There is some documentation about combining Shiro with jena-permissions available here:
https://jena.apache.org/documentation/permissions/example.html The extent to which that will be useful to you may be limited to the extent to which you can fit the patterns of usage you want to control into the dataset/graph/triple framework over which jena-permissions works. --- A. Soroka The University of Virginia Library > On Mar 26, 2017, at 9:58 AM, A. Soroka <aj...@email.virginia.edu> wrote: > > You have Apache Shiro available for coarse authorization action on the > endpoint, but that will not do much for you if you need to act differently > according to the parsed query. > > Claude, could jena-permissions be used here for some cases? > > --- > A. Soroka > The University of Virginia Library > >> On Mar 26, 2017, at 8:04 AM, Laura Morales <laure...@mail.com> wrote: >> >> I'd like to make one of my SPARQL endpoints publicly accessible through a >> REST API. The problem however, is that SPARQL is a very expressive language, >> and it's too easy to abuse it with complex, unoptimized queries. >> I'm wondering if there's any "filter" that can be applied on the HTTP >> request in order to limit what the user can do; for example "allow nodes >> traversal only" or "return MAX results at most" etc. >