I agree. I should explain a little more what I am trying to do and then maybe someone can tell me if there is another way. I am using fuseki2 with Jena Security. I am using triple level security. For example, don't want users to see payroll info for John Doe but they can see John's name etc... I have the following workflow (Fuseki2, ssl, tomcat):
User Request data -> Authenticate user cert / roles -> Fuseki2 -> jena security (need to validate triples based on user that requested here) -> return data that only the user can see. The problem is that Fuseki2 thinks the user that is requesting access to a triple is the server when in reality it is the user. In order to get around this I was planning on using a Http Header and pass the username in the header. I don't know another way to accomplish this. If anyone does please let me know. On Mon, Jan 26, 2015 at 6:46 PM, Rob Vesse <[email protected]> wrote: > Well it isn't exactly a common user request (you're the first in the 3.5 > years or so I've been actively contributing to Jena) hence the lack of any > user friendly API for this > > If you think this is something you'd need to do regularly then we can > always add an API for it. > > QueryExecutionFactory.sparqlService() always returns an instance of > QueryEngineHTTP so you can always cast the QueryExecution you get from the > sparqlService() call to this and then use specific method calls on > QueryEngineHTTP to configure it further. However right now there aren't > any method calls that would let you add HTTP headers, there are those that > let you add additional request parameters (e.g. to pass custom parameters > to endpoints e.g. server side timeouts) so adding complimentary APIs for > HTTP headers would make sense. > > It would perhaps be useful to understand why you need to add custom HTTP > headers in the first place? > > Rob > > On 26/01/2015 14:57, "Trevor Donaldson" <[email protected]> wrote: > > >Wow... ok. No clue how to do that. Guess I need to lookup custom request > >interceptor > >On Jan 26, 2015 5:49 PM, "Rob Vesse" <[email protected]> wrote: > > > >> Yes though not in any particular user friendly way > >> > >> The only way you can do it currently is by using the HttpAuthenticator > >> subsystem (https://jena.apache.org/documentation/query/http-auth.html) > >>and > >> passing an instance of a custom authenticator that you wrote yourself to > >> the QueryExecutionFactory.sparqlService() call > >> > >> The custom authenticator could take the AbstractHttpClient instance it > >> receives and add a request interceptor that would add in the necessary > >> headers to the outgoing requests though would need to be careful not to > >> register itself multiple times since client instances can be reused. > >> > >> Rob > >> > >> On 26/01/2015 13:01, "Trevor Donaldson" <[email protected]> wrote: > >> > >> >I would like to add some Http Headers to the request that is made by > >> >QueryExecutionFactory.sparqlService. Is this possible? Thanks > >> > >> > >> > >> > >> > > > > >
