Hmmm...
I did some reviews of CVS for the code which sets the context dir
FilePermission. I had made a cut n paste mistake when changing code related
to this which would have prevented the context dir FilePermission
from being created. This bug only existed for 6 hours in CVS before
I fixed it. This also the same day that the Tomcat 4.1.12
version was tagged in CVS. 4.1.12 may have been released with this bug.
Please try Tomcat 4.1.13 and see if the problem still exists.
Regards,
Glenn
Aditya wrote:
Glenn,
On Fri, Oct 25, 2002 at 08:40:28AM -0500, Glenn Nielsen wrote:
I suspect that for some reason the Context does not have a context
directory. Add
FWIW, I'm not running the context from a WAR file -- it's just the examples
context that comes with the default install.
String docBase = context.getRealPath("/"); to your test jsp and see if it
returns null.
could you fully qualify the "context" Class -- if it's the same as:
pageContext.getServletContext().getRealPath("/");
then docBase returns /usr/local/tomcat/webapps/examples/ correctly. ie. if I
have just the following in the JSP:
String fullPath = pageContext.getServletContext().getRealPath("/test2.new");
out.println("<br>fullPath: " + fullPath);
String docBase = pageContext.getServletContext().getRealPath("/");
out.println("<br>docBase: " + docBase);
I correctly get:
fullPath: /usr/local/tomcat/webapps/examples/test2.new
docBase: /usr/local/tomcat/webapps/examples/
however when I add:
java.io.File foo = new java.io.File(fullPath);
if (foo.exists())
out.println("Exists: " + fullPath);
else {
out.println("does not exist");
}
to the JSP I get the old:
java.io.FilePermission /usr/local/tomcat/webapps/examples/test2.new read
the debug output is appended below (let me know if you want more) -- I set all
the debug flats in server.xml to 9.
Also try setting the debug attributes in your server.xml to 9 and capture
the debug output.
from localhost_examples_log:
2002-10-25 14:25:19 Authenticator[/examples]: Security checking request GET
/examples/jsp/test.jsp
2002-10-25 14:25:19 Authenticator[/examples]: Checking constraint
'SecurityConstraint[Protected Area]' against GET /jsp/test.jsp --> false
2002-10-25 14:25:19 Authenticator[/examples]: No applicable constraint
located
2002-10-25 14:25:19 Authenticator[/examples]: Not subject to any constraint
2002-10-25 14:25:19 StandardContext[/examples]: Mapping
contextPath='/examples' with requestURI='/examples/jsp/test.jsp' and
relativeURI='/jsp/test.jsp'
2002-10-25 14:25:19 StandardContext[/examples]: Trying exact match
2002-10-25 14:25:19 StandardContext[/examples]: Trying prefix match
2002-10-25 14:25:19 StandardContext[/examples]: Trying extension match
2002-10-25 14:25:19 StandardContext[/examples]: Mapped to servlet 'jsp' with
servlet path '/jsp/test.jsp' and path info 'null' and update=true
2002-10-25 14:25:27 StandardWrapperValve[jsp]: Servlet.service() for servlet
jsp threw exception
org.apache.jasper.JasperException: access denied (java.io.FilePermission
/usr/local/tomcat/webapps/examples/test2.new read)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:248)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:289)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:98)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:176)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:172)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:260)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:471)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2396)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
at
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:256)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:361)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:563)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:535)
at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:638)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:533)
at java.lang.Thread.run(Thread.java:536)
----- Root Cause -----
java.security.AccessControlException: access denied (java.io.FilePermission
/usr/local/tomcat/webapps/examples/test2.new read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at
java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at java.lang.SecurityManager.checkRead(SecurityManager.java:887)
at java.io.File.exists(File.java:677)
at org.apache.jsp.test_jsp._jspService(test_jsp.java:64)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:136)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:204)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:289)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:98)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:176)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:172)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:260)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:471)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2396)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
at
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:256)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:361)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:563)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:535)
at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:638)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:533)
at java.lang.Thread.run(Thread.java:536)
and catalina.out:
access: access allowed (java.lang.RuntimePermission
accessClassInPackage.org.apache.jasper.runtime)
access: access allowed (java.lang.RuntimePermission
accessClassInPackage.org.apache.jasper.runtime)
access: access allowed (java.lang.RuntimePermission
accessClassInPackage.org.apache.jasper.runtime)
access: access allowed (java.lang.RuntimePermission
defineClassInPackage.org.apache.jasper.runtime)
access: access allowed (java.io.FilePermission
/usr/local/tomcat/webapps/examples/WEB-INF/classes/o
rg/apache/jasper/runtime/HttpJspBase.class read)
access: access allowed (java.io.FilePermission
/usr/local/tomcat/webapps/examples/WEB-INF/classes/o
rg/apache/jasper/runtime/HttpJspBase.class read)
access: access allowed (java.lang.RuntimePermission
accessClassInPackage.org.apache.jasper.runtime)
access: access allowed (java.lang.RuntimePermission
accessClassInPackage.org.apache.jasper.runtime)
access: access allowed (java.lang.reflect.ReflectPermission
suppressAccessChecks)
access: access denied (java.io.FilePermission
/usr/local/tomcat/webapps/examples/test2.new read)
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Thread.java:1071)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:259)
at
java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at java.lang.SecurityManager.checkRead(SecurityManager.java:887)
at java.io.File.exists(File.java:677)
at org.apache.jsp.test_jsp._jspService(test_jsp.java:64)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:136)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:204)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:289)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.
java:247)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:9
8)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:176)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:172
)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:260)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(Standa
rdPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(Standa
rdPipeline.java:643)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:471)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(Standa
rdPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2396)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(Standa
rdPipeline.java:643)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(Standa
rdPipeline.java:641)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(Standa
rdPipeline.java:641)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(Standa
rdPipeline.java:643)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
at
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:256)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:361)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:563)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:535)
at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:638)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:533)
at java.lang.Thread.run(Thread.java:536)
access: access allowed (java.util.PropertyPermission java.security.debug read)
access: domain that failed ProtectionDomain
(file:/usr/local/tomcat/webapps/examples/ <no certific
ates>)
null
<no principals>
java.security.Permissions@425743 (
(java.io.FilePermission
/usr/local/tomcat/work/Standalone/localhost/examples/- read)
(java.util.PropertyPermission java.specification.vendor read)
(java.util.PropertyPermission java.vm.specification.vendor read)
(java.util.PropertyPermission path.separator read)
(java.util.PropertyPermission java.vm.name read)
(java.util.PropertyPermission java.class.version read)
(java.util.PropertyPermission java.vendor.url read)
(java.util.PropertyPermission os.name read)
(java.util.PropertyPermission jaxp.debug read)
(java.util.PropertyPermission java.vendor read)
(java.util.PropertyPermission java.vm.vendor read)
(java.util.PropertyPermission file.separator read)
(java.util.PropertyPermission javax.sql.* read)
(java.util.PropertyPermission java.naming.* read)
(java.util.PropertyPermission os.version read)
(java.util.PropertyPermission java.vm.version read)
(java.util.PropertyPermission java.version read)
(java.util.PropertyPermission line.separator read)
(java.util.PropertyPermission java.home read)
(java.util.PropertyPermission java.vm.specification.version read)
(java.util.PropertyPermission java.specification.name read)
(java.util.PropertyPermission java.vm.specification.name read)
(java.util.PropertyPermission java.specification.version read)
(java.util.PropertyPermission os.arch read)
(java.lang.RuntimePermission accessClassInPackage.sun.beans.*)
(java.lang.RuntimePermission accessClassInPackage.sun.beans)
(java.lang.RuntimePermission getAttribute)
(java.lang.RuntimePermission accessClassInPackage.org.apache.catalina.util.*)
(java.lang.RuntimePermission accessClassInPackage.org.apache.jasper.runtime)
(java.lang.RuntimePermission
accessClassInPackage.org.apache.jasper.runtime.*)
(java.lang.RuntimePermission accessClassInPackage.org.apache.catalina.util)
)
Thanks,
Adi
--
To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>
--
To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>
