A valve for Tomcat8 that authenticates the JWT tokens created by Islandora in order to provide sessionless Authentication for Fedora4. Named after the Norse goddess Syn.
This project requires Java 8 and can be built with Gradle. To build and test locally, use ./gradlew build.
Copy the JAR that was built above from build/libs/islandora-syn-X.X.X-all.jar and place into $TOMCAT_HOME/lib directory. Can be found in Ubuntu at: /var/lib/tomcat8/lib/. Note that this JAR is built to contain all the dependancies.
Now register the valve in Tomcat configuration file.
In Ubuntu this file is located at: /var/lib/tomcat8/conf/context.xml
<Valve className="ca.islandora.syn.valve.SynValve"
pathname="conf/syn-settings.xml" />where:
- pathname: The location of the settings file. Defaults to
$CATALINA_BASE/conf/syn-settings.xml.
The valve checks if requested url is under security contraints. So, valve will activate only if the Fedora4 web.xml file contains something like:
<security-constraint>
<web-resource-collection>
<web-resource-name>Fedora4</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-role>
<role-name>islandora</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>fcrepo</realm-name>
</login-config>On ubuntu this file can be found at:
/var/lib/tomcat8/webapps/fcrepo/WEB-INF/web.xml
Modify the example configuration and move it to: $CATALINA_BASE/conf/syn-settings.xml.
If you would like to contribute, please get involved by attending our weekly Tech Call. We love to hear from you!
If you would like to contribute code to the project, you need to be covered by an Islandora Foundation Contributor License Agreement or Corporate Contributor Licencse Agreement. Please see the Contributors pages on Islandora.ca for more information.
MIT