[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Servlet AccessControlException

Posted on 2004-10-29
11
Medium Priority
?
574 Views
Last Modified: 2013-11-24
I've written a basic servlet to get the hang server side programming and some problems have come up.

The following code is 'meant' to create an instance of Properties, then if a properties file exists, then load the data.
The properties file contains a list of ip's as the key and the amount of times each ip has visited the site.
In a nutshell, its a basic hit counter.

The problem is that when I run the servlet, it throws a AccessControlException.
"/public_html/admin/" is the path that I'm attempting to write the file to, however I'm not sure if that is the correct path...
On my ftp, the path exists however it's a shared linux server so maybe I'm missing a few things in the path or something...

Anyway, heres the code...

package com.wrenintermedia;

import java.io.File;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.FileOutputStream;

import java.util.Properties;

import java.util.logging.Level;
import java.util.logging.Logger;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class HitCounterServlet extends HttpServlet
{
    private static final String path = "/wrenin2/public_html/admin/HitTrackRecord.properties";

    private Properties properties;

    private Logger logger;

    private File propsFile;

    public void init()
    {
        logger     = Logger.getLogger("com.wrenintermedia");
        propsFile  = new File(path);
        properties = new Properties();

        logger.setLevel(Level.ALL);

        try
        {
            if (propsFile.exists())
                  {
                        properties.load(new FileInputStream(propsFile));
                  }
                  else
                  {
                        propsFile.createNewFile();
                  }
        }
        catch (IOException e)
        {
            e.printStackTrace();

            logger.log(Level.SEVERE, "An IO Exception has occured whilst loading properties", e);
        }            
    }
      
      public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws IOException
      {
            doPost(request, response);
      }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
    throws IOException
    {
        String ip = request.getRemoteAddr();

        String hits = properties.getProperty(ip);

        if (hits != null)
        {
            properties.setProperty(ip, new Integer(hits + 1).toString());
        }
        else
        {
            properties.setProperty(ip, new Integer(1).toString());
        }
    }

    public void destroy()
    {
        try
        {
            properties.store(new FileOutputStream(propsFile), null);
        }
        catch (IOException e)
        {
            e.printStackTrace();

            logger.log(Level.SEVERE, "An IO Exception has occured whilst saving properties", e);
        }
        finally
        {
            properties = null;
        }            
    }
}

And heres the stack trace...

java.security.AccessControlException: access denied (java.io.FilePermission
/wrenin2/public_html/admin/HitTrackRecord.properties write)
      at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
      at java.security.AccessController.checkPermission(AccessController.java:401)
      at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
      at java.lang.SecurityManager.checkWrite(SecurityManager.java:954)
      at java.io.File.createNewFile(File.java:827)
      at com.wrenintermedia.HitCounterServlet.init(HitCounterServlet.java:43)
      at javax.servlet.GenericServlet.init(GenericServlet.java:82)
      at com.caucho.server.http.Application.createServlet(Application.java:3114)
      at com.caucho.server.http.Application.loadServlet(Application.java:3065)
      at com.caucho.server.http.QServletConfig.loadServlet(QServletConfig.java:435)
      at com.caucho.server.http.Application.getFilterChainServlet(Application.java:2809)
      at com.caucho.server.http.Application.buildFilterChain(Application.java:2765)
      at com.caucho.server.http.Invocation.service(Invocation.java:313)
      at com.caucho.server.http.CacheInvocation.service(CacheInvocation.java:135)
      at com.caucho.server.http.RunnerRequest.handleRequest(RunnerRequest.java:346)
      at com.caucho.server.http.RunnerRequest.handleConnection(RunnerRequest.java:274)
      at com.caucho.server.TcpConnection.run(TcpConnection.java:139)
      at java.lang.Thread.run(Thread.java:534)


Any help would be greatly appriciated.

Cheers

-OBCT
0
Comment
Question by:OBCT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 37

Expert Comment

by:zzynx
ID: 12441985
0
 
LVL 37

Expert Comment

by:zzynx
ID: 12441993
At http://www.mindprod.com/jgloss/applet.html I read:

Applet Restrictions:

To make Applets very safe to run, Applets are severely restricted. Applets (without special permission to bypass security) are not permitted to:
(...)
- read or write local files on the client machine.
  They are not even allowed to look in a directory or test for the existence of a file. You can however read a file (resource) embedded in the jar with Class.getResource or Class.getResourceAsStream. It can also read from the server via a URL. Even when your Applet is loaded from hard disk, it still may not do file I/O even via file: urls.
0
 
LVL 92

Expert Comment

by:objects
ID: 12442015
you don't have permissions to perform that operation.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 92

Expert Comment

by:objects
ID: 12442021
you need to edit the security policy.
0
 
LVL 92

Expert Comment

by:objects
ID: 12442035
And I'm guessing you're running this in an environement where you don't control the securirty policy, and that policy is in place to stop you writing to disk perhaps.
0
 
LVL 9

Author Comment

by:OBCT
ID: 12442194
Thank you both for the quick response.

Zzynz, do the same restrictions apply to servlets as they do with applets?

Objects, yes your right. I can't modify the security policy but I can change the folder permissions (CHMOD?).

So, just to confirm...would the path im using be correct or do I need to specify like /root/ or /usr/ etc?
0
 
LVL 37

Expert Comment

by:zzynx
ID: 12442238
Oh, I mixed up servlets/applets
>> Zzynz, do the same restrictions apply to servlets as they do with applets?
Doubt it. (but don't know for sure)
0
 
LVL 37

Assisted Solution

by:zzynx
zzynx earned 500 total points
ID: 12442301
0
 
LVL 92

Accepted Solution

by:
objects earned 500 total points
ID: 12442755
> I can't modify the security policy but I can change the folder permissions

thats not the problem, the security policy is setup to not allow it.
it has nothing to do with file permissions.

0
 
LVL 9

Author Comment

by:OBCT
ID: 12446568
Thanks guys. :-)
0
 
LVL 37

Expert Comment

by:zzynx
ID: 12452414
thanks
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
In this post we will learn different types of Android Layout and some basics of an Android App.
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question