I have Tomcat on Windows 10 with deployed app on it. It runs well except of when application tries to save file in filestore it throws an error.
Filestore is a folder on the disc path to which is defined in context.xml like this:
<Resource name="ххххх/FileStore"
type="org.ххххххх.filestore.FileStoreService"
factory="org.ххххххх.filestore.impl.LocalFileStoreFactory"
baseDir="/E:/files"
domain="ххххх"/>
Tomcat sees this path correctly and directory E:/files/xxxxx really exists. For testing purpose I have ran this app with Tomcat on Ubuntu and this process passed just fine. Also I emulated "Windows" error on Ubuntu by restricting the permission for Tomcat to write in filestore folder.
What i tried so far:
Gave all permission to write in the folder to everyone and to services (as I ran it like user or like a service) and to all other groups just in case.
Disable UAC, firewall, other "protective" soft, ran like administrator from GUI, command line, powershell.
Shared this folder in the network with permissions to write for everyone (password off). Tested it from another PC. Modified context.xml accordingly.
Is there another options that can help to solve this issue?
The problem was not in permissions. I forgot that Windows file system not allows to do several action with the file simultaneously, like in my case.
Related
I'm trying to unzip in a directory symlinked in my WebApp and get this error
java.io.FileNotFoundException: /var/lib/tomcat/webapps/MyApp/_Apps/xxxxx.txt (Permission denied)
_Apps is my symlink (owned by tomcat, 777) and refers to a directory owned by tomcat (755)
My tomcat version is 7
I've put allowLinking="true" in my app context tag (plus override="true").
Any idea of what is going wrong?
I see several issues here, some related to your question, some to best practice:
You shouldn't upload any files to your webapp at runtime: They'll get overwritten with the next deployment (and will be lost), plus you open yourself up to uploads like attack.jsp - containing code that might end up running server side, under the account that tomcat is running as
Really, you should write to a different directory
That will make your issue go away.
In order to temporarily check what causes the issue:
Validate which user tomcat is running as
Validate that this user account has write access to the directory - to be more confident: Validate this through the linked directory and through the underlying directory, natively without using the link. (You can sudo -u tomcat /bin/bash to manually try)
Check, which file system the directory is on (it might be mounted read-only)
Once you've finished validating (or even before that, reluctant that you can work on a higher priority - security relevant - issue): Go back to the beginning of the list and change your implementation. Upload to a different folder.
We have tomcat 7.0.55 in our unix server. We have deployed web applications manually inside webapps folder of tomcat instance. By default the clusterinfo.1200.properties and log4j logs are stored in .businessobjects folder under home directory of the user account in which tomcat runs.
While accessing the InfoView web application we get the below error,
"AccessControlException:"java.io.filePermission:Access Denied \home\<user account of tomcat>\.businessobjects\clusterinfo.properties"
Tomcat 7 has restriction to access the file outside the tomcat directory on the first logon. However on refreshing the page we are able to access the application.
I have tried the following steps.
stopped the tomcat instance
Moved .buisnessobjects from home directory to inside tomcat installed directory.
Created symlink as .businessobjects in home directory to point to the folder inside tomcat directory.
Started the tomcat instance.
It works. But I need to know where the configuration change has to be made in web application to place the clusterinfo property file and log4j file inside tomcat directory.
I am a novice in Java. Please let me know the file and its location to make this changes.
Desperately looking for a solution :-(
Did you try to grant more permissions on this file with chmod.
The exception explicitly says that its java.io.filePermission. So the problem is that jvm can't read your properties file because your OS prevents it from doing so based on the file permissions.
You can see file permissions with ls -l filepath.
I vaguely remember that you had to change owner of the accesed files in order for tomcat to work so chown tomcat7 \home\<user account of tomcat>\.businessobjects\clusterinfo.properties wouldn't hurt, but I don't remember if it was only applicable to deployed artifacts like *.war files or such.
I have a vendor application which is deployed in Tomcat 6 on a Windows 2008 server. This application is not working in that server but when I copied the Tomcat to another machine which runs Windows 7 it is working.
When I analysis the logs that ClassLoader.getResourceAsStream is returning null in the Windows 2008 server but not in the Windows 7 machine. I checked the windows file permission the tomcat webapp folder full control has given to the user wihr runs the tomcat server. What could be the reason for this.
PS: This is a vendor application so i don't have control over the code.
When I analysis the logs that ClassLoader.getResourceAsStream is returning null in the Windows 2008 server bot not in the Windows 7 machine.
That is the documented behaviour in the case when a named resource cannot be found.
I checked the windows file permission the tomcat webapp folder full control has given to the user which runs the tomcat server. What could be the reason for this.
This is a tricky one. Here are some things to check:
Is the path that you are using with "getResourceAsStream" correct?
Does the resource pathname contain non-ASCII (or special) characters than might cause Windows pathname lookup to behave strangely?
Has the webapp been successfully redeployed (i.e. has it been stopped and started) since you last changed the WAR file?
Have you configured Tomcat to not expand the WAR file? If so, then the problem could be that the resource is no longer in the WAR file ... despite appearing in the (previously expanded) webapp directory.
Is this a problem with "homoglyphs"; i.e. Unicode characters that are different but that look the same when you display them.
Is it possible that a virus checker (or similar) is locking or removing the file?
Hi as the subject reads
System.getenv("HOME")
in my action class (struts2) and deploy that as a war in
/var/lib/tomcat6/webapps/
When i run my class, getenv HOME returns
/var/lib/tomcat6
Can anyone tell me whats going on? I even tested it out on a standalone java class.Returns the proper value of home. Tried it on shell also echo $HOME and it gives a proper output.
Running on Ubuntu 10.04.
i THINK ive got what the problem is.. My project got deployed with permissions for "tomcat6 tomcat6" so when i getenv HOME, it gives me tomcat home. Am I right?
No.
The problem is that your tomcat6 service is configured to run as the "tomcat" user. (There is typically a variable in the init.d/tomcatd script that does this ...) THIS IS DONE FOR SECURITY REASONS. Don't change it unless you've done a proper risk assessment.
What you really need to do is change your web application so that it doesn't expect $HOME to be >>your<< home directory. Instead, create a webapp specific properties file that gives the location of this external (to tomcat) directory. Or better still (and best practice!) change your application so that it doesn't need to refer to an external directory at all.
I have a NetBeans RCP application that's currently working on Windows and I'm trying to make Linux compatible. The application creates folders and files and modify files as well.
It works fine on Windows without any modification but on Ubuntu it fails creating folders during start up. I know it's a permission issue.
What are my options?
Can the application itself assign the permissions it needs like by running a script using ProcessBuilder?
Thanks in advance!
It all depends on who you are when running the process on Ubuntu, and the path of the folders that you're trying to create. Does this user have permissions to create the folders in that directory? What sort of data are you writing out to disk? Can you use a platform neutral mechanism thats user oriented, like Java Preferences or perhaps:
System.getProperty("user.home")
-or-
System.getProperty("java.io.tmpdir")?
You either need to create required folders as part of a setup process or restrict your IO to folders you have access to (the users home and the temp folder). Notice that on Linux there are standard locations where many folders should be placed and that administrators will frown upon applications that do not follow these standards.
Can you tell what files/folders you need for what purpose?
Looks like the cause of the problem is the difference in path delimiter between Windows and Linux. On linux you should use normal slashes. The error mentions the path:
/home/javier\marauroa.trace.db
As the \ is not a path delimiter but the escape character it is trying to create a file in the folder /home where it does not have permissions.
The path should be:
/home/javier/marauroa.trace.db
You might want to consider putting your apps files in a subfolder called .yourappname so then it would become
/home/javier/.yourappname/marauroa.trace.db
This is what many unix applications do and hide it in normal file listings. To get the path seperator for the system your application is running on you can use the following static field:
java.io.File.seperator