If the folder is on the client's machine then, no, you can't do this without some kind of privileged client side app running.
Applets operate in a similar sandbox.
In order for them to access the client's file system, the client would either need to alter their security policy to grant your application this access or, you would need to sign your applet with a certificate from a trusted Certificate Authority (CA) such as Verisign or Thawte. Even then, the user will have to authorize this action by clicking on a popup window that lets them know what the applet is going to do.
I imagine Flash has the same restrictions.
Think of what a malicious site could get from your machine if this wasn't the case.