...
Download the Drupal Filter files from the Release Notes and Downloads page. Extract the contents of the archive , and make sure you choose the correct JAR file for your version of Fedora.
Place the file in:
| Code Block |
|---|
cp fcrepo-drupalauthfilter-3.4.2.jar $FEDORA_HOME/tomcat/webapps/fedora/WEB-INF/lib |
...
| Code Block | ||
|---|---|---|
| ||
<?xml version="1.0" encoding="UTF-8"?>
<!--File to hold drupal connection info for the FilterDrupal servlet filter. For multisite drupal installs you can include multiple
connection elements. We will query all the databases and assume any user in any drupal db with the same username and password are the same
user. We will gather all roles for that user from all databases. This is a potential security risk if a user in one drupal db has the same
username and password as another user in a separate drupaldb. We are also assuming all drupal dbs to be mysql. This file should be located
in the same directory as the fedora.cfcg file-->
<FilterDrupal_Connection>
<connection server="localhost" dbname="[drupal_database]" user="[drupal_db_user]" password="[drupla_db_password]" port="3306">
<sql>
<!--Different sql statement for each connection. This is for drupal multisites that are setup using one database with
table prefixes. We don't do this but some people might.-->
SELECT DISTINCT u.uid AS userid, u.name AS Name, u.pass AS Pass, r.name AS Role FROM (users u LEFT JOIN users_roles ON
u.uid=users_roles.uid) LEFT JOIN role r ON r.rid=users_roles.rid WHERE u.name=? AND u.pass=?;
</sql>
</connection>
</FilterDrupal_Connection> |
...
drupalauthfilter-xxxx.jar...
| Note |
|---|
| The islandora_drupal_filter passes the username of 'anonymous' through to Fedora for unauthenticated Drupal Users. A user with the name of 'anonymous' may have XACML policies applied to them that are meant to be applied to Drupal users that are not logged in or vice-versa. This is a potential security issue that can be plugged by creating a user named 'anonymous' and restricting access to the account. |