read access to the ROOT/ parent dir in tomcat on Solaris

Question

I'm running tomcat7 on SunOS 5.10 and I'm developping a webapp under the webapp/ROOT/ directory. I'm trying, within the app, to see if the webapp/foo directory is there:

String invpath = application.getRealPath( "user" ) //I also use this for something else
String soapPath = invpath.substring( 0, invpath.indexOf( "ROOT/user" ) ) + "foo";
            out.print(soapPath);
            //test if SOAP is installed
            File soap = new File( soapPath );
            if( soap.exists() )   //this is the line he doesn't like much
            {//html code}

but tomcat throws me:

org.apache.jasper.JasperException: An exception occurred processing JSP page /content/home.jsp at line 83

java.security.AccessControlException: access denied ("java.io.FilePermission" "/path/to/tomcat/webapps/foo" "read")

And the absolute path to the directory is the good one.

I do have read permissions for everyone on this directory, and when I run this code on a debian machine it works fine... I barely know Solaris/SunOS (but I do know linux rather well), so my mistake might be very stupid!

Answer 1

So it appears that tomcat was launched with the -security parameter which basically prevents access to almost eveything unless mentionned in the Security Manager configuration file (conf/catalina.policy)... Documentation here: http://tomcat.apache.org/tomcat-7.0-doc/security-manager-howto.html