I'm running tomcat7 on SunOS 5.10 and I'm developping a webapp under the webapp/ROOT/ directory. I'm trying, within the app, to see if the webapp/foo directory is there:
String invpath = application.getRealPath( "user" ) //I also use this for something else
String soapPath = invpath.substring( 0, invpath.indexOf( "ROOT/user" ) ) + "foo";
out.print(soapPath);
//test if SOAP is installed
File soap = new File( soapPath );
if( soap.exists() ) //this is the line he doesn't like much
{//html code}
but tomcat throws me:
org.apache.jasper.JasperException: An exception occurred processing JSP page /content/home.jsp at line 83
java.security.AccessControlException: access denied ("java.io.FilePermission" "/path/to/tomcat/webapps/foo" "read")
And the absolute path to the directory is the good one.
I do have read permissions for everyone on this directory, and when I run this code on a debian machine it works fine... I barely know Solaris/SunOS (but I do know linux rather well), so my mistake might be very stupid!
So it appears that tomcat was launched with the -security parameter which basically prevents access to almost eveything unless mentionned in the Security Manager configuration file (conf/catalina.policy)...
Documentation here: http://tomcat.apache.org/tomcat-7.0-doc/security-manager-howto.html