Stuart, This is great info. I tried doing the servicedocument request which works fine in the browser, but got this error. It seems like something is not setup?
[dsp...@pocarisweat config]$ curl -i http://blancoj.dev.deepblue.lib.umich.edu/sword/servicedocument HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 WWW-Authenticate: Basic realm="SWORD" Content-Type: text/html;charset=utf-8 Content-Length: 954 Date: Wed, 16 Jun 2010 20:03:48 GMT <html><head><title>Apache Tomcat/5.5.26 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>This request requires HTTP authentication ().</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/5.5.26</h3></body></html>[dsp...@pocarisweat config]$ -----Original Message----- From: Stuart Lewis [mailto:[email protected]] Sent: Friday, May 28, 2010 3:36 PM To: Blanco, Jose Cc: [email protected] Subject: Re: sword and authentication Hi Jose, Deposit URLS (assuming you are depositing an item into a collection) are in the form of: /sword/deposit/handle-id/collection e.g. /sword/deposit/5678/123 If you try to request that URL in a browser (HTTP verb = GET) then you will get a HTTP 501 response with the error message you are seeing, as SWORD only accepts POSTs to that URL. THerefore you can't interact with that page by requesting it n a browser. To prepare the data you'll need to create suitable packages. The following blog post explains how this is achieved in PHP for the Facebook SWORD client: - http://blog.stuartlewis.com/2009/06/02/how-does-the-facebook-sword-client-actually-work/ If you want to try POSTing some files to DSpace, there are some good examples in: - http://scm.dspace.org/svn/repo/dspace/tags/dspace-1.6.0/dspace-sword/README.txt Curl is a good tool for testing, e.g.: Authorised by dspace/dspace on a Collection: curl -i --data-binary "@dspace-sword/example/example.zip" -H "Content-Disposition: filename=myDSpaceMETSItem.zip" -H "Content-Type: application/zip" -H "X-Packaging: http://purl.org/net/sword-types/METSDSpaceSIP"; -H "X-No-Op: false" -H "X-Verbose: true" http://dspace:dsp...@localhost:8080/sword/deposit/123456789/2 I hope that helps, Stuart Lewis IT Innovations Analyst and Developer Te Tumu Herenga The University of Auckland Library Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand Ph: +64 (0)9 373 7599 x81928 On 29/05/2010, at 6:53 AM, Blanco, Jose wrote: > Stuart: > > I was able to get pass the auth. I'm working in my dev area and I'm trying > to now use deposit to see how it would work but when I try a /deposit/handle > url I get this message a 501 error with this message: > > The server does not support the functionality needed to fulfill this request > (). > > If I do the /servicedocument I get an xml page telling me what collections I > can deposit in, but when I try to deposit I get this error message. What url > would I need to deposit into a collection and how do I prepare the data. > > -----Original Message----- > From: Stuart Lewis [mailto:[email protected]] > Sent: Wednesday, May 19, 2010 5:24 PM > To: Blanco, Jose > Cc: [email protected] > Subject: RE: sword and authentication > > Hi Jose, > > The current SWORD specification only supports HTTP basic authentication. > DSpace will take the credentials passed this way and make use of the normal > authentication method to authentcate the user. > > Authentcation is required as the service document that is returned is > customised for the user based on their authorizations in the system (e.g. > which collections they can deposit into). > > The problem you will have is that CoSign is designed to be used by end users > (people), whereas SWORD authentcation is used by SWORD clients. The client > may be used by people too, but there is no way to proxy the CoSign > authentication through the SWORD client. > > (This is where oAuth might be suported in future versions of the SWORD > protocol to support this use case). > > One option you could have is to use a single eperson account for all > deposits, and perform authentication at your client. Your client would verify > the identity of user (using CoSign?), and then make the deposit using a > single set of credentials. To enable this you will need to make a second copy > of dspace.cfg, and change the authentciation plugin settings to use another > system such as LDAP or the in-built password system. Configure SWORD's > web.xml to use that new copy of dspace.cfg instead. > > This old blog post explains it slighty: > > - http://blog.stuartlewis.com/2008/05/27/shibboleth-sword-and-dspace-15/ > > We use SWORD quite a lot here in Auckland, and we are about to move to using > Shibboleth for our DSpace authentication. I'll try and write up the > configuration changes required to enable this when we make the change, and we > currently use the 'authentcate in the SWORD client and use a single deposit > account' model. This has the added advantage that for users who only ever > deposit a single item (e.g. a thesis) then we don't have thousands of > accounts left in DSpace that never get used again. > > Thanks, > > > Stuart > > ________________________________________ > From: Blanco, Jose [[email protected]] > Sent: Thursday, 20 May 2010 8:45 a.m. > To: [email protected] > Subject: [Dspace-tech] sword and authentication > > I'm trying to use sword and I'm a bit confused about how to setup the > authentication. If I configure the web.xml file to use None then the > following sword/servicedocument url is blank. From looking at the log file > it seems like I need to have some sort of authentication. What is meant by > basic authentication? Where would the userid/passwords be kept. We have > customized our dspace instance to use cosign, is this what I need to do to > use sword? For now it would be good to just get something going so I can see > how it works. I'm working on a test environment. > > Thank you! > Jose > > ------------------------------------------------------------------------------ > > _______________________________________________ > DSpace-tech mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/dspace-tech ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
