Steve, Thanks for the reply, that does solve part of the problem. This improves the situation in that now the content can be accessed by direct URL without authentication being triggered however the intermediate page "Datastream Profile View" triggers the auth request so a user would only be able to get to the content if they could figure out the direct URL to the content. From your description of the problem, and reading FCREPO-703 it appears you guys have addressed this by shifting the implementation to use API-A calls for Profile View so this is fully resolved in the next release? Thanks for the description that helped a lot in making sense of the issue.
-Mike On 6/17/10 11:43 AM, Steve Bayliss wrote: > Hi Mike > > This sounds like the bug that crept in as part of FCREPO-497 - now fixed in > trunk by FCREPO-703. > > To verify this, could you locate in your fedora.fcfg theparameter > "datastreamFilenameSource", and change the value from "rels label id" to "id > label rels". > > Optionally you could change the parameter > "datastreamContentDispositionInlineEnabled" to "false" also. > > These two parameter control the new content-disposition header that is sent > so that users get a sensible filename when downloading - setting the latter > parameter to false disables the header altogether, changing the former to > "id label rels" means that the datastream ID will be used (otherwise in 3.3 > API-M calls are made to determine relationships and datastream label, hence > the authentication request). > > Steve > > >> -----Original Message----- >> From: Mike Korcynski [mailto:[email protected]] >> Sent: 17 June 2010 16:20 >> To: Fedora Users >> Subject: [Fedora-commons-users] Change in Datastreams >> behavior after upgradeto 3.3 >> >> >> Hi, >> >> We recently upgraded from Fedora 3.1 to 3.3 and have noticed >> a change in >> the behavior when accessing the Datastream Profile View and >> Datastream >> content. In our current configuration we enforce XACML, >> disable FeSL, >> and allow anonymous API-A access. Much like in 3.1 I can anonymously >> access the Datastream list "/datastreams" but when I click through to >> the new profile screen I'm prompted for username/password. >> Is this an >> intentional change requiring authentication for this step and >> for access >> to actual content? It seems a bit odd, as you can still access the >> content anonymously through methods. I couldn't find >> reference to this >> change in the release notes for 3.2 or 3.3 so I was hoping >> someone here >> might provide some insight. >> >> Thanks, >> >> Mike >> >> >> -- >> Mike Korcynski >> Software Engineer >> University Information Technology - Academic Technology >> Tufts University >> 16 Dearborn Road, Medford, MA 02144 >> Phone: 617.627.4957 >> http://uit.tufts.edu/at/ >> >> >> >> >> -------------------------------------------------------------- >> ---------------- >> ThinkGeek and WIRED's GeekDad team up for the Ultimate >> GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the >> lucky parental unit. See the prize list and enter to win: >> http://p.sf.net/sfu/thinkgeek-promo >> _______________________________________________ >> Fedora-commons-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/fedora-commons-users >> >> > ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Fedora-commons-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
