Disabling authentication and authorization means that anyone can make unauthenticated requests to Fedora and they will be allowed. For instructions on only disabling only authorization, see Bypass Authorization.
Authentication is baked into the
web.xml. In order disable it, you must either edit the
web.xml to look like this example, or instruct your container to load an alternate
web.xml. The following describes how to load an alternate
web.xml in Tomcat and Jetty.
Add an entry to your
$CATALINA_HOME/conf/server.xml that instructs the webapp to load a different
web.xml. Assuming Fedora is deployed as the fcrepo webapp, the entry should look like this:
Alternatively, you can add a context file to the
$CATALINA_HOME/conf/Catalina/localhost directory. The name of the file should be the webapp name plus
.xml. Assuming Fedora is deploy as the fcrepo webapp, then file would be called
$CATALINA_HOME/conf/Catalina/localhost/fcrepo.xml and contain
- Save a copy of the no-auth-web.xml to
- Add an entry to your
webapp/fcrepo.xml, instructing Jetty to load a different web.xml: