All Versions
Fedora 3.8.0 (Current Release)
Fedora 3.7.x
Fedora 3.6.x
Fedora 3.5.x
More..
Old Release
This documentation covers an old version of Fedora. Looking for another version? See all documentation.
Question: I inadvertently chose SSL for API-M access when I installed Fedora, and now I want plain HTTP access to API-M functions without reinstalling Fedora. How can I reconfigure Fedora to allow non-SSL access to API-M?
Answer: In the installed webapp, the WEB-INF/web.xml
file has a <security-constraint>
block with a description of APIM. There's a <user-data-constraint>
block with a transport-guarantee value of CONFIDENTIAL. If you comment out or remove that <user-data-constraint>
block, Tomcat won't require SSL for those resources (API-M).
Instructions:
WEB-INF/web.xml
under the fedora
webapp directory in your webapp server (Tomcat, in most cases). Comment out the relevant <user-data-constraint>
block:
<security-constraint> <web-resource-collection> <web-resource-name>Fedora Repository Server</web-resource-name> <description>Fedora-generated security-constraint</description> <description>APIM</description> <url-pattern>/index.html</url-pattern> <url-pattern>/getDSAuthenticated</url-pattern> <url-pattern>/management/getNextPID</url-pattern> <url-pattern>/management/upload</url-pattern> <url-pattern>/services/management</url-pattern> <url-pattern>*.jws</url-pattern> </web-resource-collection> <!-- Commented out to disable SSL-only access to API-M functions --> <!-- <user-data-constraint> --> <!-- <transport-guarantee>CONFIDENTIAL</transport-guarantee> --> <!-- </user-data-constraint> --> </security-constraint>
Note that if you only change the web.xml
file under fedora/webapps
, your change will be lost the next time fedora.war
is redployed. To persist your changes across deployments, unpack the fedora.war
file, edit the WEB-INF/web.xml file as described above, repack the WAR and drop it back in place in your webapps
directory.