Our web app may be deployed to a Tomcat version 6 or higher, hence Java version 5 or higher. It may be deployed to a Tomcat running on a Windows-derivative OS or Unix-derivative OS.
We have a requirement that can be stated as follows, * The web app needs to be able to read from and write to a directory that is external to the webapp's own docBase and directory structure. * The write access needs to be unrestricted in that the web app will need to create, modify and delete files and directories within the directory (but not be able to delete the directory itself). * The directory needs to be a member of the webapp's classpath. * The directory contents must not be accessible via any url that can be directed at the webapp. (The external directory cannot be considered to be owned by the webapp. Other applications (not web applicaitons) own (in the logical sense) the directory. These applications write information to and read information from this directory. I need my web app to be a consumer and publisher of informoration in this directory without exposing any directory contents via a url). We're developing on Windows 7. In the development environment, we're simply placing the path to the external directory in the webapp's classpath in the web app's Tomcat context file. We're running Tomcat without the -security option and all works well. With the -security option, as expected, the webapp no longer has the permissions needed to read and write against the external directory with File operations. What do we need to do to configure Tomcat (running with the -security option) to allow us the access we're after to the external directory? Cheers, Baron
