1

I'm trying to make a REST call to fedora-commons 3.8.1 and I continually get "401 Unauthorized" errors. I googled it and found that I need to make sure:

<param name="ENFORCE-MODE" value="permit-all-requests"/>

Is set in the Authorization module, which I did. Seems like an easy enough fix. I restarted my server and still get the same error.

cwittah
  • 349
  • 1
  • 3
  • 17
  • Okay I've also played around with the files in the REPOSITORY-POLICIES-DIRECTORY specified in the fcfg file. I've removed individual policies that look like they might cause this and also removed all policies entirely and still get the same 401: Unauthorized error. – cwittah Nov 13 '15 at 17:12
  • Also tried to uncomment the "serviceSecurityDescription" lines from beSecurity.xml in the conf directory (no idea what this file does). Still same result. – cwittah Nov 13 '15 at 17:36

1 Answers1

1

There's a spring configuration in the fedora/config area that seems to be overriding enforce-mode (at least in this version).

Fixed this by modifying the fedora/server/config/spring/web/web.properties file:

#Spring override properties
#Fri Jan 23 08:32:41 GMT-05:00 2015
security.ssl.api.management=ANY_CHANNEL
security.auth.filters=AuthFilterJAAS
#security.fesl.authN.jaas.apia.enabled=true
security.fesl.authN.jaas.apia.enabled=false
fedora.port=8080
security.fesl.authZ.enabled=false
#fedora.port.secure=8080
fedora.port.secure=8443
security.ssl.api.default=ANY_CHANNEL
security.ssl.api.access=ANY_CHANNEL
cwittah
  • 349
  • 1
  • 3
  • 17