Hi Rumi,
I have also tried:
grant execute on DB.DBA.SPARUL_LOAD_SERVICE_DATA to "SPARQL";
but still, user "SPARQL" cannot be used as vsp_user to expose a sparql
endpoint, I got:
404 page not found
Resource /sparql not found.Access to page is forbidden
Best,
Gang
On Tue, Feb 3, 2015 at 8:10 AM, Rumi <rtsek...@openlinksw.com> wrote:
> Hi Gang Fu,
>
> On 03-Feb-15 1:15 PM, Gang Fu wrote:
>
> Hi,
>
> I am using function vhost_define() to expose read-only sparql endpoint
> through another port (different from 8890) for security concern.
>
> I have two questions:
> 1) how can I expose a sparql endpoint using account other than 'dba'. I
> have tried to using vsp_user=>'SPARQL', but I got '404 cannot access' error
> when I tried the url. I also set the opts->(executable, 'yes'), this option
> seems to allow any vsp user to have execute permission, but it still does
> not work. I also tried to set user 'SPARQL' to administrator role, but
> still cannot work....
>
>
> Please try the steps from this guide: "Secure SPARQL Endpoint via SQL
> Accounts -- usage path digest authentication"
>
> Link:
> http://virtuoso.openlinksw.com/dataspace/doc/dav/wiki/Main/VirtSPARQLProtectSQLDigestAuthentication
>
> Related:
> -- Securing SPARQL endpoints:
> http://virtuoso.openlinksw.com/dataspace/doc/dav/wiki/Main/VirtTipsAndTricksGuideSPARQLEndpoints
> -- Securing your SPARQL Endpoint via OAuth:
> http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtOAuthSPARQL
> -- Securing your SPARQL Endpoint via WebID:
> http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLSecurityWebID
>
>
> 2) how can I know and configure the user account to use '/sparql'
> endpoint by default. The system table 'DB.DBA.HTTP_PATH' only shows that
> the vsp_user is 'dba', but it does not show the default user of that
> endpoint is 'SPARLQ' (ID=106). The documentation says the user is 'SPARLQ'
> for both '/sparql' and '/sparql-graph-crud', but I cannot find any system
> table for that. Our system team wants to audit that information.
>
>
> The name 'SPARQL' is a constant in the code of SPARQL web service endpoint
> pages ( /sparql and /sparql-auth ).
> Another name can be used if authentication function sets connection
> variable 'SPARQLUserId' to that name, for ex., placing inside
> authentication call:
>
> connection_set ('SPARQLUserId', 'SOME_USER_NAME');
>
>
> What you could try is to grant more roles to the user if needed, such as:
> SPARQL_LOAD_SERVICE_DATA or SPARQL_UPDATE, by granting directly to the
> user or, better, to SPARQL_SELECT, since the endpoint page will require
> that the user is member of SPARQL_SELECT group -- that's the minimal
> practical permission, however one can grant more permissions.
>
>
> Best Regards,
> Rumi Kocis
>
>
> Best,
> Gang
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming. The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media, is your
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more. Take a
> look and join the conversation now. http://goparallel.sourceforge.net/
>
>
>
> _______________________________________________
> Virtuoso-users mailing
> listVirtuoso-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/virtuoso-users
>
>
>
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Virtuoso-users mailing list
Virtuoso-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/virtuoso-users
