More than likely, you're being blocked by the default policies, which only allow certain API-M functions to the admin via localhost.
This page should be able to help you out: https://wiki.duraspace.org/display/FEDORA34/XACML+Policy+Enforcement#XACMLPolicyEnforcement-DEFAULTPOLICIES You'll need to either turn off policy enforcement in fedora.fcfg, or put a policy in place that allows API-M access via your host. -- Scott On 11/09/2011 12:56 PM, Mark Jordan wrote: > Hello, > > I am setting up a new install of Fedora Repository 3.4.2 (as required by > Islandora) and cannot ingest objects directly into FR. I have verified that > the fedoraAdmin credentials I am using when I try to ingest the demo objects > using the CLI and objects using the web administrator are correct, as per > fedora-users.xml. I can also connect to the mysql database successfully. I > include my install.properties at the end of this message (fesl off, xacml > on). I am not using localhost as the fedora.serverHost, I am using the public > hostname for my test server (represented below as myhost.tld). > > Here's what happens: > > 1) When I try to ingest the demo objects using the following: > > sudo -i /usr/local/fedora/client/bin/fedora-ingest-demos.sh myhost.tld 8080 > fedoraAdmin xxxxxx http > > I am told "WARNING: 41 of 41 objects failed. Check log.", which contains 41 > errors like this: > > <failed > file="/usr/local/fedora/client/demo/foxml/local-server-demos/document-transform-demo/demo_XML_TO_HTMLDOC.xml"> > org.fcrepo.server.errors.authorization.AuthzDeniedException: > </failed> > > 2) When I go to http://myhost.tld:8080/fedora, I am asked to authenticate > using HTTP basic from tomcat. I can do so using the fedoraAdmin credentials. > When I then go to http://myhost.tld:8080/fedora/admin, I see the Connect to > Repository dialog and can click through. I can search, but when I try to > ingest an object, I get a 401 error. > > Anybody got any suggestions as to why fedoraAdmin is not able to authenticate? > > TIA, > > Mark > > #Install Options > #Tue Nov 08 19:59:40 PST 2011 > ri.enabled=true > messaging.enabled=false > apia.auth.required=false > database.jdbcDriverClass=com.mysql.jdbc.Driver > ssl.available=false > database.jdbcURL=jdbc\:mysql\://localhost/fedora3?useUnicode\=true&characterEncoding\=UTF-8&autoReconnect\=true > database.password=XXXXX > database.mysql.driver=included > database.username=fedoraAdmin > fesl.authz.enabled=false > tomcat.shutdown.port=8005 > deploy.local.services=true > xacml.enabled=true > database.mysql.jdbcDriverClass=com.mysql.jdbc.Driver > tomcat.http.port=8080 > fedora.serverHost=myhost.tld > database=mysql > database.driver=included > fedora.serverContext=fedora > llstore.type=akubra-fs > tomcat.home=/usr/local/fedora/tomcat > fesl.authn.enabled=false > fedora.home=/usr/local/fedora > database.mysql.jdbcURL=jdbc\:mysql\://localhost/fedora3?useUnicode\=true&characterEncoding\=UTF-8&autoReconnect\=true > install.type=custom > servlet.engine=included > fedora.admin.pass=XXXXX > > ------------------------------------------------------------------------------ > RSA(R) Conference 2012 > Save $700 by Nov 18 > Register now > http://p.sf.net/sfu/rsa-sfdev2dev1 > _______________________________________________ > Fedora-commons-users mailing list > Fedora-commons-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/fedora-commons-users -- Scott Prater Library, Instructional, and Research Applications (LIRA) Division of Information Technology (DoIT) University of Wisconsin - Madison pra...@wisc.edu ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ Fedora-commons-users mailing list Fedora-commons-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
