stackoom
  简体   繁体   中英

access denied (“java.io.FilePermission” “[file path]” “delete”)

 原文  2016-08-10 09:40:25       java/ tomcat

Question

I'm facing a problem when trying to delete files I uploaded to my local Tomcat 7 server.

Here's my upload, delete and checkDelete methods :

PS : UploadedFile class is from Primefaces framework 

private static final String destination=System.getProperty("user.dir")+"\\GED\\documents\\";

public static boolean uploadToServer(UploadedFile file) {

    boolean done = false;
    try {

        byte[] bytes;

        bytes = file.getContents();
        String filename = FilenameUtils.getName(file.getFileName());
        File dossier = new File(destination);
        dossier.setExecutable(true,true);
        dossier.setReadable(true,true);
        dossier.setWritable(true,true);

        if(!dossier.exists())
            dossier.mkdirs();

        if(dossier.exists())
        {
            BufferedOutputStream stream = new BufferedOutputStream(new FileOutputStream(new File(destination+filename)));
            stream.write(bytes);
            stream.close();

            done = true;
        }
    } catch (IOException e) {
        e.printStackTrace();
    }
    return done;
}

public static boolean deleteFromServer(String fileName) {

    boolean done = false;

    File f = new File(destination+fileName);

        if(f.exists() && f.isFile())
        {
            try {
                done = f.delete();

            } catch (SecurityException e) {
                e.printStackTrace();
            }
        }
    return done;
}

public static boolean checkDelete(String fileName)
{
    SecurityManager manager = new SecurityManager();
    try{
        manager.checkDelete(destination+fileName);
    }
    catch(SecurityException e){
        e.printStackTrace();
        return false;
    }
    return true;
}

before calling my deleteFromServer method, I call the checkDelete method to check if I have the permissions before performing the delete, and I get the following exception message : 

java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\apache-tomcat-7.0.68\bin\GED\documents\file.txt" "delete")

I read about modifying the catalina.policy file, but I really couldn't grasp how to do it, and I want a solution which will not cause any security issues in my server.

PS : My application is a JSF web application

EDIT : the full stack trace : 

java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\apache-tomcat-7.0.68\bin\GED\documents\pic.jpg" "delete")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkDelete(SecurityManager.java:1007)
at Util.FileManaging.checkDelete(FileManaging.java:71)
at ServiceImpl.DocumentServiceImpl.delete(DocumentServiceImpl.java:206)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:281)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208)
at com.sun.proxy.$Proxy177.delete(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.el.parser.AstValue.invoke(AstValue.java:279)
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:273)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87)
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
at javax.faces.component.UICommand.broadcast(UICommand.java:315)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:646)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.primefaces.webapp.filter.FileUploadFilter.doFilter(FileUploadFilter.java:78)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at Util.AuthorizationFilter.doFilter(AuthorizationFilter.java:35)
at org.omnifaces.filter.HttpFilter.doFilter(HttpFilter.java:108)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2517)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2506)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)

EDIT, here's the FilePermission I'm using : 

java.io.FilePermission "C:/apache-tomcat-7.0.68/bin/GED/documents/-", "delete";

1 answers

solution1
 0 ACCPTED  2016-08-11 09:39:25

So, I changed my checkDelete method's code to the following : 

public static boolean checkDelete(String fileName)
{
    SecurityManager manager = System.getSecurityManager(); //instead of new SecurityManager();
    try{
        if (manager != null)
            manager.checkDelete(destination+fileName);
    }
    catch(SecurityException e){
        e.printStackTrace();
        return false;
    }
    return true;
}

java Doc : https://docs.oracle.com/javase/7/docs/api/java/lang/SecurityManager.html

This method returns true, and my hosted files are deleted from the server without having to modify any catalina file.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question access denied (“java.io.FilePermission” “execute”) java.io.FilePermission - access denied access denied (“java.io.FilePermission”) java.security.AccessControlException:access denied(“java.io.FilePermission” “File path” “write” ) Signed Java Applet access denied java.io.FilePermission read Java RMI Tutorial - AccessControlException: access denied (java.io.FilePermission java.security.AccessControlException: Access denied (java.io.FilePermission Facebook API: access denied (java.io.FilePermission read) access denied (“java.io.FilePermission” “<filename>” “read”) Java.security.Access.ControlException: access denied(“java.io.FilePermission” “[object file]” “read”)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM