1

I have set up a SPARQL endpoint on a public server with Jena Fuseki and i've uploaded my open data into it.

So i want users to be able to directly query the dataset without any authentication and in the the same time not being able to manipulate my data in the endpoint ( create new dataset , adding data to my dataset ect .. )

i've tried to do that with the shiro.ini with a basic auth of username and password , but that blocks everything even the query for the users.

Any help would be greatly appreciated

Abaki Elfo
  • 19
  • 2
  • 1
    One way is to provide a server configuration file that describes the services offered. Or for datasets create dby UI, edit the generated one. http://jena.apache.org/documentation/fuseki2/fuseki-configuration.html. Remove the update services. – AndyS Dec 20 '18 at 22:08
  • I have already done that , i am using the Read-only service in my configuration without the upload & update services – Abaki Elfo Dec 23 '18 at 07:38
  • Then if shiro is blocking the URLs, shiro rules are too strict. Or do you mean the UI functions such as the query form? If so, find the URl pattern and allow that. – AndyS Dec 23 '18 at 18:53
  • Yes i'am talking about the UI functions that i can't block with shiro such as removing & creating datasets while these functions are specific for administrator in general – Abaki Elfo Dec 24 '18 at 13:27
  • These are the URLs of operations to block or not as required: http://jena.apache.org/documentation/fuseki2/fuseki-server-protocol.html – AndyS Dec 24 '18 at 17:23
  • That's worked for me with the /$/datasets .. Thanks – Abaki Elfo Dec 26 '18 at 14:39

1 Answers1

0

Public read but not write access should be the default setting, see the Fuseki security documentation.

In its default configuration, SPARQL endpoints are open to the public but administrative functions are limited to localhost

I assume that graph deletion and upload counts as "administrative function". To be sure that modification over SPARUL queries is blocked as well, please try adding a triple outside of localhost with the following query:

INSERT DATA INTO <mygraph> { <test1> <test2> <test3>.}
Konrad Höffner
  • 11,100
  • 16
  • 60
  • 118
  • it's true but once you move out from localhost to web server you should change the configuration file (shiro.ini) otherwise all funcion will be restricted. see here : https://stackoverflow.com/questions/43685530/fuseki-webinterface-does-not-show-datasets – Abaki Elfo Dec 23 '18 at 07:47