...
a. $FEDORA_HOME/tomcat/logs/catalina.out should contain no errors.
b. View your Fedora instance through a web browser: http://localhost:8080/fedora/ or http://[yourdomain]:8443/fedora
Set XACML Policies
10. Install required polices, remove some restrictive policies.
First stop Stop your Fedora instance by running:$FEDORA_HOME/tomcat/bin/shutdown.sh
Remove they deny-purge policies.
rm
mv /usr/local/fedora/data/fedora-xacml-policies/repository-policies/default/deny-purge-* ~/
Create a folder for islandora specific policies.
cd /usr/local/fedora
Navigate to $FEDORA_HOME/data/fedora-xacml-policies/repository-policies/default and create a file with the following xml -
...
...
mkdir islandora
Then Copy all the policies included with islandora into the repository policies folder. These will be located in the policies folder of the islandora module, here.
There should be at least these 4 policies:
permit-apim-to-authenticated
...
-user.xml
permit-getDatastream-unrestricted.xml
permit-getDatastreamHistory-unrestricted.xml
permit-upload-to-authenticated-user.xml
Save as permit-apim-to-authenticated.xml.
11. Navigate to $FEDORA_HOME/data/fedora-xacml-policies/repository-policies/default/deny-apim-if-not-localhost.xml
Go to where you see <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">127.0.0.1</AttributeValue>
insert additional entries below for IPs that need to access fedora admin example your own machine or other admins. Also might want to add the systems actual IP Example:
...