[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[
https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16674211#comment-16674211
]
ASF GitHub Bot commented on JENA-1623:
--
GitHub user afs opened a pull request:
https://github.com/apache/jena/pull/486
JENA-1623 : Fuseki server and service access control
Includes authentication support. This is packaging up the Jetty facilities
to make them more accessible for typical usage in Fuseki.
Not included in this PR: https support (again, packaging of what is
available in Jetty).
With JENA-1595, the access control options are:
* server access control by user/password
* per-service (i.e. `rdf:type fuseki:Service`) access control
* graph-visibility level control for a read-only dataset; SPARQL Query,
including FROM/FROM NAMED, and Graph Store Protocol, including (it can be
updated by a different service, different access control, sharing the same
database). Works for all storage; it works efficiently with TDB1 and TDB2 to
filter quads coming out of the database.
Not provided (yet):
* endpoint access control (i.e. a particular operation within a service)
* per graph update (graph level access currently blocks update)
At the time of PR submission: there is one missing case yet to be done
which `SELECT * FROM { ?s ?p ?o }` and other special
graphs. The more correct/useful `GRAPH ` does work
correctly.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/afs/jena fuseki-access
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/jena/pull/486.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #486
commit df9f849122f18fc28d7ffa5704fcd0fb653b18cd
Author: Andy Seaborne
Date: 2018-10-31T10:33:01Z
Removed deprecated constructors in favour of the builder pattern.
commit 0a12d4e446c21b2272b1356cd204dfa52793286f
Author: Andy Seaborne
Date: 2018-11-01T09:37:10Z
Refactor the do-nothing DatasetGraphs.
commit 616072ed8547a5a353913556b8d70a27423ddd47
Author: Andy Seaborne
Date: 2018-11-01T18:46:06Z
Tidy up and maintenance.
commit 2c46f9af17585530902c949ea3220639e3243016
Author: Andy Seaborne
Date: 2018-11-01T18:46:56Z
Cope with non-existent graphs in "GRAPH ?g" loop.
commit 213677f50cdabb2b29f561d9dace11e1d8742ebd
Author: Andy Seaborne
Date: 2018-11-01T19:55:42Z
JENA-1594: Add authentication support (digest or basic).
Add support for FROM handling with graph-access-controlled datasets.
Code cleaning.
commit 35fa63eaece862271c661fb6e0bf4df2509d4037
Author: Andy Seaborne
Date: 2018-11-01T20:44:50Z
Merge branch 'master' into fuseki-access
Overlapping changes in SPARQL_QueryGeneral.java
commit 3790008a014ce6bf34961e052f0a11f95e3f1051
Author: Andy Seaborne
Date: 2018-11-02T12:03:31Z
Remove unused import.
commit 52f4edd7e5e1d633a84e37596c8ee0815425c0b0
Author: Andy Seaborne
Date: 2018-11-02T14:46:34Z
Maintainence.
commit 7f72fbf62a6b1268f42743bafd5f31ddb9f36c20
Author: Andy Seaborne
Date: 2018-11-02T17:15:04Z
JENA-1594: Add filtering for all operations.
commit d12b6e3fda14f8400144b2a2d5c492c6c2f1c536
Author: Andy Seaborne
Date: 2018-11-02T17:21:19Z
JENA-1623: Service authorization by HTTP authentication.
commit 2bb97e4e70a1fba5663772796a50cca2502860c7
Author: Andy Seaborne
Date: 2018-11-02T18:17:58Z
Refactor parsing and processing Fuseki configuration files.
commit b4bc12a9c6f2070e84ca55a526eeab1dfa675846
Author: Andy Seaborne
Date: 2018-11-02T18:18:18Z
Rename FusekiSystem as FusekiWebapp.
commit c66c263cf92bc3fee3b86146628b175745e4b8bb
Author: Andy Seaborne
Date: 2018-11-03T16:57:13Z
JENA-1623: Server authorization by HTTP authentication.
> Fuseki: Provide server and service access control.
> --
>
> Key: JENA-1623
> URL: https://issues.apache.org/jira/browse/JENA-1623
> Project: Apache Jena
> Issue Type: Task
> Components: Fuseki
>Affects Versions: Jena 3.9.0
>Reporter: Andy Seaborne
>Assignee: Andy Seaborne
>Priority: Major
> Fix For: Jena 3.10.0
>
>
> Provide password-controlled access to server as whole and also on a
> per-service basis.
> This should include "any logged in user" as well as named users.
> This goes along JENA-1595 which is graph-level access control - that already
> assumes authentication to get the user.
> This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when
> the webapp container (e.g. tomcat) is providing the authentication and access
> control.
--
This message was sent by A
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[ https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16690637#comment-16690637 ] ASF GitHub Bot commented on JENA-1623: -- Github user asfgit closed the pull request at: https://github.com/apache/jena/pull/486 > Fuseki: Provide server and service access control. > -- > > Key: JENA-1623 > URL: https://issues.apache.org/jira/browse/JENA-1623 > Project: Apache Jena > Issue Type: Task > Components: Fuseki >Affects Versions: Jena 3.9.0 >Reporter: Andy Seaborne >Assignee: Andy Seaborne >Priority: Major > Fix For: Jena 3.10.0 > > > Provide password-controlled access to server as whole and also on a > per-service basis. > This should include "any logged in user" as well as named users. > This goes along JENA-1595 which is graph-level access control - that already > assumes authentication to get the user. > This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when > the webapp container (e.g. tomcat) is providing the authentication and access > control. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[ https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694693#comment-16694693 ] ASF GitHub Bot commented on JENA-1623: -- GitHub user afs opened a pull request: https://github.com/apache/jena/pull/492 JENA-1623: Endpoint access control lists This PR adds endpoint access control list, to go with the existing support for server and dataset ACLs. With endpoint ACLs, the configuration can give different permissions to query and update much more conveniently. You can merge this pull request into a Git repository by running: $ git pull https://github.com/afs/jena fuseki-access Alternatively you can review and apply these changes as the patch at: https://github.com/apache/jena/pull/492.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #492 commit ca7839362f3ce720e6e457e00d84b2c3a55168b3 Author: Andy Seaborne Date: 2018-11-19T23:58:51Z JENA-1623: Endpoint access control lists commit 070fae10908c46508b3454727e4a388640fbdb97 Author: Andy Seaborne Date: 2018-11-20T20:21:43Z JENA-1623: Endpoint access control lists tests > Fuseki: Provide server and service access control. > -- > > Key: JENA-1623 > URL: https://issues.apache.org/jira/browse/JENA-1623 > Project: Apache Jena > Issue Type: Task > Components: Fuseki >Affects Versions: Jena 3.9.0 >Reporter: Andy Seaborne >Assignee: Andy Seaborne >Priority: Major > Fix For: Jena 3.10.0 > > > Provide password-controlled access to server as whole and also on a > per-service basis. > This should include "any logged in user" as well as named users. > This goes along JENA-1595 which is graph-level access control - that already > assumes authentication to get the user. > This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when > the webapp container (e.g. tomcat) is providing the authentication and access > control. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[
https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694729#comment-16694729
]
ASF GitHub Bot commented on JENA-1623:
--
Github user rvesse commented on a diff in the pull request:
https://github.com/apache/jena/pull/492#discussion_r235394477
--- Diff:
jena-fuseki2/jena-fuseki-core/src/main/java/org/apache/jena/fuseki/auth/AuthPolicy.java
---
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.jena.fuseki.auth;
+
+/**
+ * Policy for authorization to a resource.
+ * Assumes the user has already been authenticated.
+ */
+public interface AuthPolicy {
+/**
+ * Is the use authorized for this resource?
+ */
+public boolean isAllowed(String user);
+
+/**
+ * Is the use denied for this resource? Both {@linkplain #isAllowed}
and
+ * {@linkplain #isDenied} could be false if the policy does not knwo
one way of the
--- End diff --
Typo - `knwo` -> `know`
> Fuseki: Provide server and service access control.
> --
>
> Key: JENA-1623
> URL: https://issues.apache.org/jira/browse/JENA-1623
> Project: Apache Jena
> Issue Type: Task
> Components: Fuseki
>Affects Versions: Jena 3.9.0
>Reporter: Andy Seaborne
>Assignee: Andy Seaborne
>Priority: Major
> Fix For: Jena 3.10.0
>
>
> Provide password-controlled access to server as whole and also on a
> per-service basis.
> This should include "any logged in user" as well as named users.
> This goes along JENA-1595 which is graph-level access control - that already
> assumes authentication to get the user.
> This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when
> the webapp container (e.g. tomcat) is providing the authentication and access
> control.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[
https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694745#comment-16694745
]
ASF GitHub Bot commented on JENA-1623:
--
Github user rvesse commented on a diff in the pull request:
https://github.com/apache/jena/pull/492#discussion_r235395467
--- Diff:
jena-fuseki2/jena-fuseki-core/src/main/java/org/apache/jena/fuseki/build/FusekiBuilder.java
---
@@ -70,16 +69,42 @@ public static void populateStdServices(DataService
dataService, boolean allowUpd
/** Add an operation to a {@link DataService} with a given endpoint
name */
public static void addServiceEP(DataService dataService, Operation
operation, String endpointName) {
-dataService.addEndpoint(operation, endpointName) ;
+dataService.addEndpoint(operation, endpointName) ;
+}
+
+/** Add an operation to a {@link DataService} with a given endpoint
name */
+public static void addServiceEP(DataService dataService, Operation
operation, String endpointName, AuthPolicy requestAuth) {
+dataService.addEndpoint(operation, endpointName, requestAuth) ;
}
public static void addServiceEP(DataService dataService, Operation
operation, Resource svc, Property property) {
String p = "<"+property.getURI()+">" ;
ResultSet rs = FusekiBuildLib.query("SELECT * { ?svc " + p + "
?ep}", svc.getModel(), "svc", svc) ;
for ( ; rs.hasNext() ; ) {
QuerySolution soln = rs.next() ;
-String epName = soln.getLiteral("ep").getLexicalForm() ;
-addServiceEP(dataService, operation, epName);
+AuthPolicy requestAuth = null;
--- End diff --
Should this be getting populated with a non-null value here? Or is the
intention to set to `null` by default and then potentially load in the auth
policy later elsewhere?
> Fuseki: Provide server and service access control.
> --
>
> Key: JENA-1623
> URL: https://issues.apache.org/jira/browse/JENA-1623
> Project: Apache Jena
> Issue Type: Task
> Components: Fuseki
>Affects Versions: Jena 3.9.0
>Reporter: Andy Seaborne
>Assignee: Andy Seaborne
>Priority: Major
> Fix For: Jena 3.10.0
>
>
> Provide password-controlled access to server as whole and also on a
> per-service basis.
> This should include "any logged in user" as well as named users.
> This goes along JENA-1595 which is graph-level access control - that already
> assumes authentication to get the user.
> This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when
> the webapp container (e.g. tomcat) is providing the authentication and access
> control.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[
https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694747#comment-16694747
]
ASF GitHub Bot commented on JENA-1623:
--
Github user rvesse commented on a diff in the pull request:
https://github.com/apache/jena/pull/492#discussion_r235398663
--- Diff:
jena-fuseki2/jena-fuseki-core/src/main/java/org/apache/jena/fuseki/build/FusekiBuilder.java
---
@@ -70,16 +69,42 @@ public static void populateStdServices(DataService
dataService, boolean allowUpd
/** Add an operation to a {@link DataService} with a given endpoint
name */
public static void addServiceEP(DataService dataService, Operation
operation, String endpointName) {
-dataService.addEndpoint(operation, endpointName) ;
+dataService.addEndpoint(operation, endpointName) ;
+}
+
+/** Add an operation to a {@link DataService} with a given endpoint
name */
+public static void addServiceEP(DataService dataService, Operation
operation, String endpointName, AuthPolicy requestAuth) {
+dataService.addEndpoint(operation, endpointName, requestAuth) ;
}
public static void addServiceEP(DataService dataService, Operation
operation, Resource svc, Property property) {
String p = "<"+property.getURI()+">" ;
ResultSet rs = FusekiBuildLib.query("SELECT * { ?svc " + p + "
?ep}", svc.getModel(), "svc", svc) ;
for ( ; rs.hasNext() ; ) {
QuerySolution soln = rs.next() ;
-String epName = soln.getLiteral("ep").getLexicalForm() ;
-addServiceEP(dataService, operation, epName);
+AuthPolicy requestAuth = null;
--- End diff --
Looks like `FusekiBuilder` populates this at a later stage so maybe a
comment to that effect here?
> Fuseki: Provide server and service access control.
> --
>
> Key: JENA-1623
> URL: https://issues.apache.org/jira/browse/JENA-1623
> Project: Apache Jena
> Issue Type: Task
> Components: Fuseki
>Affects Versions: Jena 3.9.0
>Reporter: Andy Seaborne
>Assignee: Andy Seaborne
>Priority: Major
> Fix For: Jena 3.10.0
>
>
> Provide password-controlled access to server as whole and also on a
> per-service basis.
> This should include "any logged in user" as well as named users.
> This goes along JENA-1595 which is graph-level access control - that already
> assumes authentication to get the user.
> This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when
> the webapp container (e.g. tomcat) is providing the authentication and access
> control.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[
https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694870#comment-16694870
]
ASF GitHub Bot commented on JENA-1623:
--
Github user afs commented on a diff in the pull request:
https://github.com/apache/jena/pull/492#discussion_r235441879
--- Diff:
jena-fuseki2/jena-fuseki-core/src/main/java/org/apache/jena/fuseki/build/FusekiBuilder.java
---
@@ -70,16 +69,42 @@ public static void populateStdServices(DataService
dataService, boolean allowUpd
/** Add an operation to a {@link DataService} with a given endpoint
name */
public static void addServiceEP(DataService dataService, Operation
operation, String endpointName) {
-dataService.addEndpoint(operation, endpointName) ;
+dataService.addEndpoint(operation, endpointName) ;
+}
+
+/** Add an operation to a {@link DataService} with a given endpoint
name */
+public static void addServiceEP(DataService dataService, Operation
operation, String endpointName, AuthPolicy requestAuth) {
+dataService.addEndpoint(operation, endpointName, requestAuth) ;
}
public static void addServiceEP(DataService dataService, Operation
operation, Resource svc, Property property) {
String p = "<"+property.getURI()+">" ;
ResultSet rs = FusekiBuildLib.query("SELECT * { ?svc " + p + "
?ep}", svc.getModel(), "svc", svc) ;
for ( ; rs.hasNext() ; ) {
QuerySolution soln = rs.next() ;
-String epName = soln.getLiteral("ep").getLexicalForm() ;
-addServiceEP(dataService, operation, epName);
+AuthPolicy requestAuth = null;
--- End diff --
Yes - the authorization setup needs to be passed out of the "else" arm of
the if it is found, otherwise it is "no AuthPolicy". Java scope issue. "null"
means "no value seen in the configuration".
An alternative would have been to always have an executable AuthPolicy even
if it's "anyone, unauthenticated or not".
For keeping track of setup, which can be become quite complicated, I found
it slightly easier to use a null as "this hasn't been set" rather than use a
marker AuthPolicy.
Comment added.
> Fuseki: Provide server and service access control.
> --
>
> Key: JENA-1623
> URL: https://issues.apache.org/jira/browse/JENA-1623
> Project: Apache Jena
> Issue Type: Task
> Components: Fuseki
>Affects Versions: Jena 3.9.0
>Reporter: Andy Seaborne
>Assignee: Andy Seaborne
>Priority: Major
> Fix For: Jena 3.10.0
>
>
> Provide password-controlled access to server as whole and also on a
> per-service basis.
> This should include "any logged in user" as well as named users.
> This goes along JENA-1595 which is graph-level access control - that already
> assumes authentication to get the user.
> This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when
> the webapp container (e.g. tomcat) is providing the authentication and access
> control.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[
https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694869#comment-16694869
]
ASF GitHub Bot commented on JENA-1623:
--
Github user afs commented on a diff in the pull request:
https://github.com/apache/jena/pull/492#discussion_r235441851
--- Diff:
jena-fuseki2/jena-fuseki-core/src/main/java/org/apache/jena/fuseki/auth/AuthPolicy.java
---
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.jena.fuseki.auth;
+
+/**
+ * Policy for authorization to a resource.
+ * Assumes the user has already been authenticated.
+ */
+public interface AuthPolicy {
+/**
+ * Is the use authorized for this resource?
+ */
+public boolean isAllowed(String user);
+
+/**
+ * Is the use denied for this resource? Both {@linkplain #isAllowed}
and
+ * {@linkplain #isDenied} could be false if the policy does not knwo
one way of the
--- End diff --
Done
> Fuseki: Provide server and service access control.
> --
>
> Key: JENA-1623
> URL: https://issues.apache.org/jira/browse/JENA-1623
> Project: Apache Jena
> Issue Type: Task
> Components: Fuseki
>Affects Versions: Jena 3.9.0
>Reporter: Andy Seaborne
>Assignee: Andy Seaborne
>Priority: Major
> Fix For: Jena 3.10.0
>
>
> Provide password-controlled access to server as whole and also on a
> per-service basis.
> This should include "any logged in user" as well as named users.
> This goes along JENA-1595 which is graph-level access control - that already
> assumes authentication to get the user.
> This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when
> the webapp container (e.g. tomcat) is providing the authentication and access
> control.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[ https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16695812#comment-16695812 ] ASF subversion and git services commented on JENA-1623: --- Commit 78affd221010a51bbee43fe0c7d22ae0804e91d6 in jena's branch refs/heads/master from [~an...@apache.org] [ https://git-wip-us.apache.org/repos/asf?p=jena.git;h=78affd2 ] JENA-1623: Merge commit 'refs/pull/492/head' of https://github.com/apache/jena This closes #492. > Fuseki: Provide server and service access control. > -- > > Key: JENA-1623 > URL: https://issues.apache.org/jira/browse/JENA-1623 > Project: Apache Jena > Issue Type: Task > Components: Fuseki >Affects Versions: Jena 3.9.0 >Reporter: Andy Seaborne >Assignee: Andy Seaborne >Priority: Major > Fix For: Jena 3.10.0 > > > Provide password-controlled access to server as whole and also on a > per-service basis. > This should include "any logged in user" as well as named users. > This goes along JENA-1595 which is graph-level access control - that already > assumes authentication to get the user. > This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when > the webapp container (e.g. tomcat) is providing the authentication and access > control. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[ https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16695810#comment-16695810 ] ASF subversion and git services commented on JENA-1623: --- Commit ca7839362f3ce720e6e457e00d84b2c3a55168b3 in jena's branch refs/heads/master from [~an...@apache.org] [ https://git-wip-us.apache.org/repos/asf?p=jena.git;h=ca78393 ] JENA-1623: Endpoint access control lists > Fuseki: Provide server and service access control. > -- > > Key: JENA-1623 > URL: https://issues.apache.org/jira/browse/JENA-1623 > Project: Apache Jena > Issue Type: Task > Components: Fuseki >Affects Versions: Jena 3.9.0 >Reporter: Andy Seaborne >Assignee: Andy Seaborne >Priority: Major > Fix For: Jena 3.10.0 > > > Provide password-controlled access to server as whole and also on a > per-service basis. > This should include "any logged in user" as well as named users. > This goes along JENA-1595 which is graph-level access control - that already > assumes authentication to get the user. > This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when > the webapp container (e.g. tomcat) is providing the authentication and access > control. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[ https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16695813#comment-16695813 ] ASF subversion and git services commented on JENA-1623: --- Commit 35c1c36557a0c5366374e6ba2202b169b35d5023 in jena's branch refs/heads/master from [~an...@apache.org] [ https://git-wip-us.apache.org/repos/asf?p=jena.git;h=35c1c36 ] JENA-1623: Comment about server section was not correct > Fuseki: Provide server and service access control. > -- > > Key: JENA-1623 > URL: https://issues.apache.org/jira/browse/JENA-1623 > Project: Apache Jena > Issue Type: Task > Components: Fuseki >Affects Versions: Jena 3.9.0 >Reporter: Andy Seaborne >Assignee: Andy Seaborne >Priority: Major > Fix For: Jena 3.10.0 > > > Provide password-controlled access to server as whole and also on a > per-service basis. > This should include "any logged in user" as well as named users. > This goes along JENA-1595 which is graph-level access control - that already > assumes authentication to get the user. > This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when > the webapp container (e.g. tomcat) is providing the authentication and access > control. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[ https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16695811#comment-16695811 ] ASF subversion and git services commented on JENA-1623: --- Commit 070fae10908c46508b3454727e4a388640fbdb97 in jena's branch refs/heads/master from [~an...@apache.org] [ https://git-wip-us.apache.org/repos/asf?p=jena.git;h=070fae1 ] JENA-1623: Endpoint access control lists tests > Fuseki: Provide server and service access control. > -- > > Key: JENA-1623 > URL: https://issues.apache.org/jira/browse/JENA-1623 > Project: Apache Jena > Issue Type: Task > Components: Fuseki >Affects Versions: Jena 3.9.0 >Reporter: Andy Seaborne >Assignee: Andy Seaborne >Priority: Major > Fix For: Jena 3.10.0 > > > Provide password-controlled access to server as whole and also on a > per-service basis. > This should include "any logged in user" as well as named users. > This goes along JENA-1595 which is graph-level access control - that already > assumes authentication to get the user. > This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when > the webapp container (e.g. tomcat) is providing the authentication and access > control. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (JENA-1623) Fuseki: Provide server and service access control.
[ https://issues.apache.org/jira/browse/JENA-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16695814#comment-16695814 ] ASF GitHub Bot commented on JENA-1623: -- Github user asfgit closed the pull request at: https://github.com/apache/jena/pull/492 > Fuseki: Provide server and service access control. > -- > > Key: JENA-1623 > URL: https://issues.apache.org/jira/browse/JENA-1623 > Project: Apache Jena > Issue Type: Task > Components: Fuseki >Affects Versions: Jena 3.9.0 >Reporter: Andy Seaborne >Assignee: Andy Seaborne >Priority: Major > Fix For: Jena 3.10.0 > > > Provide password-controlled access to server as whole and also on a > per-service basis. > This should include "any logged in user" as well as named users. > This goes along JENA-1595 which is graph-level access control - that already > assumes authentication to get the user. > This is for Fuseki main, not Fuseki webapp. Fuseki webapp is suitable when > the webapp container (e.g. tomcat) is providing the authentication and access > control. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
