Eric,
Did you configure Fedora/your servlet container for SSL? If so, does something
like the following work:
fedora-ingest-demos.sh ngdev010 8443 fedoraAdmin fedoraAdmin https
If that works, then perhaps (assuming you're using Tomcat) maybe your
server.xml is missing the redirectPort parameter on your connector.
Eddie
On 8 Dec 2011, at 3:03 AM, CERVANTES Eric wrote:
> Hello Edwin,
>
> Thanks for reply.
>
> So, I added the IP of the fedora server (not localhost) at the end of the
> rule statement in
> [...]/data/fedora-xacml-policies/repository-policies/default/deny-apim-if-not-localhost.xml
>
> [...]
> <Rule RuleId="1" Effect="Deny">
> <Condition FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
> <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or">
> <Apply
> FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of">
> <EnvironmentAttributeDesignator
> AttributeId="urn:fedora:names:fedora:2.1:environment:httpRequest:clientIpAddress"
> DataType="http://www.w3.org/2001/XMLSchema#string"/>
> <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag">
> <AttributeValue
> DataType="http://www.w3.org/2001/XMLSchema#string";>127.0.0.1</AttributeValue>
> <AttributeValue
> DataType="http://www.w3.org/2001/XMLSchema#string";>::1</AttributeValue>
> <AttributeValue
> DataType="http://www.w3.org/2001/XMLSchema#string";>0:0:0:0:0:0:0:1</AttributeValue>
> <!-- added the following IP -->
> <AttributeValue
> DataType="http://www.w3.org/2001/XMLSchema#string";>192.168.203.95</AttributeValue>
> [...]
>
> Now I got messages in /data/vDAM/fedora/client/logs when I launched
> ./client/bin/fedora-ingest-demos.sh ngdev010 8080 fedoraAdmin fedoraAdmin
> http fedora
>
> For each of the objects to be ingested they have the error :
> java.net.ConnectException: Connection refused
>
> And from the web client still 'request requires HTTP authentication'.
>
> Did I miss something with deny-apim-if-not-localhost ?
>
> -----Original Message-----
> From: Edwin Shin [mailto:ed...@fedora-commons.org]
> Sent: mercredi 7 décembre 2011 18:39
> To: Support and info exchange list for Fedora users.
> Subject: Re: [fcrepo-user] Issues with authentication
>
> Eric,
>
> By default, API-M operations are only allowed from localhost. It sounds like
> that might be the issue. If so, you can allow the ip you are using to the
> deny-apim-if-not-localhost policy, see:
>
> https://wiki.duraspace.org/display/FEDORA35/XACML+Policy+Enforcement
>
> Eddie
>
> On 7 Dec 2011, at 8:48 AM, CERVANTES Eric wrote:
>
>> Hello all
>>
>> After installing, I tried to import demo objects with the command
>>
>> ./fedora-ingest-demos.sh ngdev010 8080 fedoraAdmin fedoraAdmin http
>> fedora3
>>
>> I got logs under /client/logs/ingest-from-dir-1323269442002.xml, and
>> 100% failed, none object have been imported
>>
>> For instance, foreach object I have
>>
>> <failed
>> file="/data/vDAM/fedora3/client/demo/foxml/local-server-demos/formatting-objects-demo/obj_demo_21.xml">
>> org.fcrepo.server.errors.authorization.AuthzDeniedException:
>> </failed>
>>
>>
>> Moreover, on the http://...fedora3/
>>
>> <image003.jpg>
>> if I try to look at the "View the XML Representation of this Object"
>> of the object " fedora-system:ContentModel-3.0", I have a pop up that
>> I filled with fedoraAdmin fedoraAdmin but then I got <image004.png>
>>
>> Any help please ?
>> This email and any attachments are intended solely for the use of the
>> individual or entity to whom it is addressed and may be confidential and/or
>> privileged.
>> If you are not one of the named recipients or have received this email
>> in error,
>> (i) you should not read, disclose, or copy it,
>> (ii) please notify sender of your receipt by reply email and delete
>> this email and all attachments,
>> (iii) Dassault Systemes does not accept or assume any liability or
>> responsibility for any use of or reliance on this email.
>> For other languages, go to http://www.3ds.com/terms/email-disclaimer
>> ----------------------------------------------------------------------
>> -------- Cloud Services Checklist: Pricing and Packaging Optimization
>> This white paper is intended to serve as a reference, checklist and
>> point of discussion for anyone considering optimizing the pricing and
>> packaging model of a cloud services business. Read Now!
>> http://www.accelacomm.com/jaw/sfnl/114/51491232/______________________
>> _________________________
>> Fedora-commons-users mailing list
>> Fedora-commons-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
>
>
> ------------------------------------------------------------------------------
> Cloud Services Checklist: Pricing and Packaging Optimization This white paper
> is intended to serve as a reference, checklist and point of discussion for
> anyone considering optimizing the pricing and packaging model of a cloud
> services business. Read Now!
> http://www.accelacomm.com/jaw/sfnl/114/51491232/
> _______________________________________________
> Fedora-commons-users mailing list
> Fedora-commons-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
> This email and any attachments are intended solely for the use of the
> individual or entity to whom it is addressed and may be confidential and/or
> privileged.
>
> If you are not one of the named recipients or have received this email in
> error,
>
> (i) you should not read, disclose, or copy it,
>
> (ii) please notify sender of your receipt by reply email and delete this
> email and all attachments,
>
> (iii) Dassault Systemes does not accept or assume any liability or
> responsibility for any use of or reliance on this email.
>
> For other languages, go to http://www.3ds.com/terms/email-disclaimer
>
> ------------------------------------------------------------------------------
> Cloud Services Checklist: Pricing and Packaging Optimization
> This white paper is intended to serve as a reference, checklist and point of
> discussion for anyone considering optimizing the pricing and packaging model
> of a cloud services business. Read Now!
> http://www.accelacomm.com/jaw/sfnl/114/51491232/
> _______________________________________________
> Fedora-commons-users mailing list
> Fedora-commons-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
------------------------------------------------------------------------------
Cloud Services Checklist: Pricing and Packaging Optimization
This white paper is intended to serve as a reference, checklist and point of
discussion for anyone considering optimizing the pricing and packaging model
of a cloud services business. Read Now!
http://www.accelacomm.com/jaw/sfnl/114/51491232/
_______________________________________________
Fedora-commons-users mailing list
Fedora-commons-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
