Versions Compared

Old Version 18

changes.mady.by.user David Wilcox

Saved on

compared with

New Version 19

changes.mady.by.user Osman Din

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The permissions granted to these roles are fixed. This authorization delegate makes decisions in Java code, rather Rather than consulting any kind of declarative policy, this authorization delegate has hard-coded role-permission assignments in the source code.

Role/Permission Matrix

 metadata readerreaderwriteradmin
read propertiesXXXX
read content XXX
write  XX
write roles   X

...

<bean name="modeshapeRepofactory" class="org.fcrepo.kernel.spring.ModeShapeRepositoryFactoryBean"
  depends-on="authenticationProvider">
    <property name="repositoryConfiguration" value="${fcrepo.modeshape.configuration:repository.json}" />
</bean>
<bean name="fad" class="org.fcrepo.auth.roles.basic.BasicRolesAuthorizationDelegate"/>
<bean name="authenticationProvider" class="org.fcrepo.auth.common.ServletContainerAuthenticationProvider">
          <property name="fad" ref="fad"/>
</bean>

Edit your repository.json file to enable an authenticated internal session between Fedora and ModeShape, such so that the security section matches the example shown:

...