From 3ed1bd1dba93304032a11c1baa6551f379c71997 Mon Sep 17 00:00:00 2001 From: jonathangreen Date: Fri, 4 Jan 2013 09:21:22 -0400 Subject: [PATCH] Updated README to include the XACML policies Included the necessary XACML policies in the repository. Added information about them to the README. --- README | 5 ++- .../permit-apim-to-authenticated-user.xml | 31 +++++++++++++++++++ .../permit-upload-to-authenticated-user.xml | 31 +++++++++++++++++++ 3 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 policies/permit-apim-to-authenticated-user.xml create mode 100644 policies/permit-upload-to-authenticated-user.xml diff --git a/README b/README index c9784a95..ce276d7b 100644 --- a/README +++ b/README @@ -34,6 +34,9 @@ REQUIREMENTS INSTALLATION ------------ +Before installing Islandora the XACML policies located in the policies folder +should be copied into the Fedora global XACML policies folder. This will allow +"authenticated users" in Drupal to access Fedora API-M functions. CONFIGURATION ------------- @@ -64,4 +67,4 @@ CONTACT SPONSORS --------- \ No newline at end of file +-------- diff --git a/policies/permit-apim-to-authenticated-user.xml b/policies/permit-apim-to-authenticated-user.xml new file mode 100644 index 00000000..b6ecea1b --- /dev/null +++ b/policies/permit-apim-to-authenticated-user.xml @@ -0,0 +1,31 @@ + + + note that other policies may provide exceptions to this broad policy. This policy assumes api-m users have to be authenticated + + + + + authenticated user + + + + + + + + + + + urn:fedora:names:fedora:2.1:action:api-m + + + + + + + diff --git a/policies/permit-upload-to-authenticated-user.xml b/policies/permit-upload-to-authenticated-user.xml new file mode 100644 index 00000000..c69d63c6 --- /dev/null +++ b/policies/permit-upload-to-authenticated-user.xml @@ -0,0 +1,31 @@ + + + + + + + + authenticated user + + + + + + + + + + + urn:fedora:names:fedora:2.1:action:id-upload + + + + + + +