Your problem is in the backedSecurity module. When fedora resolves a url
that seem to point back into fedora, it does so with some hardcoded
credentials. I would assume you have removed the internal call users
from the fedura-users.xml or in some other way disabled the backend
security. Tells us more about your specific setup, and if we determine
that this is wrongful behaivour, I will report a bug.
Regards
Asger
Committer