How Can I execute INSERT/DELETE (SPARUL) statements against a WebID? protected SPARQL endpoint?
The following sample scenario demonstrates how to perform INSERT/DELETE (SPARUL) statements against a protected SPARQL Endpoint by setting WebID? Protocol ACLs using the Virtuoso Authentication Server UI:
- Obtain a WebID?:
- Download and install the ods_framework_dav.vad.
- Note: an existing ODS DataSpace user instance can also be used, for example at http://id.myopenlink.net/ods/
- Register an ODS Data Space user, for example with name "demo".
- The generated WebID? will be for example:
http://id.myopenlink.net/dataspace/person/demo#this
- Generate a Personal HTTP based Identifier for the "demo" user and then bind the personal Identifier to an X.509 Certificate, thereby giving assigning the user a WebID?.
- Download and install the ods_framework_dav.vad.
- Download and install the
conductor_dav.vadpackage, if not already installed. - Go to
http://<cname>:<port>/conductor, where<cname>:<port>are replaced by your local server values. - Go to System Admin -> Linked Data -> Access Control -> SPARQL-WebID?
- In the displayed form:
- Enter the Web ID for the user registered above, for example:
http://id.myopenlink.net/dataspace/person/demo#this
- Select "SPARQL Role": "UPDATE".
- Enter the Web ID for the user registered above, for example:
- Click the "Register" button.
- The WebID? Protocol ACL will be created:
- Go to the SPARQL+WebID? endpoint,
https://<cname>:<port>/sparql-webid, where<cname>:<port>are replaced by your local server values. - Select the user's certificate:
- The SPARQL Query UI will be displayed:
- Execute the query:
INSERT INTO GRAPH <http://mytest.com> { <s1> <p1> <o1> . <s2> <p2> <o2> . <s3> <p3> <o3> }
Note: If the SPARQL Role "Sponge" is set instead, in order to be able to execute DELETE/INSERT statements over the protected SPARQL Endpoint, the following grants need to be performed for the user, associated with the WebID? ACL Role:
grant execute on DB.DBA.SPARQL_INSERT_DICT_CONTENT to "demo"; grant execute on DB.DBA.SPARQL_DELETE_DICT_CONTENT to "demo";
References
- Safeguarding your Virtuoso-hosted SPARQL Endpoint
- SPARQL Endpoint Protection Methods Collection
- Virtuoso documentation
- Virtuoso Tips and Tricks Collection
- SPARUL over SPARQL using the http://cname:port/sparql-auth endpoint
- Virtuoso Authentication Server UI
- Manage a SPARQL-WebID based Endpoint
- Configure Virtuoso instance as an X.509 Certificate Authority and HTTPS listener
- Configure Virtuoso+ODS instance as an X.509 Certificate Authority and HTTPS listener
- WebID Protocol Support in OpenLink Data Spaces.
- Manage ODS Datadspaces Objects WebID? Access Control Lists (ACLs):
- Guide for Set up a X.509 certificate issuer and HTTPS listener and generate ODS user certificates.
- Setting up PubSubHub in ODS
- PubSubHubBub Demo Client Example
- Feed subscription via PubSubHub protocol Example
- Setting Up PubSubHub to use WebID Protocol or IP based control lists
- CA Keys Import using Conductor
- Generate an X.509 Certificate hosted WebID Guide
- Generate an X.509 Certificate (with a WebID watermark) to be managed by host operating system keystore
- Generate an X.509 Certificate (with a WebID watermark) to be managed by a browser-based keystore
- Using Virtuoso's WebID Verification Proxy Service with a WebID-bearing X.509 certificate
- Using Virtuoso's WebID Identity Provider (IdP) Proxy Service with an X.509 certificate
- ODS Briefcase WebID Protocol Share File Guide
- WebID Protocol Specification
- Test WebID Protocol Certificate page
- WebID Protocol Certificate Generation page