Sorry, I found the shiro.ini file in the folder "./run" after running the server the first time.
Daniel On Thu, 2014-12-11 at 09:30 -0300, Daniel Hernández wrote: > > Yes - by default the admin functions the UI uses are restricted to > > browsers from "localhost" (and not even the IP address). This is done > > to stop remote people being able to mess around with your data. I was a > > bit surprised that as much of the interface worked as it did! There is a > > 403 in the developers console. It might be better to block more rather > > than just the JSON-API calls to "/$/*" > > > > For a fixed security template file, we didn't want a default > > user/password because that would be not very secret. > > > > It is controlled by the shiro.ini file > > -------------------- > > [main] > > ... > > localhost=org.apache.jena.fuseki.authz.LocalhostFilter > > ... > > [urls] > > ... > > ## and the rest are restricted > > /$/** = localhost > > > > > > ## If you want simple, basic authentication user/password on the > > ## operations, change the line above to: > > ## /$/** = authcBasic,user[admin] > > -------------------- > > > > user='admin'; password in in the file a few lines above (which is not > > very secure!) > > > > The Fuseki specific shiro filters fix a couple of things and are simpler > > that the general ones in Shiro itself. They have been contributed to > > Apache Shiro. > > > > Andy > > Thanks a lot. However I have no much experience in Java development, so > I don't known where the shiro.in file is. I searched it with > > find -name '*.ini' > > in the distribution folder, but I got no results. Thus, I suppose that > it is into the jar files in the distribution. I need compile Fuseki from > the source to change the shiro.ini? > > Daniel >
