Validate the result of concatenation with getRealPath("*/")

This rule flags Java code that has references to the following methods and parameters:

• javax.servlet.http.HttpServletRequest.getRealPath("*/")
• javax.servlet.ServletContext.getRealPath("*/")
• javax.servlet.ServletRequest.getRealPath("*/")

In WebLogic, these method calls will return a String that does not end with a forward slash. In Liberty and traditional WebSphere, the return value will end with a forward slash. As a result, String concatenation with this method may point to a valid file in WebLogic, but not in WebSphere. For each method call flagged, check that any code using the result accounts for the addition of a trailing slash in WebSphere.

For example, assume that you have installed an exploded war to /path/app.war. Then calling getRealPath("/WEB-INF/") has the following results:

• WebLogic: /path/app.war/WEB-INF
• WebSphere: /path/app.war/WEB-INF/