You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@jena.apache.org by Zak Mc Kracken <za...@yahoo.it.INVALID> on 2016/11/10 16:59:49 UTC
Authentication of endpoints in federated queries
Hello everyone,
I need a federated SPARQL query, where the SERVICE endpoint requires
basic HTTP authentication (the one that is based on .htaccess and works
by sending user/pass to the server).
I cannot understand if this is possible in Jena and how. Some
documentation mentions the simpler case where you authenticate against
the main endpoint
(https://jena.apache.org/documentation/query/http-auth.html), does this
apply to SERVICE too? If yes, do I just need the ServiceAuthenticator?
(By the way, the link to
http://jena.apache.org/documentation/javadoc/arq/org/apache/jena/atlas/web/auth/ServiceAuthenticator.html
is broken in that page, I found it via browsing the code).
Thanks in advance,
Marco.
Re: Authentication of endpoints in federated queries
Posted by Zak Mc Kracken <za...@yahoo.it.INVALID>.
Cool!
I'll give it a try, thank you so much!
Marco.
On 10/11/2016 20:46, A. Soroka wrote:
> You can stay with 3.1.0 for the moment (obviously, you'll eventually want to upgrade to get all the other good things in 3.1.1 {grin}).
>
> For 3.1.0, please look at:
>
> https://jena.apache.org/documentation/query/service.html#controlling-service-requests
>
> and especially at the last paragraph:
>
> https://jena.apache.org/documentation/query/service.html#srvservicecontext
>
> In that paragraph is explained the mechanism by which you can "override system context settings on a per URI basis" (quoting from it). That's a way that you supply a specific username/password combo (aka srv:queryAuthUser/srv:queryAuthPwd combo) for a specific service at a specific URL. As the notes there say, you can do this either on a per-query basis (by passing in a Context, just as you surmised) or in the static ARQ context (which would make your config available to all queries).
>
> Does this help?
>
> ---
> A. Soroka
> The University of Virginia Library
>
Re: Authentication of endpoints in federated queries
Posted by "A. Soroka" <aj...@virginia.edu>.
You can stay with 3.1.0 for the moment (obviously, you'll eventually want to upgrade to get all the other good things in 3.1.1 {grin}).
For 3.1.0, please look at:
https://jena.apache.org/documentation/query/service.html#controlling-service-requests
and especially at the last paragraph:
https://jena.apache.org/documentation/query/service.html#srvservicecontext
In that paragraph is explained the mechanism by which you can "override system context settings on a per URI basis" (quoting from it). That's a way that you supply a specific username/password combo (aka srv:queryAuthUser/srv:queryAuthPwd combo) for a specific service at a specific URL. As the notes there say, you can do this either on a per-query basis (by passing in a Context, just as you surmised) or in the static ARQ context (which would make your config available to all queries).
Does this help?
---
A. Soroka
The University of Virginia Library
> On Nov 10, 2016, at 1:22 PM, Zak Mc Kracken <za...@yahoo.it> wrote:
>
> Hi Adam,
>
> thanks for your reply.
>
> I'm using 3.1.0, but upgrading shouldn't be a big deal. The question is how to use it. Is passing an authenticator to QueryExecutionFactory.sparqlService enogh? Will the authenticator be used with "SERVICE <url>", in addition to the endpoint sent as first parameter of this method?
>
> If that is the case, it would be fine for my use case, but what if the only endpoint needing authentication is the one mentioned by SERVICE? Can I specify credentials on a per-URL basis somehow? Via Context passed to ServiceAuthenticator?
>
> Marco
>
> On 10/11/2016 17:09, A. Soroka wrote:
>> We are currently refreshing that very documentation, but in the meantime I will help you directly. You _can_ use HTTP authN with SERVICE, it's just a question of how. The most important question is, what version of Jena are you using? (The reason those links don't work is exactly because we changed this part of the code with the recent release of 3.1.1.)
>>
>> ---
>> A. Soroka
>> The University of Virginia Library
>>
>
Re: Authentication of endpoints in federated queries
Posted by Zak Mc Kracken <za...@yahoo.it>.
Hi Adam,
thanks for your reply.
I'm using 3.1.0, but upgrading shouldn't be a big deal. The question is
how to use it. Is passing an authenticator to
QueryExecutionFactory.sparqlService enogh? Will the authenticator be
used with "SERVICE <url>", in addition to the endpoint sent as first
parameter of this method?
If that is the case, it would be fine for my use case, but what if the
only endpoint needing authentication is the one mentioned by SERVICE?
Can I specify credentials on a per-URL basis somehow? Via Context passed
to ServiceAuthenticator?
Marco
On 10/11/2016 17:09, A. Soroka wrote:
> We are currently refreshing that very documentation, but in the meantime I will help you directly. You _can_ use HTTP authN with SERVICE, it's just a question of how. The most important question is, what version of Jena are you using? (The reason those links don't work is exactly because we changed this part of the code with the recent release of 3.1.1.)
>
> ---
> A. Soroka
> The University of Virginia Library
>
Re: Authentication of endpoints in federated queries
Posted by "A. Soroka" <aj...@virginia.edu>.
We are currently refreshing that very documentation, but in the meantime I will help you directly. You _can_ use HTTP authN with SERVICE, it's just a question of how. The most important question is, what version of Jena are you using? (The reason those links don't work is exactly because we changed this part of the code with the recent release of 3.1.1.)
---
A. Soroka
The University of Virginia Library
> On Nov 10, 2016, at 11:59 AM, Zak Mc Kracken <za...@yahoo.it.INVALID> wrote:
>
> Hello everyone,
>
> I need a federated SPARQL query, where the SERVICE endpoint requires basic HTTP authentication (the one that is based on .htaccess and works by sending user/pass to the server).
>
> I cannot understand if this is possible in Jena and how. Some documentation mentions the simpler case where you authenticate against the main endpoint (https://jena.apache.org/documentation/query/http-auth.html), does this apply to SERVICE too? If yes, do I just need the ServiceAuthenticator? (By the way, the link to http://jena.apache.org/documentation/javadoc/arq/org/apache/jena/atlas/web/auth/ServiceAuthenticator.html is broken in that page, I found it via browsing the code).
>
> Thanks in advance,
> Marco.
>
>