...
Configure your repo.xml file
Add the beans authenticationProvider and pep to your repo.xml file, and make the modeshapeRepofactory bean dependent on authenticationProvider. Use the class org.fcrepo.auth.ServletContainerAuthenticationProvider as your authentication provider. Here is an example repo.xml that configures authentication and authorization using the Basic Roles PEP:
Code Block language xml title repo.xml with authentication configured <bean name="modeshapeRepofactory" class="org.fcrepo.kernel.spring.ModeShapeRepositoryFactoryBean" p:repositoryConfiguration="${fcrepo.modeshape.configuration:classpath:/config/rest-sessions/repository.json}" depends-on="authenticationProvider"/> <bean name="pep" class="org.fcrepo.auth.roles.basic.BasicRolesPEP"/> <bean name="authenticationProvider" class="org.fcrepo.auth.commonscommon.ServletContainerAuthenticationProvider"> <property name="pep" ref="pep"/> </bean>
Configure your repository.json file
Modify the security section to enable both authenticated (via authentication provider) and internal sessions between Fedora and ModeShape. It should match this block:
Code Block language ruby title repository.json security "security" : { "anonymous" : { "roles" : ["readonly","readwrite","admin"], "useOnFailedLogin" : false }, "providers" : [ { "classname" : "org.fcrepo.auth.commonscommon.ServletContainerAuthenticationProvider" } ] },
Configure your web application container
...