenintermedia;
import java.io.File;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpSer vlet;
import javax.servlet.http.HttpSer vletReques t;
import javax.servlet.http.HttpSer vletRespon se;
public class HitCounterServlet extends HttpServlet
{
private static final String path = "/wrenin2/public_html/admi n/HitTrack Record.pro perties";
private Properties properties;
private Logger logger;
private File propsFile;
public void init()
{
logger = Logger.getLogger("com.wren intermedia ");
propsFile = new File(path);
properties = new Properties();
logger.setLevel(Level.ALL) ;
try
{
if (propsFile.exists())
{
properties.load(new FileInputStream(propsFile) );
}
else
{
propsFile.createNewFile();
}
}
catch (IOException e)
{
e.printStackTrace();
logger.log(Level.SEVERE, "An IO Exception has occured whilst loading properties", e);
}
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException
{
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException
{
String ip = request.getRemoteAddr();
String hits = properties.getProperty(ip) ;
if (hits != null)
{
properties.setProperty(ip, new Integer(hits + 1).toString());
}
else
{
properties.setProperty(ip, new Integer(1).toString());
}
}
public void destroy()
{
try
{
properties.store(new FileOutputStream(propsFile ), null);
}
catch (IOException e)
{
e.printStackTrace();
logger.log(Level.SEVERE, "An IO Exception has occured whilst saving properties", e);
}
finally
{
properties = null;
}
}
}
And heres the stack trace...
java.security.AccessContro lException : access denied (java.io.FilePermission
/wrenin2/public_html/admin /HitTrackR ecord.prop erties write)
at java.security.AccessContro lContext.c heckPermis sion(Acces sControlCo ntext.java :269)
at java.security.AccessContro ller.check Permission (AccessCon troller.ja va:401)
at java.lang.SecurityManager. checkPermi ssion(Secu rityManage r.java:524 )
at java.lang.SecurityManager. checkWrite (SecurityM anager.jav a:954)
at java.io.File.createNewFile (File.java :827)
at com.wrenintermedia.HitCoun terServlet .init(HitC ounterServ let.java:4 3)
at javax.servlet.GenericServl et.init(Ge nericServl et.java:82 )
at com.caucho.server.http.App lication.c reateServl et(Applica tion.java: 3114)
at com.caucho.server.http.App lication.l oadServlet (Applicati on.java:30 65)
at com.caucho.server.http.QSe rvletConfi g.loadServ let(QServl etConfig.j ava:435)
at com.caucho.server.http.App lication.g etFilterCh ainServlet (Applicati on.java:28 09)
at com.caucho.server.http.App lication.b uildFilter Chain(Appl ication.ja va:2765)
at com.caucho.server.http.Inv ocation.se rvice(Invo cation.jav a:313)
at com.caucho.server.http.Cac heInvocati on.service (CacheInvo cation.jav a:135)
at com.caucho.server.http.Run nerRequest .handleReq uest(Runne rRequest.j ava:346)
at com.caucho.server.http.Run nerRequest .handleCon nection(Ru nnerReques t.java:274 )
at com.caucho.server.TcpConne ction.run( TcpConnect ion.java:1 39)
at java.lang.Thread.run(Threa d.java:534 )
Any help would be greatly appriciated.
Cheers
-OBCT
The following code is 'meant' to create an instance of Properties, then if a properties file exists, then load the data.
The properties file contains a list of ip's as the key and the amount of times each ip has visited the site.
In a nutshell, its a basic hit counter.
The problem is that when I run the servlet, it throws a AccessControlException.
"/public_html/admin/" is the path that I'm attempting to write the file to, however I'm not sure if that is the correct path...
On my ftp, the path exists however it's a shared linux server so maybe I'm missing a few things in the path or something...
Anyway, heres the code...
package com.wrenintermedia;
import java.io.File;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpSer
import javax.servlet.http.HttpSer
import javax.servlet.http.HttpSer
public class HitCounterServlet extends HttpServlet
{
private static final String path = "/wrenin2/public_html/admi
private Properties properties;
private Logger logger;
private File propsFile;
public void init()
{
logger = Logger.getLogger("com.wren
propsFile = new File(path);
properties = new Properties();
logger.setLevel(Level.ALL)
try
{
if (propsFile.exists())
{
properties.load(new FileInputStream(propsFile)
}
else
{
propsFile.createNewFile();
}
}
catch (IOException e)
{
e.printStackTrace();
logger.log(Level.SEVERE, "An IO Exception has occured whilst loading properties", e);
}
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException
{
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException
{
String ip = request.getRemoteAddr();
String hits = properties.getProperty(ip)
if (hits != null)
{
properties.setProperty(ip,
}
else
{
properties.setProperty(ip,
}
}
public void destroy()
{
try
{
properties.store(new FileOutputStream(propsFile
}
catch (IOException e)
{
e.printStackTrace();
logger.log(Level.SEVERE, "An IO Exception has occured whilst saving properties", e);
}
finally
{
properties = null;
}
}
}
And heres the stack trace...
java.security.AccessContro
/wrenin2/public_html/admin
at java.security.AccessContro
at java.security.AccessContro
at java.lang.SecurityManager.
at java.lang.SecurityManager.
at java.io.File.createNewFile
at com.wrenintermedia.HitCoun
at javax.servlet.GenericServl
at com.caucho.server.http.App
at com.caucho.server.http.App
at com.caucho.server.http.QSe
at com.caucho.server.http.App
at com.caucho.server.http.App
at com.caucho.server.http.Inv
at com.caucho.server.http.Cac
at com.caucho.server.http.Run
at com.caucho.server.http.Run
at com.caucho.server.TcpConne
at java.lang.Thread.run(Threa
Any help would be greatly appriciated.
Cheers
-OBCT
Does this help? https://www.experts-exchange.com/questions/21036388/java-security-AccessControlException-Error-need-help.html
At http://www.mindprod.com/jgloss/applet.html I read:
Applet Restrictions:
To make Applets very safe to run, Applets are severely restricted. Applets (without special permission to bypass security) are not permitted to:
(...)
- read or write local files on the client machine.
They are not even allowed to look in a directory or test for the existence of a file. You can however read a file (resource) embedded in the jar with Class.getResource or Class.getResourceAsStream. It can also read from the server via a URL. Even when your Applet is loaded from hard disk, it still may not do file I/O even via file: urls.
Applet Restrictions:
To make Applets very safe to run, Applets are severely restricted. Applets (without special permission to bypass security) are not permitted to:
(...)
- read or write local files on the client machine.
They are not even allowed to look in a directory or test for the existence of a file. You can however read a file (resource) embedded in the jar with Class.getResource or Class.getResourceAsStream.
you don't have permissions to perform that operation.
you need to edit the security policy.
And I'm guessing you're running this in an environement where you don't control the securirty policy, and that policy is in place to stop you writing to disk perhaps.
ASKER
Thank you both for the quick response.
Zzynz, do the same restrictions apply to servlets as they do with applets?
Objects, yes your right. I can't modify the security policy but I can change the folder permissions (CHMOD?).
So, just to confirm...would the path im using be correct or do I need to specify like /root/ or /usr/ etc?
Zzynz, do the same restrictions apply to servlets as they do with applets?
Objects, yes your right. I can't modify the security policy but I can change the folder permissions (CHMOD?).
So, just to confirm...would the path im using be correct or do I need to specify like /root/ or /usr/ etc?
Oh, I mixed up servlets/applets
>> Zzynz, do the same restrictions apply to servlets as they do with applets?
Doubt it. (but don't know for sure)
>> Zzynz, do the same restrictions apply to servlets as they do with applets?
Doubt it. (but don't know for sure)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks guys. :-)
thanks