Time/Place
This meeting is a hybrid teleconference and IRC chat. Anyone is welcome to join...here's the info:
- Time: 11:00am Eastern Daylight Time US (UTC-4)
- Dial-in Number: (712) 775-7035
- Participant Code: 479307#
- International numbers: Conference Call Information
- Web Access: https://www.freeconferencecallhd.com/wp-content/themes/responsive/flashphone/flash-phone.php
- IRC:
- Join the #fcrepo chat room via Freenode Web IRC (enter a unique nick)
- Or point your IRC client to #fcrepo on irc.freenode.net
Attendees
- Danny Bernstein
- Aaron Birkland
- Jared Whiklo
- Peter Eichman
- Joshua Westgard
- Yinlin Chen
- Ben Pennell
- Andrew Woods
- Mohamed Mohideen Abdul Rasheed
- Carrick Rogers
- David Wilcox
- Longshou Situ
- Justin Merz
Agenda
Update from "Alignment to Spec" sprint
- Mechanism for disabling versioning? Is there an alternative to DELETE on the LDPCv?
- WebAC is enabled by default, are there thoughts on deploy-time configuration to disable WebAC?
- Example credentials... Strings or URIs?
- Jetty NamespaceHandler error
- Oxford Common Filesystem Layout
Tickets In-Review
- Questions from DCFUG meeting about the URIs that Fedora exposes
Ticket Summaries
Please squash a bug!
Tickets resolved this week:
Tickets created this week:
Minutes
- API spec alignment sprint updates/questions
- Disabling versioning:
- spec specifies how to turn on versioning, but not clear how to disable versioning
- one approach is to DELETE timemap (LDPCv)
- deletes all Mementos; could be overkill if you want to retain prior versions
- use cases?
- migration from versioned to unversioned repo
- more important for server-managed versioning
- less important for client-controlled versioning like we are doing it now
- suggestions
- disable write to the LDPCv via ACLs
- original resource should still be marked as versionable using the link header, just that new versions cannot be created
- versionable = has timemap
- auto-versioning:
- should the server act as a proxy for the user?
- or should it always create versions?
- create a user to represent the server?
- is the server always a superuser? (as in the current implementation)
- not yet specified in the spec
- how does a client tell if a resource is presently versionable?
- not possible without trying to create a version
- if versions are server-managed, then the time-map is read-only?
- or writes are restricted to the server user
- creating a server user is the most transparent option for the ACL approach
- WebAC enabled by default
- WAR file: yes
- mvn jetty:run: yes
- one-click JAR: NO (to retain its one-clickablity)
- there is interest in having a switch to disable WebAC at deploy-time for WAR file
- web.xml defining AuthN policy makes this tricky
- UMD created additional AuthnNZ config to allow mixed authenticated and unauthenticated access
- Tomcat-specific (valves and shared-session login realm)
- AuthN can happen in all sorts of ways, not just servlet-container-specific
- seems possible to configure read-only access in web.xml
- should be able to enable WebAC with a default "anonymous" user
- can we remove the authN requirement from web.xml?
- rely on Apache or other front-end authn that provides principals to Fedora
- would need some way to (opt-in) specify a default "anonymus" user
- Example credentials: URIs vs strings:
- WebAC requires agents to be URIs
- therefore, example credential usernames should be URIs
- but there are practical concerns, mostly due to colons (disallowed by HTTP Basic Auth)
- decision: punt on this (keep example usernames as strings)
- Disabling versioning:
Actions
- Bring the proposal to disable versioning using a read-only LDPCv to the Fedora spec editors
- Document UMD's custom authNZ Tomcat configuration (Peter Eichman)