Re: Security and Fuseki
Hello Andy, This is excellent news! Thank you and Mulesoft for supporting this! I will try out the graph-level access control and will let you know of our use case if it fits well. -- /Andrew On 2018-11-22 , at 15:59, Andy Seaborne mailto:a...@apache.org>> wrote: Greetings, Fuseki is getting access control security built into Fuseki itself. It will have: HTTPS support User authentication at the server HTTP access controls on the server, dataset and service endpoints Graph-level access control within an individual dataset If this is of interest to you, do make sure your use case is known and also see if the design works for you. This will be "experimental" in Jena 3.10.0 - that means it can change more than just incremental evolution. If there is no feedback, it won't change. Some draft documentation which is currently unfinished work-in-progress: http://jena.staging.apache.org/documentation/fuseki2/data-access-control.html I am very grateful to Mulesoft Inc., now part of Salesforce.com, Inc., for enabling me to do this work. Andy
Security and Fuseki
Greetings, Fuseki is getting access control security built into Fuseki itself. It will have: HTTPS support User authentication at the server HTTP access controls on the server, dataset and service endpoints Graph-level access control within an individual dataset If this is of interest to you, do make sure your use case is known and also see if the design works for you. This will be "experimental" in Jena 3.10.0 - that means it can change more than just incremental evolution. If there is no feedback, it won't change. Some draft documentation which is currently unfinished work-in-progress: http://jena.staging.apache.org/documentation/fuseki2/data-access-control.html I am very grateful to Mulesoft Inc., now part of Salesforce.com, Inc., for enabling me to do this work. Andy
Re: Jena Security and Fuseki
To use Jena Security with Fuseki you have Fuseki serve your Secured Models. (I don't know that his has been done but I did something very similar before I wrote the Security Module). It works like this: - Fuseki uses Jetty. - Jetty allows you to define the Authentication and Authorization provider via a filter. - Apache Shiro lets you plug almost any Authentication and Authorization provider into the system. - Jena Security required a SecurityEvaluator implementation. - The SecurityEvaluator can easily interface with Shiro to determine the currently logged in user. What this entails is: - Configuring Jetty to use Shiro. - Configuring Shiro to use your authentication and authorization mechanism. - Writing a SecurityEvaluator that uses Shiro to get user information. - Writing a Jena assembler for your SecurityEvaluator implementation. - Configuring Fuseki to serve the secured models as. Not exactly trivial as the configurations can be tricky, but not that hard either. I have this on my list of things to do as a demo and as a configuration for Fuseki. Claude On Tue, Jan 6, 2015 at 4:30 PM, Trevor Donaldson tmdona...@gmail.com wrote: Is it possible to use Jena Security with Fuseki? I am guessing no. If I needed this capability I would have to create my own fuseki server. Is this correct? -- I like: Like Like - The likeliest place on the web http://like-like.xenei.com LinkedIn: http://www.linkedin.com/in/claudewarren
Re: Jena Security and Fuseki
Thanks Claude On Tue, Jan 6, 2015 at 4:39 PM, Claude Warren cla...@xenei.com wrote: To use Jena Security with Fuseki you have Fuseki serve your Secured Models. (I don't know that his has been done but I did something very similar before I wrote the Security Module). It works like this: - Fuseki uses Jetty. - Jetty allows you to define the Authentication and Authorization provider via a filter. - Apache Shiro lets you plug almost any Authentication and Authorization provider into the system. - Jena Security required a SecurityEvaluator implementation. - The SecurityEvaluator can easily interface with Shiro to determine the currently logged in user. What this entails is: - Configuring Jetty to use Shiro. - Configuring Shiro to use your authentication and authorization mechanism. - Writing a SecurityEvaluator that uses Shiro to get user information. - Writing a Jena assembler for your SecurityEvaluator implementation. - Configuring Fuseki to serve the secured models as. Not exactly trivial as the configurations can be tricky, but not that hard either. I have this on my list of things to do as a demo and as a configuration for Fuseki. Claude On Tue, Jan 6, 2015 at 4:30 PM, Trevor Donaldson tmdona...@gmail.com wrote: Is it possible to use Jena Security with Fuseki? I am guessing no. If I needed this capability I would have to create my own fuseki server. Is this correct? -- I like: Like Like - The likeliest place on the web http://like-like.xenei.com LinkedIn: http://www.linkedin.com/in/claudewarren