date:20170404

Re: [Virtuoso-users] SPARQL endpoint Update permissions

2017-04-04 Thread Quentin

 

Hi, 

I'd certainly suggest disabling Update permission on the Sparql user for
the reasons you mention. 

You can then make a second user for the purpose of authorised
transactions and use this against the /sparql-auth endpoint which you'll
need to enable and configure. I believe that will do what you want. 

This will give you some hints but you'll need to do a little more
research to get sparql-auth set up. I believe it's available in the
open-source version though it's been a while since I used it. 

https://virtuoso.openlinksw.com/dataspace/doc/dav/wiki/Main/VirtTipsAndTricksDigestAuthAJAX


-- 
Regards,
Quentin Serrurier.
GuidingHand.Solutions

On 2017-04-04 21:54, Iker Esnaola wrote: 

> Hello, 
> 
> I am trying to update my Graph by means of the SPARQL endpoint and the 
> following query: 
> 
> DELETE {?s rdf:type "A "}
> 
> INSERT {?s rdf:type "B" }
> 
> from 
> 
> WHERE { ?s rdf:type "A"}
> 
> I am getting the following error: Virtuoso 42000 Error SR186:SECURITY: No 
> permission to execute procedure DB.DBA.SPARQL_MODIFY_BY_DICT_CONTENTS with 
> user ID 107, group ID 107
> 
> After giving SPARQL_UPDATE permissions to the "SPARQL" user, there is no such 
> a problem and I am able to perform the query. 
> 
> However, my SPARQL endpoint is public so this is not a good practice. 
> 
> I have been looking for information in this matter but I didn't find anything 
> decisive. Is there any possibility of login in the SPARQL endpoint? I am 
> thinking of some way of enabling certain users to update the content (e.g. 
> administrators) while leaving the rest of the users with only query 
> permissions. 
> 
> Thanks in advance, 
> 
> IKER ESNAOLA GONZALEZ 
> 
> Informazio-Sistema Adimenduen Unitatea 
> 
> Sistemas de Información Inteligentes 
> 
> Intelligent Information Systems Unit 
> 
> iker.esna...@tekniker.es 
> 
> +34 943 20 67 44 Ext: 9608 
> 
> PARKE TEKNOLOGIKOA 
> 
> C/ Iñaki Goenaga, 5 
> 
> 20600 Eibar, Gipuzkoa (Spain) 
> 
> Tel.: +34 943 20 67 44 
> 
> [3] [4] [5] [6] [7] 
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot [1]
> 
> ___
> Virtuoso-users mailing list
> Virtuoso-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/virtuoso-users [2]
 

Links:
--
[1] http://sdm.link/slashdot
[2] https://lists.sourceforge.net/lists/listinfo/virtuoso-users
[3] https://www.youtube.com/user/Teknikertv
[4] https://twitter.com/ik4_tekniker
[5] https://www.flickr.com/people/teknikerik4/
[6] http://es.slideshare.net/teknikerik4
[7] http://issuu.com/ik4-tekniker
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Virtuoso-users mailing list
Virtuoso-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/virtuoso-users

Re: [Virtuoso-users] SPARQL endpoint Update permissions

2017-04-04 Thread Kingsley Idehen

On 4/4/17 9:54 AM, Iker Esnaola wrote:
>
> Hello,
>
>  
>
> I am trying to update my Graph by means of the SPARQL endpoint and the
> following query:
>
>  
>
> DELETE {?s rdf:type "A "}
> INSERT {?s rdf:type "B" }
> from 
> WHERE { ?s rdf:type "A"}
>
>  
>
> I am getting the following error: Virtuoso 42000 Error SR186:SECURITY:
> No permission to execute procedure
> DB.DBA.SPARQL_MODIFY_BY_DICT_CONTENTS with user ID 107, group ID 107
>
>  
>
> After giving SPARQL_UPDATE permissions to the “SPARQL” user, there is
> no such a problem and I am able to perform the query.
>
>  
>
> However, my SPARQL endpoint is public so this is not a good practice.
>
>  
>
> I have been looking for information in this matter but I didn’t find
> anything decisive. Is there any possibility of login in the SPARQL
> endpoint? I am thinking of some way of enabling certain users to
> update the content (e.g. administrators) while leaving the rest of the
> users with only query permissions.
>
>  
>
> Thanks in advance,
>

To cut a long story short, you will need attrtibute-based acls (ABAC)
which are part of the commercial edition of Virtuoso [1]. If you don't
want to exploit that degree of sophistication you can try role-based
acls (RBAC) via our Graph Security feature.


[1]
https://medium.com/virtuoso-blog/web-logic-sentences-and-the-magic-of-being-you-e2a719d01f73
-- End to End Example re. Attributed-based access control

[2]
https://virtuoso.openlinksw.com/dataspace/doc/dav/wiki/Main/VirtRDFGraphsSecurity
-- Role-based Graph Security

-- 
Regards,

Kingsley Idehen   
Founder & CEO 
OpenLink Software   (Home Page: http://www.openlinksw.com)

Weblogs (Blogs):
Legacy Blog: http://www.openlinksw.com/blog/~kidehen/
Blogspot Blog: http://kidehen.blogspot.com
Medium Blog: https://medium.com/@kidehen

Profile Pages:
Pinterest: https://www.pinterest.com/kidehen/
Quora: https://www.quora.com/profile/Kingsley-Uyi-Idehen
Twitter: https://twitter.com/kidehen
Google+: https://plus.google.com/+KingsleyIdehen/about
LinkedIn: http://www.linkedin.com/in/kidehen

Web Identities (WebID):
Personal: http://kingsley.idehen.net/dataspace/person/kidehen#this
: 
http://id.myopenlink.net/DAV/home/KingsleyUyiIdehen/Public/kingsley.ttl#this



smime.p7s
Description: S/MIME Cryptographic Signature
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Virtuoso-users mailing list
Virtuoso-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/virtuoso-users

[Virtuoso-users] SPARQL endpoint Update permissions

2017-04-04 Thread Iker Esnaola

Hello,

I am trying to update my Graph by means of the SPARQL endpoint and the 
following query:


DELETE {?s rdf:type "A "}

INSERT {?s rdf:type "B" }

from 

WHERE { ?s rdf:type "A"}


I am getting the following error: Virtuoso 42000 Error SR186:SECURITY: No 
permission to execute procedure DB.DBA.SPARQL_MODIFY_BY_DICT_CONTENTS with user 
ID 107, group ID 107

After giving SPARQL_UPDATE permissions to the “SPARQL” user, there is no such a 
problem and I am able to perform the query.

However, my SPARQL endpoint is public so this is not a good practice.

I have been looking for information in this matter but I didn’t find anything 
decisive. Is there any possibility of login in the SPARQL endpoint? I am 
thinking of some way of enabling certain users to update the content (e.g. 
administrators) while leaving the rest of the users with only query permissions.

Thanks in advance,

Iker Esnaola Gonzalez
Informazio-Sistema Adimenduen Unitatea
Sistemas de Información Inteligentes
Intelligent Information Systems Unit
iker.esna...@tekniker.es

+34 943 20 67 44  Ext: 9608

[LogoTEK_Firma2015.jpg]

PARKE TEKNOLOGIKOA
C/ Iñaki Goenaga, 5
20600 Eibar, Gipuzkoa (Spain)
Tel.: +34 943 20 67 44


[Youtube-.png][Twitter-.png][Flickr-.png][Slideshare-.png][Issuu--.png]

[LogoParke_Firma2015.png]









--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Virtuoso-users mailing list
Virtuoso-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/virtuoso-users

Re: [Virtuoso-users] SPARQL endpoint Update permissions

Re: [Virtuoso-users] SPARQL endpoint Update permissions

[Virtuoso-users] SPARQL endpoint Update permissions

3 matches

Site Navigation

Mail list logo

Footer information