Mark,
Those all do different security related things - which security problem
are you wanting to address?
Apache Shiro provides service-level ACLs (in Fuseki2, the shipped
configuration uses Shiro to restrict the admin interface to localhost).
It should provide LDAP and PKI controlled access tot he services if
setup correctly (see the Shiro documentation).
Tomcat Security Manager protects untrusted code in the JVM of Tomcat
e.g. JSPs.
jena-security is a framework data security models in RDF.
Andy
On 24/07/14 21:50, Mark Feblowitz wrote:
Emmm -
I just saw the note on layout and noticed jena-security and then found the page
on Jena Security (https://jena.apache.org/documentation/security/). And I’ve
also seen the reference to Apache Shiro.
So I can almost answer my own question. Let me rephrase:
Will there be any samples of how to configure Jena + Shiro + Tomcat? Config
files?
I’m betting that LDAP and PKI will be popular choices.
Thanks,
Mark
On Jul 24, 2014, at 4:21 PM, Mark Feblowitz <[email protected]> wrote:
I’m happy to see this work progressing. I expect it to be quite useful.
I was wondering whether there has been any discussion of security, taking
advantage of the Tomcat Security Manager (or other mechanisms?), and what that
might mean for Fuseki.
I have a little experience with this (very little) but can discuss with some
more knowledgable colleagues. I’ve already asked them for requirements for
controlled access and/or controls for updates.
Thanks,
Mark
On Jul 23, 2014, at 9:12 AM, Andy Seaborne <[email protected]> wrote:
On 23/07/14 12:13, Amira Sifaoui Ep Ghaddab wrote:
Hi,
I m working with TDB, Tomcat and Fuseki.
I want to store RDF data with TDB.
Tomcat is my server and Fuseki is the sparql endpoint.
I have tried to run Fuseki 1 with Tomcat but I discovred that Fuseki 2 is
the perfect solution : I want to run Fuseki as a web application under
Tomcat .
In this link http://people.apache.org/~andy/fuseki2/, I find the
documentation and the content of Fuseki server.
I've just put an update snapshot build there. This, as was the last one, is
not an offical Apache release.
I don't know how to start!!
In configuring Fuseki, you talked about file's configuration but I dont
find any file to configure.
Shoud I use the configuration files in Fuseki1 ??
See the draft documentation in fuseki-layout.md.
Fuseki2 looks for files in $FUSEKI_BASE area.
It is by default /etc/fuseki. (It's in the log file.)
It will read a Fuseki1-style config.ttl file.
It might be easier to start with the standalone server (there is an init.d
script as well), which picks files up from 'currently directory'/run then move
the files to the FUSEKI_BASE area for Tomcat.
Do try out the new admin UI (go http://localhost:3030/ if running on port 3030 standalone
or http://localhost/fuseki/ if installed into Tomcat as webapp "fuseki").
If anyone has advice and suggestions about Fuseki2 deployment, especially about
MSWindows (I don't have expereince of running services on Windows), please do
share that.
Andy
Thanks.
