...
| Info | ||
|---|---|---|
| ||
The XACML PEP forwards authorization requests to a XACML policy decision point. It is aware of access roles and may also make determinations on the basis of a wide range of Fedora object and datastream properties. Policy sets may be customized for different part of the repository tree. For detail please see the XACML PEP. |
Authorization for
...
Non-Node REST API
...
These endpoints in the REST API will require the fedoraAdmin container role or the fedora administrator OAuth token scope:
| path | method | authorization |
|---|---|---|
| /rest/fcr:sitemap | any request, results are filtered | |
| /rest/fcr:search | any request, results are filtered | |
| /rest/fcr:namespaces | GET | any request |
| /rest/fcr:namespaces | POST | fedoraAdmin* |
| /rest/fcr:workspaces | GET | fedoraAdmin* |
/rest/fcr:tx | POST | any authenticated request |
| /rest/{txid}/fcr:tx/ | GET | TX must in in your servlet session |
| /rest/{tx:id}/fcr:tx/* | any | TX must be in your servlet session |
* or OAuth token with equivalent scopeTBD
Code Repository
The Fedora AuthN/AuthZ modules are in development here:
...