[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.

Wed, 21 Nov 2018 06:04:44 -0800 


    [ 
https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694745#comment-16694745
 ] 

ASF GitHub Bot commented on JENA-1623:
--------------------------------------

Github user rvesse commented on a diff in the pull request:

    https://github.com/apache/jena/pull/492#discussion_r235395467
  
    --- Diff: 
jena-fuseki2/jena-fuseki-core/src/main/java/org/apache/jena/fuseki/build/FusekiBuilder.java
 ---
    @@ -70,16 +69,42 @@ public static void populateStdServices(DataService 
dataService, boolean allowUpd
     
         /** Add an operation to a {@link DataService} with a given endpoint 
name */
         public static void addServiceEP(DataService dataService, Operation 
operation, String endpointName) {
    -        dataService.addEndpoint(operation, endpointName) ; 
    +        dataService.addEndpoint(operation, endpointName) ;
    +    }
    +
    +    /** Add an operation to a {@link DataService} with a given endpoint 
name */
    +    public static void addServiceEP(DataService dataService, Operation 
operation, String endpointName, AuthPolicy requestAuth) {
    +        dataService.addEndpoint(operation, endpointName, requestAuth) ;
         }
     
         public static void addServiceEP(DataService dataService, Operation 
operation, Resource svc, Property property) {
             String p = "<"+property.getURI()+">" ;
             ResultSet rs = FusekiBuildLib.query("SELECT * { ?svc " + p + " 
?ep}", svc.getModel(), "svc", svc) ;
             for ( ; rs.hasNext() ; ) {
                 QuerySolution soln = rs.next() ;
    -            String epName = soln.getLiteral("ep").getLexicalForm() ;
    -            addServiceEP(dataService, operation, epName); 
    +            AuthPolicy requestAuth = null;
    --- End diff --
    
    Should this be getting populated with a non-null value here?  Or is the 
intention to set to `null` by default and then potentially load in the auth 
policy later elsewhere?


> Fuseki: Provide server and service access control.
> --------------------------------------------------
>
>                 Key: JENA-1623
>                 URL: https://issues.apache.org/jira/browse/JENA-1623
>             Project: Apache Jena
>          Issue Type: Task
>          Components: Fuseki
>    Affects Versions: Jena 3.9.0
>            Reporter: Andy Seaborne
>            Assignee: Andy Seaborne
>            Priority: Major
>             Fix For: Jena 3.10.0
>
>
> Provide password-controlled access to server as whole and also on a 
> per-service basis.
> This should include "any logged in user" as well as named users.
> This goes along JENA-1595 which is graph-level access control - that already 
> assumes authentication to get the user.
> This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when 
> the webapp container (e.g. tomcat) is providing the authentication and access 
> control.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to