On 4/13/16 1:56 AM, rene....@kws.com wrote: > Hello > > Thanks for your answer. I am already familiar with graph security but what is > still unclear to me is what user is used for the faceted search. Since no > login is required and all graphs are visible via the search I assume it is > dba? Is there are way to change this? > > - René
You solve this problem by adding name graphs to be protected to a graph
group for protected named graphs.
Making a Named Graph Private (i.e., inaccessible to user 'nobody' which
identifies the unidentified service user):
-- Clearout perms set for 'nobody'
DB.DBA.RDF_ALL_USER_PERMS_DEL ('nobody') ;
DB.DBA.RDF_GRAPH_GROUP_INS
('http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs','{named-graph-iri')
;
-- Ensure 'nobody' doesn't have access to protected / private named graphs
-- Read privileges for 'nobody' on 'world' named graphs where "1" is for
private graphs
DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('nobody', 0, 1);
-- Grant Read privileges for 'nobody' on publicly accessible ('world')
named graphs where "0" is for public graphs
DB.DBA.RDF_DEFAULT_USER_PERMS_SET ('nobody', 7, 0);
-- Graph Security Integrity Check
RDF_GRAPH_SECURITY_AUDIT ( 0 ) ;
Kingsley
>
>> -----Ursprüngliche Nachricht-----
>> Von: Kingsley Idehen [mailto:kide...@openlinksw.com]
>> Gesendet: Dienstag, 12. April 2016 20:43
>> An: virtuoso-users@lists.sourceforge.net
>> Betreff: Re: [Virtuoso-users] Limit access to Faceted Search
>>
>> On 4/12/16 10:48 AM, rene....@kws.com wrote:
>>> Hello
>>>
>>> Is it possible to limit the access to the faceted search based on user
>>> login?
>> Ideally, the search would only display results from graphs the user has read
>> access to.
>>> I am using the commercial edition of Virtuoso and only the Conductor and fct
>> VADs are installed. There are already some graphs and users in place. The
>> /sparql
>> endpoint is disabled and only /sparql-auth is available. Nevertheless, /fct
>> shows all
>> data without login...
>>> Best regards
>>> René
>>>
>>> -- Dr. René Rex - - - - - - - - - - - - - - - - - - - - - - - - - - -
>>> - - - - - - - - - - - - - - - - - Bioinformatician, RD-DM
>>> Bioinformatics KWS SAAT SE, Grimsehlstraße 31, 37555 Einbeck Tel. +49
>>> (0) 5561/311-1341 Fax +49 (0) 5561/311-1063 E-Mail: rene....@kws.com
>>> http://www.kws.com KWS SAAT SE Chairman of the Supervisory Board |
>>> Vorsitzender des Aufsichtsrates: Andreas J. Büchting Executive Board |
>>> Vorstand: Hagen Duenbostel (CEO | Sprecher), Léon Broers, Peter
>>> Hofmann, Eva Kienle Company Headquarters | Sitz der Gesellschaft:
>>> Einbeck Registry Court | Registergericht: Göttingen, HRB 204567 - - -
>>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>>> - - - - - -
>> Hi Rene,
>>
>> You need to use Graph Security to control access to named graphs [1], in the
>> most basic sense. Ultimately, you need fine-grained attribute-based access
>> controls which is part of the commercial edition product.
>>
>> [1]
>> http://docs.openlinksw.com/virtuoso/rdfgraphsecurity.html#rdfgraphsecuritylevel
>> [2]
>> http://www.slideshare.net/kidehen/how-virtuoso-enables-attributed-based-access-
>> controls
>> .
>>
>> --
>> Regards,
>>
>> Kingsley Idehen
>> Founder & CEO
>> OpenLink Software
>> Company Web: http://www.openlinksw.com
>> Personal Weblog 1: http://kidehen.blogspot.com Personal Weblog 2:
>> http://www.openlinksw.com/blog/~kidehen
>> Twitter Profile: https://twitter.com/kidehen
>> Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
>> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>> Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
>>
>
> ------------------------------------------------------------------------------
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> _______________________________________________
> Virtuoso-users mailing list
> Virtuoso-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/virtuoso-users
>
--
Regards,
Kingsley Idehen
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________ Virtuoso-users mailing list Virtuoso-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/virtuoso-users
