...
Answer: Fedora's default server security settings disallow remote administrative access. This restriction can be relaxed by modifying or removing a particular policy, or disabling policy enforcement.
Instructions:
Either:
1. Modify (or removing) the deny-apim-if-not-localhost.xml policy file.
See the default policy documentation in the user guide:
http://www.fedora-commons.org/confluence/display/FCR30/Fedora+Authorization+with+XACML+Policy+Enforcement
...