Fedora will accept unauthenticated requests and apply authorizations with the acl:agentClass of foaf:Agent (per the "Public Access (All Agents)" section of the SOLID WebAC spec). However, since authentication is presumed to be external to Fedora, the exact way you configure your repository to allow these requests will be dependent on the other features of your deployment (e.g., your application server, reverse proxy, etc.).
| Info | ||
|---|---|---|
| ||
That being said, the Shiro architecture brings the possibility of bringing Shiro's authentication realms into Fedora's configuration. Long-term, this opens the door to allowing Fedora to control the presence or absence of authentication for individual resources. |