/Firstly, did you use a "fedora.server" -style URL for your reference to the policy datastream? If so, that might circumvent the external DS policies, which could cause some of this odd behavior./
No, the reference URLs aren't in the fedora.server style they're like http://123.456.78.90:port/fedora/get/other:pid/OTHER But I noticed that it worked fine when I use localhost instead of the IP. But I have removed the deny-apim-if-not-localhost policy from the standard folder and I even have changed the element in fedora.fcfg to "permit-all-requests" (see below for another problem in this regard). I just don't understand this. /Secondly, for your case d) below, when you stored the policy in other:pid/OTHER, did you also remove other:pid/POLICY before testing? If not, that might explain your case d) and inability to see the policy itself without authenticating./ Yes, I removed it and tried it in entirely new objects as well. /Thirdly, we'd like to hear a bit more about your context. Which version of Fedora are you using, and are you using FESL authorization or legacy authorization? This last question is important because FESL offers some powerful ways to implement collection-wide policies that aren't available in legacy authorization, and using them might obviate the problem entirely./ We use Fedora 3.5 with FESL authorization and SSL deactivated. Actually I noticed another odd behavior: 1. "enforce-policies" is activated 2. I create the object col:policy with a "POLY" datastream 3. I create the object object:test with the POLICY datastream that references to col:policy/POLY 4. As mentioned: I lose control over object:test immediately (authorization denied). 5. I change from "enforde-policies" to "permit-all-requests" 6. Now I can open object:test again 7. But I cannot open the POLICY datastream ("Server returned 500: Internal Server Error) 8. Using the Link in a browser still requieres authentication (although I deactivated policy enforcement - is this correct behavior?) -- View this message in context: http://fedora-commons.1317035.n2.nabble.com/Authentication-Problem-with-External-Referenced-Policies-tp7388893p7395823.html Sent from the Fedora Commons Users mailing list archive at Nabble.com. ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Fedora-commons-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
