Fedora 4 uses servlet container authentication (Realms) to provide minimal protection for your repository with a master , including the set up of "superuser" user and passwordaccounts. The superuser User credentials are configured in your web application container's properties file; once configured, , usually in a properties file or XML file. By configuring superuser accounts you can require authentication for all management (write) operations will require authentication. This document describes how to set up Fedora and either Tomcat or Jetty to enable HTTP Basic Authentication, using simple file-based usersuser files. Consult your web application server documentation for other ways to configure and manage users; Fedora can handle any user principal passed to it by the servlet container, as provisioned by any of the container's supported authentication mechanisms.
...