One very practical way to deal with this problem is to run the tomcat servlet container behind apache httpd and delegate all the authorization stuff to apache httpd configuration. Of course the original ports from tomcat aren't shown to the outside world (by firewall configuration).
Several Fedora administrators I know have chosen this type of configuration. --Jörg Knappen Zitat von Andrés Campanario <andrescampana...@gmail.com>: > How do I turn off API-A? > > That is, how restrict access to a user or IP > > I tried to create a user and a role that can only access > deny-apia-if-not-tomcat-role.xml.<https://wiki.duraspace.org/download/attachments/30221066/deny-apia-if-not-tomcat-role.xml?version=1&modificationDate=1218795357321> > as > I found in > > http://www.openplanetsfoundation.org/blogs/2013-05-20-adventures-setting-access-controls-fedora-commons-repository > > But I can make a call to listDatastreams API-A and get results > > I need activate Fesl authentication? > > Thanks for any help! > > -- > *Andres Campanario* > http://www.andrescampanario.es > http://www.linkedin.com/in/andrescampanario ------------------------------------------------------------------------------ Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk _______________________________________________ Fedora-commons-users mailing list Fedora-commons-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
