Tomcat is a
web server, not a
file server. Tomcat cannot upload files, nor can remote users access the filesystem of the Tomcat server (which would be a major security problem).
Instead, the HTTP/HTML protocols support something called multipart MIME* format, which allows different data items to be combined into a single HTTP text request, sent to the server.
In other words, you don't "upload", your client opens the file on your local system, packs it into an HTTP POST in MIME format, and sends the POST to the server, where the server-side code unpacks and decodes the request. The "file" isn't loaded, but what comes in is a copy of the data that was in the file.
Along with the data that comes in is also meta-data, including the "filename". In some versions of Internet Explorer (and possibily some non-Microsoft web browsers), this was the full client-side filesystem path. This is actually a security risk, since it tells the server things it shouldn't know about the organization of the client's computer. Most clients set the value of "filename" to the simple filename (including extensions, if present), without the directory path.
The population of the "filename" is entirely the work of the client, so Tomcat has no control over it.
Finally, the data that is uploaded to Tomcat may or
may not be actually stored in a file on the Tomcat server.
JEE doesn't require a particular media or location for uploaded "files", just that the API that accesses the file data should be able to retrieve a copy of that data. The data that was uploaded may be in an anonymous temporary file, it might simply be kept in RAM, if it's small enough, or for that matter it could theoretically be kept in a database or other storage media
---
* Originally designed for Multimedia Internet Mail Extensions, which is why it's called MIME.