Fedora's default server security settings disallow remote administrative access. This restriction can be relaxed by either:
1. Modifying (or removing) the deny-apim-if-not-localhost.xml
policy file.
See the default policy documentation in the user guide:
http://www.fedora-commons.org/confluence/display/FCR30/Fedora+Authorization+with+XACML+Policy+Enforcement
See the "Activating and Loading" instructions in the user guide:
http://www.fedora-commons.org/confluence/display/FCR30/Fedora+Authorization+with+XACML+Policy+Enforcement
2. Disabling policy enforcement altogether
See the "Enabling/Disabling XACML Policy Enforcement" section in the user guide:
http://www.fedora-commons.org/confluence/display/FCR30/Fedora+Authorization+with+XACML+Policy+Enforcement