Hi there, I'm starting to tinker with Fedora and trying to write a CMA workflow. I'm building a digital object that should grab an image datastream from an HTTPS server which requires basic authentication. I tried inserting the authentication data in the URL for the datastream, but now I have 2 problems: 1) Username and password are stored in plain text in the FOXML, visible by everyone who looks up that record in Fedora, as well as all over the logs. 2) I still can't connect to the server this way. The server's certificate is expired, I don't know if that plays a role.
Fedora throws this error: ERROR 2013-05-09 11:04:28.618 [http-8080-1] (BaseRestResource) Unexpected error fulfilling REST API request org.fcrepo.server.errors.HttpServiceNotFoundException: [DefaultExternalContentManager] returned an error. The underlying error was a org.fcrepo.server.errors.GeneralException T he message was "Error getting https://username:password@imageserver/myHugePicture"; . at org.fcrepo.server.storage.DefaultExternalContentManager.getExternalContent(DefaultExternalContentManager.java:152) ~[fcrepo-server-3.6.2.jar:na] at org.fcrepo.server.access.DefaultAccess.getDatastreamDissemination(DefaultAccess.java:1148) ~[fcrepo-server-3.6.2.jar:na] at org.fcrepo.server.rest.DatastreamResource.getDatastream(DatastreamResource.java:247) ~[fcrepo-server-3.6.2.jar:na] [...] And the image server's Apache error log: Thu May 09 11:04:25 2013] [info] [client 10.80.25.47] Connection to child 0 established (server imageserver:443) [Thu May 09 11:04:25 2013] [info] Seeding PRNG with 144 bytes of entropy [Thu May 09 11:04:25 2013] [info] [client 10.80.25.47] SSL library error 1 in handshake (server imageserver:443) [Thu May 09 11:04:25 2013] [info] SSL Library Error: 336151608 error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error [Thu May 09 11:04:25 2013] [info] [client 10.80.25.47] Connection closed to child 0 with abortive shutdown (server imageserver:443) [...] Of course, I can always use a redirect datastream and let the client deal with authentication and SSL, but I'd like to hide the source URI if possible. Below is the FOXML representation of my object: <foxml:digitalObject VERSION="1.1" PID="test:dervPub_obj" xsi:schemaLocation="info:fedora/fedora-system:def/foxml# http://www.fedora.info/definitions/1/0/foxml1-1.xsd";> <foxml:objectProperties> <foxml:property NAME="info:fedora/fedora-system:def/model#state" VALUE="Active"/> <foxml:property NAME="info:fedora/fedora-system:def/model#label" VALUE="Disseminator object"/> <foxml:property NAME="info:fedora/fedora-system:def/model#ownerId" VALUE="fedoraAdmin"/> <foxml:property NAME="info:fedora/fedora-system:def/model#createdDate" VALUE="2013-05-09T15:37:41.708Z"/> <foxml:property NAME="info:fedora/fedora-system:def/view#lastModifiedDate" VALUE="2013-05-09T15:37:41.892Z"/> </foxml:objectProperties> <foxml:datastream ID="AUDIT" STATE="A" CONTROL_GROUP="X" VERSIONABLE="false"> <foxml:datastreamVersion ID="AUDIT.0" LABEL="Audit Trail for this object" CREATED="2013-05-09T15:37:41.708Z" MIMETYPE="text/xml" FORMAT_URI="info:fedora/fedora-system:format/xml.fedora.audit"> <foxml:xmlContent> <audit:auditTrail> <audit:record ID="AUDREC1"> <audit:process type="Fedora API-M"/> <audit:action>addDatastream</audit:action> <audit:componentID>SOURCE_IMG</audit:componentID> <audit:responsibility>fedoraAdmin</audit:responsibility> <audit:date>2013-05-09T15:37:41.892Z</audit:date> <audit:justification/> </audit:record> </audit:auditTrail> </foxml:xmlContent> </foxml:datastreamVersion> </foxml:datastream> <foxml:datastream ID="DC" STATE="A" CONTROL_GROUP="X" VERSIONABLE="true"> <foxml:datastreamVersion ID="DC1.0" LABEL="Dublin Core Record for this object" CREATED="2013-05-09T15:37:41.708Z" MIMETYPE="text/xml" FORMAT_URI="http://www.openarchives.org/OAI/2.0/oai_dc/"; SIZE="388"> <foxml:xmlContent> <oai_dc:dc xsi:schemaLocation="http://www.openarchives.org/OAI/2.0/oai_dc/ http://www.openarchives.org/OAI/2.0/oai_dc.xsd";> <dc:title>Disseminator object</dc:title> <dc:identifier>test:dervPub_obj</dc:identifier> </oai_dc:dc> </foxml:xmlContent> </foxml:datastreamVersion> </foxml:datastream> <foxml:datastream ID="RELS-EXT" STATE="A" CONTROL_GROUP="X" VERSIONABLE="false"> <foxml:datastreamVersion ID="RELS-EXT.0" LABEL="Relationships" CREATED="2013-05-09T15:37:41.837Z" MIMETYPE="application/rdf+xml" FORMAT_URI="info:fedora/fedora-system:FedoraRELSExt-1.0" SIZE="273"> <foxml:xmlContent> <rdf:RDF> <rdf:Description rdf:about="info:fedora/test:dervPub_obj"> <hasModel rdf:resource="info:fedora/test:dervPub_CModel"/> </rdf:Description> </rdf:RDF> </foxml:xmlContent> </foxml:datastreamVersion> </foxml:datastream> <foxml:datastream ID="SOURCE_IMG" STATE="A" CONTROL_GROUP="E" VERSIONABLE="true"> <foxml:datastreamVersion ID="SOURCE_IMG.0" LABEL="full sized image" CREATED="2013-05-09T15:37:41.892Z" MIMETYPE="image/jpeg"> <foxml:contentLocation TYPE="URL" REF="https://username:password@imageserver/myHugePicture"/> </foxml:datastreamVersion> </foxml:datastream> I would really appreciate your help. ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Fedora-commons-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
