Right - but ideally I should be allowed to stay anonymous until trying to do sysadmin stuff (e.g. "Manage datasets")
Looking at this closer, it seems to give the first 401 on a GET http://localhost:8081/$/server I can cancel the dialogue, and now I don't get any drop-down list under http://localhost:8081/dataset.html The suggested shiro.ini does indeed protect almost everything under /$/: https://github.com/apache/jena/blob/master/jena-fuseki2/jena-fuseki-core/src/main/resources/org/apache/jena/fuseki/server/shiro.ini#L25 I edited this to do basicauth exactly as it says in the comments there (but with a pwgen-generated password) What does /$/server do? On 28 January 2015 at 13:30, Andy Seaborne <[email protected]> wrote: > On 26/01/15 16:53, Stian Soiland-Reyes wrote: >> >> # Questions to dev@jena >> >> Q: I don't know why Fuseki (here with basic auth) always asks for the >> admin password - perhaps some Fuseki / shiro.ini experts can help? Is >> it because of the server status icon? > > > Not an expert but with some digging ... > > What seems to be happening is that if you turn off localhost authentication > and turn on basic authentication, then the user/password has to go in every > request. There is no session state, cookies whatever in basic > authentication. > > Usually the way to do that is to have the browser remember the details and > it will send them when asked. > > I guess you have told your browser not to record user/password. > > There is a two hop exchange with a via 401 - the web UI does not know the > user/password to add each GET/POST - maybe that is easy to configure the > environment to do that, I don't know, not my area of expertise. > > Having the Fuseki code add user/password seems rather heavy and with such a > common setup I wodner if there is a way to tell jQuery or whatever is doing > the HTTP bit to learn the details (not that basic auth is very safe unless > it's an SSL connection). > > Andy > > https://issues.apache.org/jira/browse/SHIRO-20 for digest auth. -- Stian Soiland-Reyes Apache Taverna (incubating) http://orcid.org/0000-0001-9842-9718
