...
All ModeShape operations are enforced by the PEP, with the exception of the login action. Since Fedora's ModeShape login is routine, often anonymous and container-driven, the particulars are handled for you. Login is always permitted to REST clients, if you employ a PEP.
Caching
Step-by-step:
- Open the repo.xml file in your Fedora web application.
- Add your PEP implementation as a bean in this file and give it the id of "pep".
- Now add the Fedora ModeShape Authorization Provider bean. (see repo.xml example)
- Make sure that your modeshapeRepofactory bean has the depends-on attribute pointing at the authenticationProvider (see repo.xml example).
- Open your repository.json file.
- Add org.fcrepo.auth.ServletContainerAuthenticationProvider as a provider in the security section. (see repository.json example)
...