Hiya, For the first time in ages I've got a host, want Fuseki as my main backend but am struggling with aspects related to security. Some specific issues, but broader problems, seems likely other folks have dealt with them already. (I have no idea of current best practices, even less on security in general). Mostly not Fuseki-specific...
I've got Fuseki running happily on the server - behind a reverse proxy on Apache, a XAMPP* install on Ubuntu. I would like to leave the endpoints open for read, restricted write. Right now may be totally visible at http://hyperdata.it:3030, creds: admin sasha. The twistiest issue: I'm serving a page, https://hyperdata.it/newsmonitor/river.html which includes an Ajax query to a SPARQL endpoint on Fuseki. I have an SSL certificate on the server. Browser balks. Straight http called inside page served over https not liked. Something like 'mixed messages'. Do I really have to pay for another certificate to cover port 3030? Workaround? More general question is how to manage sitewide access control. Ideally I'd like something that behaves like common sites, with read-only for anonymous and some writing available for registered users. Hooks into OAuth2 or whatever would be nice, sign in via Google or whatever... Has anyone used (bits of) Solid as a manager for these things? Yeah, I want it to be magic. Cheers, Danny. * Although I found the XAMPP install very easy for setting up a Wordpress blog, the Apache setup is not like the standard Ubuntu version. Very confusing when I wanted to go beyond that, seemingly arbitrary config files included in unfamiliar places. -- ---- http://hyperdata.it <http://hyperdata.it/danja>
