@ -38,6 +38,14 @@ INSTALLATION
CONFIGURATION
-------------
The islandora_drupal_filter passes the username of 'anonymous' through to
Fedora for unauthenticated Drupal Users. A user with the name of 'anonymous'
may have XACML policies applied to them that are meant to be applied to Drupal
users that are not logged in or vice-versa. This is a potential security issue
that can be plugged by creating a user named 'anonymous' and restricting access
to the account.
Drupal's cron will can be ran to remove expired authentication tokens.
CUSTOMIZATION
@ -110,3 +110,13 @@ function islandora_validate_object_token($pid, $dsid, $token) {
return FALSE;
}
/**
* Will remove any expired authentication tokens.
*/
function islandora_remove_expired_tokens() {
$time = time();
db_delete("islandora_authtokens")
->condition('time', $time - TOKEN_TIMEOUT, '<')
->execute();
@ -872,3 +872,13 @@ function islandora_post_delete_datastream(FedoraObject $object, $datastream_id)
module_invoke_all($hook, $object, $datastream_id);
* Implements hook_cron()
*
* Removes expired authentication tokens.
function islandora_cron() {
module_load_include('inc', 'islandora', 'includes/islandora_authtokens');
islandora_remove_expired_tokens();