Servlet AccessControlException

I've written a basic servlet to get the hang server side programming and some problems have come up.

The following code is 'meant' to create an instance of Properties, then if a properties file exists, then load the data.
The properties file contains a list of ip's as the key and the amount of times each ip has visited the site.
In a nutshell, its a basic hit counter.

The problem is that when I run the servlet, it throws a AccessControlException.
"/public_html/admin/" is the path that I'm attempting to write the file to, however I'm not sure if that is the correct path...
On my ftp, the path exists however it's a shared linux server so maybe I'm missing a few things in the path or something...

Anyway, heres the code...

package com.wrenintermedia;

import java.io.File;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.FileOutputStream;

import java.util.Properties;

import java.util.logging.Level;
import java.util.logging.Logger;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class HitCounterServlet extends HttpServlet
{
    private static final String path = "/wrenin2/public_html/admin/HitTrackRecord.properties";

    private Properties properties;

    private Logger logger;

    private File propsFile;

    public void init()
    {
        logger     = Logger.getLogger("com.wrenintermedia");
        propsFile  = new File(path);
        properties = new Properties();

        logger.setLevel(Level.ALL);

        try
        {
            if (propsFile.exists())
                  {
                        properties.load(new FileInputStream(propsFile));
                  }
                  else
                  {
                        propsFile.createNewFile();
                  }
        }
        catch (IOException e)
        {
            e.printStackTrace();

            logger.log(Level.SEVERE, "An IO Exception has occured whilst loading properties", e);
        }            
    }
      
      public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws IOException
      {
            doPost(request, response);
      }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
    throws IOException
    {
        String ip = request.getRemoteAddr();

        String hits = properties.getProperty(ip);

        if (hits != null)
        {
            properties.setProperty(ip, new Integer(hits + 1).toString());
        }
        else
        {
            properties.setProperty(ip, new Integer(1).toString());
        }
    }

    public void destroy()
    {
        try
        {
            properties.store(new FileOutputStream(propsFile), null);
        }
        catch (IOException e)
        {
            e.printStackTrace();

            logger.log(Level.SEVERE, "An IO Exception has occured whilst saving properties", e);
        }
        finally
        {
            properties = null;
        }            
    }
}

And heres the stack trace...

java.security.AccessControlException: access denied (java.io.FilePermission
/wrenin2/public_html/admin/HitTrackRecord.properties write)
      at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
      at java.security.AccessController.checkPermission(AccessController.java:401)
      at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
      at java.lang.SecurityManager.checkWrite(SecurityManager.java:954)
      at java.io.File.createNewFile(File.java:827)
      at com.wrenintermedia.HitCounterServlet.init(HitCounterServlet.java:43)
      at javax.servlet.GenericServlet.init(GenericServlet.java:82)
      at com.caucho.server.http.Application.createServlet(Application.java:3114)
      at com.caucho.server.http.Application.loadServlet(Application.java:3065)
      at com.caucho.server.http.QServletConfig.loadServlet(QServletConfig.java:435)
      at com.caucho.server.http.Application.getFilterChainServlet(Application.java:2809)
      at com.caucho.server.http.Application.buildFilterChain(Application.java:2765)
      at com.caucho.server.http.Invocation.service(Invocation.java:313)
      at com.caucho.server.http.CacheInvocation.service(CacheInvocation.java:135)
      at com.caucho.server.http.RunnerRequest.handleRequest(RunnerRequest.java:346)
      at com.caucho.server.http.RunnerRequest.handleConnection(RunnerRequest.java:274)
      at com.caucho.server.TcpConnection.run(TcpConnection.java:139)
      at java.lang.Thread.run(Thread.java:534)


Any help would be greatly appriciated.

Cheers

-OBCT
LVL 9
OBCTAsked:
Who is Participating?
 
objectsConnect With a Mentor Commented:
> I can't modify the security policy but I can change the folder permissions

thats not the problem, the security policy is setup to not allow it.
it has nothing to do with file permissions.

0
 
zzynxSoftware engineerCommented:
0
 
zzynxSoftware engineerCommented:
At http://www.mindprod.com/jgloss/applet.html I read:

Applet Restrictions:

To make Applets very safe to run, Applets are severely restricted. Applets (without special permission to bypass security) are not permitted to:
(...)
- read or write local files on the client machine.
  They are not even allowed to look in a directory or test for the existence of a file. You can however read a file (resource) embedded in the jar with Class.getResource or Class.getResourceAsStream. It can also read from the server via a URL. Even when your Applet is loaded from hard disk, it still may not do file I/O even via file: urls.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
objectsCommented:
you don't have permissions to perform that operation.
0
 
objectsCommented:
you need to edit the security policy.
0
 
objectsCommented:
And I'm guessing you're running this in an environement where you don't control the securirty policy, and that policy is in place to stop you writing to disk perhaps.
0
 
OBCTAuthor Commented:
Thank you both for the quick response.

Zzynz, do the same restrictions apply to servlets as they do with applets?

Objects, yes your right. I can't modify the security policy but I can change the folder permissions (CHMOD?).

So, just to confirm...would the path im using be correct or do I need to specify like /root/ or /usr/ etc?
0
 
zzynxSoftware engineerCommented:
Oh, I mixed up servlets/applets
>> Zzynz, do the same restrictions apply to servlets as they do with applets?
Doubt it. (but don't know for sure)
0
 
OBCTAuthor Commented:
Thanks guys. :-)
0
 
zzynxSoftware engineerCommented:
thanks
0
All Courses

From novice to tech pro — start learning today.