Java-Glassfish-Web服务-本地文件访问
[英]Java - glassfish - web service - local file access
问题描述
I am running a webservice using glassfish server on Ubuntu. 
我在Ubuntu上使用glassfish服务器运行Web服务。 The problem is - it is required to access a directory outside of its shared resource. 问题是-需要访问其共享资源之外的目录。 Presently it is giving an error saying "Permission Denied". 目前,它给出了一个错误,提示“权限被拒绝”。 I set a permission into server.policy too. 我也对server.policy设置了权限。
grant codeBase "/home/glassfish/glassfish/test/-" {
permission java.security.AllPermission;
};
But it seems not working. 但似乎不起作用。 I tried <property name="alternatedocroot_1" value="from=*.* dir=/home/glassfish/glassfish/test"/> , but it seems it is giving only reading permission. 我试过<property name="alternatedocroot_1" value="from=*.* dir=/home/glassfish/glassfish/test"/> ,但似乎只提供阅读权限。 I need write permission also. 我还需要写许可。 So my question is how can I set the write permission ? 所以我的问题是如何设置写权限?
Thanks. 谢谢。
1 个解决方案
解决方案1
0 2012-04-20 01:25:16
This is not a JavaSecurity problem so you shouldn't need to tweak anything in that regard. 这不是JavaSecurity问题,因此您不需要在这方面进行任何调整。
FWIW our web-apps deployed to GF on various flavors of Windows write to directories which are outside of the 'Application' directory using File APIs. FWIW我们的Web应用程序是在Windows的各种风格上部署到GF的,使用File API将其写入“应用程序”目录之外的目录。 alternatedocroot pertains to GF serving static content using the DefaultServlet not to writing outside of the Application deployment directory. Alternativedocroot适用于使用DefaultServlet提供静态内容的GF,而不是在Application部署目录之外进行写入。
On windows when you run as Service you have to be careful that the 'Run As' user has proper permissions to write to the target directory, on Unix you need to make sure the user set by your rc (init.d) scripts that runs asadmin.sh has permissions to read/write to the target directory. 在Windows上以Service身份运行时,必须注意“运行方式”用户具有写入目标目录的适当权限,在Unix上,您需要确保由运行的rc(init.d)脚本设置的用户asadmin.sh有权读取/写入目标目录。
I would double check the the user that the java process GF is running under has rwx permissions on the directory your are trying to write to. 我会仔细检查运行GF的Java进程的用户对您要写入的目录具有rwx权限。 Make sure that user can write to the target folder. 确保用户可以写入目标文件夹。 To test this you can su to the user and use the 'touch' command like so: touch /tmp/test and verify write permissions that way. 要对此进行测试,您可以向用户求助,并使用'touch'命令,如下所示:触摸/ tmp / test并以此方式验证写入权限。 Verify read permissions similarly by running 'ls -l /tmp/test' to make sure you can read it. 通过运行'ls -l / tmp / test'以类似方式验证读取权限,以确保您可以读取它。
See what 'ps -ef | 看看什么'ps -ef | grep java' shows to verify the user running the GF java process. grep java'显示验证运行GF java进程的用户。 Additionally in your code try specifying a full path to the test file, eg. 另外,在您的代码中,尝试指定测试文件的完整路径,例如。 File test = new File("/tmp/test"); 文件测试=新文件(“ / tmp / test”);
Are you running GF from an rc script or are you starting it using asadmin.sh from a shell prompt? 您是从rc脚本运行GF,还是从shell提示符下使用asadmin.sh启动GF? If you are running an rc script check that your rc script is really running it as the user you expect it to be. 如果您正在运行rc脚本,请检查rc脚本是否确实以您期望的用户身份运行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.