Peter; Extensions for security for SPARQL 1.1 are probably too late in the process, but you can check with the W3C committee.
Re-generating a key doesn't sound like a good solution to me. Unless I'm misunderstanding the technique, if there were 35 SERVICE queries in your application, then you'd have to make 35 changes to the SERVICE URI each time a new key is generated. Possibly labor-intensive and error-prone. Really, it's most secure and most convenient to leave authentication to the Web application container. Thanks for the inquiry and we will look into various issues for accessing secure SPARQL endpoints for 3.6.1. -- Scott On Mar 20, 8:27 am, Peter Lawrence <[email protected]> wrote: > Scott > > Thanks for the response, albeit disappointing. > > To defend Dydra I should clarify that the > XYZ123456<http://[email protected]/peterlawrence/test/sparql> I > used in the example is not a password but a temporary authentication > identifier. I can get Dydra to regenerate a new key at anytime. Still not > 100% secure but does provide some level of security for a SPARQL endpoint. > After all other endpoints have no security at all. > > As we all trying to merge information from multiple endpoints, fulfilling > the promise of an open data world empowered by RDF, perhaps this should be > an extension of the SPARQL1.1 SERVICE definition, as it is a problem that > is likely to reoccur. > > Thanks for the help > > Peter > > > > > > > > On Friday, March 16, 2012 10:53:33 AM UTC-4, Peter Lawrence wrote: > > > I am trying to access an external SPARQL endpoint (Dydra) that requires > > authentication from with a TB SPARQL query such as > > > SELECT ?s ?p ?o > > WHERE { > > SERVICE <http:// [email protected]/peterlawrence/test/sparql> > > { ?s ?p ?o > > } > > } > > > Unfortunately none of the authentication schemes offered by the endpoint > > seems to work. The authentication takes the form of > > > http://[email protected]/peterlawrence/test/sparql > > > or with a fake password > > > http://XYZ123456:[email protected]/peterlawrence/test/sparql > > > or as a query string parameter: > > >http://dydra.com/peterlawrence/test/sparql?auth_token=XYZ123456 > > > or as username:password > > > http://peterlawrence:[email protected]/peterlawrence/test/sparql > > > Any suggestions? > > > Many thanks -- You received this message because you are subscribed to the Google Group "TopBraid Suite Users", the topics of which include Enterprise Vocabulary Network (EVN), TopBraid Composer, TopBraid Live, TopBraid Ensemble, SPARQLMotion and SPIN. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/topbraid-users?hl=en
