How does Tomcat interact with filesystem file permissions

Brian J. Sayatovic Wed, 23 Mar 2005 17:38:39 -0800

I'm curious to know how Tomcat interacts with file permissions in the native filesystem. For example, I'm running Tomcat 5.5 on Windows XP SP2 as a service under the Local System account. I'm also using Tagisj JAAS as a JAAS Realm so Tomcat can use my XP credentials.

I have my default context set to a directory with some static HTML content. I also have folders in that directory that have reestricted permissions to certain groups I have defined in XP. However, just hitting my website as an anonymous user, Tomcat willingly lets people into those folders. Instead, I've had to put security constraints in my web.xml listing the groups that I wanted the folders restricted to.

So is all file access from the DefaultServlet performed as the Local System account?

Regards,
Brian.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

How does Tomcat interact with filesystem file permissions

Reply via email to