...
Extension Point: AuthenticationProvider The AuthenticationProvider is a ModeShape interface that allows implementations to authenticate JCR sessions on the basis of custom credentials. Implementations may create a custom security context here that implements highly granular JCR authorization. See https://docs.jboss.org/author/display/MODE/Custom+authentication+providers |
|---|
Reference Implementation: ServletAuthenticationProvider Fedora ships with a AuthenticationProvider that checks for proper Fedora user roles before session creation. It creates a security context the implements the Fedora user-based authorization endpoint. |
|---|
Reference Implementation: OAuthAuthenticationProvider Fedora ships with an authentication provider that verifies OAuth token credentials and creates a special OAuth security context for new sessions that implements OAuth-based authorization. |
|---|
Authorization (DRAFT)
Fedora 4 will intercept JCR operations in order to enforce policies that are based on the Fedora object model and other node characteristics. While a single Fedora API call may span several JCR operations, these will be joined by a JCR transaction and may all fail together due to a permission check.
...