I've searching for this for a while now online (Google, and StackOverflow), but haven't yet come across this question. Maybe my query is not correct (please redirect then!)
I've developed and set up a WebApp on TomCat 6 under Linux. Tomcat isn't running in a virtual host environment yet, I have full control over server. Therefore, .war file is saved to Tomcat's standard deploy dir. The issue I have is with images: different web services provide differently-sized images which need to be presented in uniform sizes.
I download them and resize them without problems, but have to store a local copy of the image as this takes some time if done real-time, plus a lot of bandwidth waste. I don't save them under the .war's temp dir under Tomcat, due to case where a server shutdown would force me to reload all images.
I have created a different directory under /home/username/images, which I then serve under a different subdomain through regular Apache, and the HTML code generated in the .jsp is simply a correct URL to the file. Works great if the image doesn't exist. However, due to permission issues, the Tomcat instance cannot remove or overwrite files already created, even though I've marked the folder where images are stored with 777 permissions. As an aside, I don't see need to give it 777 perms, but with 755 (for example), I had permission issues even when trying to save a new file.
So: is there a better solution (I considered database, but the images dir is now 250mb, and I see no need to overload the db so much)?
Don't store the images in the database. Your /home/user/www.example.com/resources approach is in the correct direction, just sort out the privileges issue. Make sure the path is in a group where the user who runs tomcat (tomcat?) belongs in and reduce the 777 because it's too broad.
It is a little unclear as to whether tomcat and another user are writing, or only tomcat.
If it is only tomcat, the directory in question should be owned by tomcat, and the permissions can be either 750 (setting the group to match apache's group) or 755 (the group doesn't matter, anyone on the machine can read the files).
Note that if some other user is writing files, you have to be trickier. In that case, you need 775, user tomcat, group tomcat, and put the additional user(s) in the tomcat group. If those users are in multiple groups, you can use the group sticky bit on the directory to force the group to remain tomcat. In this case, anyone on the machine can read those files.
The documentation for chown and chmod should be of great help.
(Yes, I do realize that this question is very old, but the same principles apply, and no one seemed to give a clear answer).
What specifically is happening with the permissions? Tomcat will be running as some userid (say tomcat1) and will be creating files presumably owned by the same user (tomcat1). If your files are being created with a different owner, then that will explain why you can't overwrite existing downloads and you'll need to work out why the ownership is differen. If it's not ownership, then are the files being created without write permission to the user. In this case, consider explicitly setting the permissions on each file saved to allow the owner to write to it, or change the umask of the user account.
Related
I have a JAVA application that needs to store profile pictures that user uploaded.
My project already finish and works fine.
//in my LOCALHOST i use this path:
File file = new File("C:/myProject/uploads/profile_images");
So, now I want deploy this project, i'm using jelastic environment and the question is:
Where should these files (pictures) be stored in our Jelastic ?
I already tried in the same code but doens't work.
I already tried save the files in WebContent folder, work, but when I expand a new .war file, the files that user has uploaded are overrides.
I read about save files in mySql, is a good idea?
Thank for your atention.
Local filesystem is persistent, but make sure to define in 'volumes' if your node has it to ensure files are kept during image redeploy. You can also use Jelastic storage node, but only worthwhile if you're using multiple application nodes.
See https://docs.jelastic.com/docker-volumes for details about how to use the volumes feature - if your node doesn't have this feature it is not based on Docker (not all node types were converted yet). In that case you can write to the filesystem without any risk of those files going missing (i.e. it will behave the same as a dedicated server or your local dev machine).
We have this JAVA webservice that runs on tomcat 9(installed by root).
The webservice creates a generic file log for our client. The problem is only the root user can read and access the file that is being generated.
My question is can I change the output file to be readable for all users by default? (without using chmod everytime the file is generated)
Should it be on code level or configure it on linux?
I have read about this https://docs.oracle.com/javase/tutorial/essential/io/file.html.
But one of our old redhat servers dont have a code level config on its webservice and its working fine.
Thanks
You should not be looking at this from a "java io" side of things.
This is a user permission problem. In other words: probably your tomcat servers shouldn't be running as root in the very first place.
Consider creating a special user that is used to run your tomcat instance. Here you can find guidance how you could do that for an Ubuntu system. And your favorite search engine will for sure know similar links for your favorite Linux distribution, too.
That might also be better from a security perspective: do you really want that people attacking your tomcat ... end up being root on your system if they succeed?!
Long story short: your problem is not some java code within tomcat that writes files; and then other users on your system being unable to access those files. Your problem is that your tomcat service is running as root! Fix the later; and your "initial" problem will be fixed, too.
Final word of warning though: I am not saying that it is easy to change the user setup for you. Maybe it is; but especially if your setup is using "root" for a long time, then there is a certain chance that other things you put in place rely on "being root". So, "not being root" is the right direction; but it might be a painful path to get there, from where you are now.
I have a .war file published on Apache Tomcat 7.0. The application accesses a folder and displays the filenames of the files inside. This is working perfectly when the folder is on the local machine. However when the folder in on the Network server (accessed through \\192.168.x.xx\foldername) then the application can't access it and displays "No files found").
We've tried searching for a possible solution but didn't find anything that seemed related to this specific issue. We also tried the usual solutions like granting access (sharing), running the application as Administrator, even checking Tomcat users settings but nothing worked. So my question is, what do we need to do to allow the application to access that network folder. I also should mention that when the application is running from Eclipse, it can access the folder without any problems. Thanks.
This has nothing to do with Tomcat. For one, \\host\share is the Windows-specific way to access a CIFS/SMB share from an Explorer window; it won't work on *nix where you have to mount the share to a directory. If you're willing to change the code in the war, take a look at Java open file on shared location or at JCIFS. Or if you map the share to a network drive, you can do z:\....
You can trick it out by modifying the service properties not to use Local System account and explicitly put the account that already has privilege. (even though you are already logged in using it)
I hope it helps.
I'm writing a Java application which requires a number of resource files (there will be about 100 files of 20-40K each). They are not edited by the user, but will require periodic updates (the application will have a function to check for changes to the resource files and download them). Ideally, the application should be cross-platform.
Allowing write access to a subdirectory of the program directory is generally frowned upon. If I was doing it as a Windows application I might put them in Application Data, but that's not going to fly cross-platform. What would be the best place to put them?
I would typically create a directory (name starting with a period ".") in user's home directory (System.getProperty("user.home") if I am not mistaken) and use that for application specific storage. Alternatively, you could take the directory name from user at the time of application installation.
Have a directory you use to keep these files in. Put that information in a properties configuration file. When you start up load the configuration file from your application install directory. From that properties file it tells you where to find your file directory. When your installer runs it can write out this configuration file for the platform you are installing on, and that can be OS specific.
Provide a configurable location, but default to a directory in the user's home directory, or in an OS-specific location.
You'll have to deal with this in a platform-specific way no matter what. You have a few options under OS X, though. For unix-like systems either a home directory, or perhaps something under /var.
That said, I don't believe a program managing its own data in its own directory is a bad thing; consider a program with an embedded database or similar. It's much more reliable to use an app home directory.
We have to make a Java application demo available on Internet using JWS. It goes pretty well; all that's missing is making working directory files available for the application.
We know about the getResource() way... The problem is that we have different plugins for the same application and each one require different files (and often different versions of the same files) in their working directory to work properly. So we just change the working directory when we want the application to have a different behavior.
Currently, the demo is packaged in a signed jar file and it loads correctly until it requires a file from the working directory. Obviously, the Internet users of this demo don't have the files ready. We need a way to make these files available to the WebStart application (read/write access) in its working directory.
We've thought of some things, like having the application download the files itself when it starts, or package them in the jar and extract them on startup.
Looking for advices and/or new ideas. I'll continue working on this... I'll update if I ever find something reliable.
Thank you very much!
I said I would share what I found in my research for something that would fit my needs. Here's what I have so far.
I have found that the concept of current working directory (CWD) does not really make sense in the context of a Java Web Start (JWS) application. This had for effect that I stopped trying to find the CWD of a JWS and started looking for other options.
I have found that (no, I didn't know that) you can refer (using getResource()) to a file in the root directory of a JAR file by simply adding a '/' in front of its name. ("/log4j.properties", for example.) The impact of this is that I can now take any file which is only referred to in a read-only manner in the root of that JAR file (which is really only a ZIP file). You can refer to any file in the root of the JAR file using AnyClass.class.getResourceAsStream. That rules out the problem with read-only files required to run the application, at the cost of a switch in the code telling whether the application is run from a valid CWD or from a JWS context. (You can very simply set a property in the JNLP file of the JWS application and check if that property is set or not to know where to look for the file.)
For write-only files (log files in my case), I used the property , adding a directory with the name of the application: <user.home>/.appname and added log files to it.
Read/write files (which I don't have in my case) would probably simply go at the same place than write-only files. The software could deal with uploading them somewhere if needed, once modified, I guess.
That's the way I deal with the problem for now.
Note there is a service you can explicitly ask for, to get file access to the computer (unless you go all the way and ask for full access (which requires signed jar files)).
Then you need to determine where these files need to go - basically you have no idea what is where and whether you may actually write anywhere. You can create tmp-files but those go away.
Would a file system abstraction talking to the JNLP-server do so you store the users data on the server?