...
Code Block | ||||
---|---|---|---|---|
| ||||
<auth-constraint> <role-name>fedoraUser</role-name> <role-name>fedoraAdmin</role-name> <role-name>my-new-tomcat-role</role-name> </auth-constraint> |
Please refer to the servlet container authentication document for configuration details.
HTTP Header Principal Provider
...
The Fedora class org.fcrepo.auth.common.ServletContainerAuthenticationProvider contains a list of PrincipalProvider derivative instances that are called for every authentication query. The union of the authentication traits of the PrincipalProvider instances will be assigned to the FEDORA_ALL_PRINCIPALS session attribute. In the case that the user is has the fedoraAdmin role, a FedoraAdminSecurityContext is provided as the users SecurityContext. If the user does not have the fedoraAdmin role, an ExecutionContext is provided as the users SecurityContext.