Hi there, I'm looking for a more fine-grained way to control read/write access on the Virtuoso SPARQL endpoint. At the moment, I have two web-based applications using the same Virtuoso triple store, accessed through the SPARQL endpoint. One of these applications needs to be able to modify data in the triple store and one does not.
So, is it possible to protect only a subset of data in the triple store from being modified or deleted? The logical division is at the graph level, but I'd be happy with anything. In my search for a solution, I came across the following snippet: "you have to take away SPARQL_UPDATE away from user SPARQL and then assign this to a secure User or Role. Once assigned you can then create a different SPARQL endpoint (for controlled access) that is then associated with the secure User" In the solution described above, is it the case that both SPARQL endpoints have access to the same data? If so, this isn't really a viable solution to my problem, since the one application could still (accidentally or maliciously) delete data the other application depended on. Currently, what we're doing is running two separate instances of Virtuoso, but this is cumbersome and I'd really hoped to replace it with some sort of finer-grained permission. Any ideas? Thanks, Luke
