Servlet AccessControlException

I've written a basic servlet to get the hang server side programming and some problems have come up.

The following code is 'meant' to create an instance of Properties, then if a properties file exists, then load the data.
The properties file contains a list of ip's as the key and the amount of times each ip has visited the site.
In a nutshell, its a basic hit counter.

The problem is that when I run the servlet, it throws a AccessControlException.
"/public_html/admin/" is the path that I'm attempting to write the file to, however I'm not sure if that is the correct path...
On my ftp, the path exists however it's a shared linux server so maybe I'm missing a few things in the path or something...

Anyway, heres the code...

package com.wrenintermedia;

import java.io.File;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.FileOutputStream;

import java.util.Properties;

import java.util.logging.Level;
import java.util.logging.Logger;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class HitCounterServlet extends HttpServlet
{
    private static final String path = "/wrenin2/public_html/admin/HitTrackRecord.properties";

    private Properties properties;

    private Logger logger;

    private File propsFile;

    public void init()
    {
        logger     = Logger.getLogger("com.wrenintermedia");
        propsFile  = new File(path);
        properties = new Properties();

        logger.setLevel(Level.ALL);

        try
        {
            if (propsFile.exists())
                  {
                        properties.load(new FileInputStream(propsFile));
                  }
                  else
                  {
                        propsFile.createNewFile();
                  }
        }
        catch (IOException e)
        {
            e.printStackTrace();

            logger.log(Level.SEVERE, "An IO Exception has occured whilst loading properties", e);
        }            
    }
      
      public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws IOException
      {
            doPost(request, response);
      }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
    throws IOException
    {
        String ip = request.getRemoteAddr();

        String hits = properties.getProperty(ip);

        if (hits != null)
        {
            properties.setProperty(ip, new Integer(hits + 1).toString());
        }
        else
        {
            properties.setProperty(ip, new Integer(1).toString());
        }
    }

    public void destroy()
    {
        try
        {
            properties.store(new FileOutputStream(propsFile), null);
        }
        catch (IOException e)
        {
            e.printStackTrace();

            logger.log(Level.SEVERE, "An IO Exception has occured whilst saving properties", e);
        }
        finally
        {
            properties = null;
        }            
    }
}

And heres the stack trace...

java.security.AccessControlException: access denied (java.io.FilePermission
/wrenin2/public_html/admin/HitTrackRecord.properties write)
      at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
      at java.security.AccessController.checkPermission(AccessController.java:401)
      at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
      at java.lang.SecurityManager.checkWrite(SecurityManager.java:954)
      at java.io.File.createNewFile(File.java:827)
      at com.wrenintermedia.HitCounterServlet.init(HitCounterServlet.java:43)
      at javax.servlet.GenericServlet.init(GenericServlet.java:82)
      at com.caucho.server.http.Application.createServlet(Application.java:3114)
      at com.caucho.server.http.Application.loadServlet(Application.java:3065)
      at com.caucho.server.http.QServletConfig.loadServlet(QServletConfig.java:435)
      at com.caucho.server.http.Application.getFilterChainServlet(Application.java:2809)
      at com.caucho.server.http.Application.buildFilterChain(Application.java:2765)
      at com.caucho.server.http.Invocation.service(Invocation.java:313)
      at com.caucho.server.http.CacheInvocation.service(CacheInvocation.java:135)
      at com.caucho.server.http.RunnerRequest.handleRequest(RunnerRequest.java:346)
      at com.caucho.server.http.RunnerRequest.handleConnection(RunnerRequest.java:274)
      at com.caucho.server.TcpConnection.run(TcpConnection.java:139)
      at java.lang.Thread.run(Thread.java:534)


Any help would be greatly appriciated.

Cheers

-OBCT
LVL 9
OBCTAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

zzynxSoftware engineerCommented:
0
zzynxSoftware engineerCommented:
At http://www.mindprod.com/jgloss/applet.html I read:

Applet Restrictions:

To make Applets very safe to run, Applets are severely restricted. Applets (without special permission to bypass security) are not permitted to:
(...)
- read or write local files on the client machine.
  They are not even allowed to look in a directory or test for the existence of a file. You can however read a file (resource) embedded in the jar with Class.getResource or Class.getResourceAsStream. It can also read from the server via a URL. Even when your Applet is loaded from hard disk, it still may not do file I/O even via file: urls.
0
objectsCommented:
you don't have permissions to perform that operation.
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

objectsCommented:
you need to edit the security policy.
0
objectsCommented:
And I'm guessing you're running this in an environement where you don't control the securirty policy, and that policy is in place to stop you writing to disk perhaps.
0
OBCTAuthor Commented:
Thank you both for the quick response.

Zzynz, do the same restrictions apply to servlets as they do with applets?

Objects, yes your right. I can't modify the security policy but I can change the folder permissions (CHMOD?).

So, just to confirm...would the path im using be correct or do I need to specify like /root/ or /usr/ etc?
0
zzynxSoftware engineerCommented:
Oh, I mixed up servlets/applets
>> Zzynz, do the same restrictions apply to servlets as they do with applets?
Doubt it. (but don't know for sure)
0
objectsCommented:
> I can't modify the security policy but I can change the folder permissions

thats not the problem, the security policy is setup to not allow it.
it has nothing to do with file permissions.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
OBCTAuthor Commented:
Thanks guys. :-)
0
zzynxSoftware engineerCommented:
thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java EE

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.