...
a. $FEDORA_HOME/tomcat/logs/catalina.out should contain no errors.
b. View your Fedora instance through a web browser: http://localhost:8080/fedora/ or http://[yourdomain]:8443/fedora
Set XACML Policies
10. Install required polices, remove some restrictive policies.
First stop Stop your Fedora instance by running:$FEDORA_HOME/tomcat/bin/shutdown.sh
Remove they deny-purge policies.
rm
mv /usr/local/fedora/data/fedora-xacml-policies/repository-policies/default/deny-purge-* ~/
Create a folder for islandora specific policies.
cd /usr/local/fedora
Navigate to $FEDORA_HOME/data/fedora-xacml-policies/repository-policies/default and create a file with the following xml -
...
...
mkdir islandora
Then copy all the policies included with islandora into the newly created "islandora" folder located here "/usr/local/fedora/data/fedora-xacml-policies/repository-policies/".
These policies will be located in the policies folder of the islandora module, here. There should be at least these 4 policies:
permit-apim-to-authenticated
...
-user.xml
permit-getDatastream-unrestricted.xml
permit-getDatastreamHistory-unrestricted.xml
permit-upload-to-authenticated-user.xml
Save as permit-apim-to-authenticated.xml.
11. Navigate to $FEDORA_HOME/data/fedora-xacml-policies/repository-policies/default/deny-apim-if-not-localhost.xml
Go to where you see <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">127.0.0.1</AttributeValue>
insert additional entries below for IPs that need to access fedora admin example your own machine or other admins. Also might want to add the systems actual IP Example:
...