...
The superuserrole is fedoraAdmin. This is comparable to the fedoraAdmin superuser role in Fedora 3, used for Fedora 3 API-M operations.
Table of Contents |
---|
Configure your repo.xml file
Add the beans authenticationProvider and pep to your repo.xml file, and make the modeshapeRepofactory bean dependent on authenticationProvider. Use the class org.fcrepo.auth.ServletContainerAuthenticationProvider as your authentication provider. Here is an example repo.xml that configures authentication and authorization using the Basic Roles PEP:
Code Block language xml title repo.xml with authentication configured <bean name="modeshapeRepofactory" class="org.fcrepo.kernel.spring.ModeShapeRepositoryFactoryBean" p:repositoryConfiguration="${fcrepo.modeshape.configuration:classpath:/config/rest-sessions/repository.json}" depends-on="authenticationProvider"/> <bean name="pep" class="org.fcrepo.auth.roles.basic.BasicRolesPEP"/> <bean name="authenticationProvider" class="org.fcrepo.auth.ServletContainerAuthenticationProvider"> <property name="pep" ref="pep"/> </bean>
Configure your repository.json file
Add or modify the security section to enable an authenticated internal session between Fedora and ModeShape. It should match this block:
Code Block language ruby title repository.json security "security" : { "anonymous" : { "roles" : ["readonly","readwrite","admin"], "useOnFailedLogin" : false }, "providers" : [ { "classname" : "org.fcrepo.auth.ServletContainerAuthenticationProvider" } ] },
Configure your web application container
...