...
The permissions granted to these roles are fixed. This authorization delegate makes decisions in Java code, rather Rather than consulting any kind of declarative policy, this authorization delegate has hard-coded role-permission assignments in the source code.
Role/Permission Matrix
metadata reader | reader | writer | admin | |
---|---|---|---|---|
read properties | X | X | X | X |
read content | X | X | X | |
write | X | X | ||
write roles | X |
...
<bean name="modeshapeRepofactory" class="org.fcrepo.kernel.spring.ModeShapeRepositoryFactoryBean" <bean name="fad" class="org.fcrepo.auth.roles.basic.BasicRolesAuthorizationDelegate"/> <bean name="authenticationProvider" class="org.fcrepo.auth.common.ServletContainerAuthenticationProvider"> <property name="fad" ref="fad"/> |
---|
Edit your repository.json file to enable an authenticated internal session between Fedora and ModeShape, such so that the security section matches the example shown:
...