Thanks Andy. My current feeling is exactly this bit -
On 29 June 2012 13:11, Andy Seaborne <[email protected]> wrote > The counter argument is that strength of service access point authentication > is precisely that you don't need to hook into the database engine. Instead, > have a mediation service that the users/app goes to - it is more privileged > than the user and can look and reject data access. I don't disagree with > that but in a data publishing world, I think you need data-specific > authentication and access control. What I'm working on is an intermediary, quasi-proxy. In my opinion Fuseki doesn't need auth, that comes in front. I've been chatting with Bergi a bit about auth modeling, and I think he's approaching a good pattern. He has also coding against Fuseki in the Java - that I personally think is the *wrong* approach. Having an adequately perfomant engine that will talk to you over HTTP is a huge step forward. It's there like a MySQL DB or whatever would be, but you've got a clean, portable protocol with which to speak to. On paper at least, using the same intermediary bits, flip the URI of the DB and you're talking elsewhere. It lends itself to distributed services (again, probably a layer on top). But the notable thing is how easy it is to code against. I've been working with this in node.js, totally new to me, but template out the request to a SPARQL query and it works, so much less thought needed. What can I say? KUTGW. Cheers, Danny. -- http://dannyayers.com http://webbeep.it - text to tones and back again
