This HTML5 document contains 35 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

PrefixNamespace IRI
dctermshttp://purl.org/dc/terms/
atomhttp://atomowl.org/ontologies/atomrdf#
foafhttp://xmlns.com/foaf/0.1/
n9http://vos.openlinksw.com/dataspace/services/wiki/
oplhttp://www.openlinksw.com/schema/attribution#
n2http://vos.openlinksw.com/dataspace/owiki/wiki/VOS/
dchttp://purl.org/dc/elements/1.1/
n14http://virtuoso.openlinksw.com/dataspace/doc/dav/wiki/Main/
n12http://vos.openlinksw.com/dataspace/dav#
rdfshttp://www.w3.org/2000/01/rdf-schema#
n8http://rdfs.org/sioc/services#
siocthttp://rdfs.org/sioc/types#
n4http://vos.openlinksw.com/dataspace/person/dav#
n10http://vos.openlinksw.com/dataspace/owiki/wiki/
n19http://vos.openlinksw.com/dataspace/owiki/wiki/VOS/VirtWTDVALACLCreation/sioc.
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
n6http://vos.openlinksw.com/dataspace/owiki#
xsdhhttp://www.w3.org/2001/XMLSchema#
n16http://vos.openlinksw.com/dataspace/%28NULL%29/wiki/VOS/
n20http://vos.openlinksw.com/dataspace/person/owiki#
siochttp://rdfs.org/sioc/ns#
Subject Item
n4:this
foaf:made
n2:VirtWTDVALACLCreation
Subject Item
n12:this
sioc:creator_of
n2:VirtWTDVALACLCreation
Subject Item
n9:item
n8:services_of
n2:VirtWTDVALACLCreation
Subject Item
n6:this
sioc:creator_of
n2:VirtWTDVALACLCreation
Subject Item
n10:VOS
sioc:container_of
n2:VirtWTDVALACLCreation
atom:entry
n2:VirtWTDVALACLCreation
atom:contains
n2:VirtWTDVALACLCreation
Subject Item
n2:VirtWTDVALACLCreation
rdf:type
sioct:Comment atom:Entry
dcterms:created
2018-04-13T12:09:49.380360
dcterms:modified
2019-07-11T07:03:48.287391
rdfs:label
VirtWTDVALACLCreation
foaf:maker
n4:this n20:this
dc:title
VirtWTDVALACLCreation
opl:isDescribedUsing
n19:rdf
sioc:has_creator
n12:this n6:this
sioc:content
%META:TOPICPARENT{name="VirtWTDStepByStepConfigGuide"}% ---++ WebID+TLS+Delegation VAL ACL Creation The VAL ACLs to be applied to the Virtuoso server instance allowing SPARQL query access rights to specified named graphs against the Default(HTTP) & SQL Realms, can now be created and loaded into the Virtuoso server. The following sample script file allows SPARQL query access rights via the HTTP & SQL interfaces. See the online documentation for more details on [[http://virtuoso.openlinksw.com/dataspace/doc/dav/wiki/Main/ValQuickStartGuide][VAL ACL configuration]]. Note the references to <code><nowiki>{URIQA-DefaultHost-INI-file-setting}</nowiki></code> in the script needs to be set to the same value as the URIQA <code><nowiki>DefaultHost</nowiki></code> setting in the INI (virtuoso.ini) file. <verbatim> C:\Program Files\OpenLink Software\Virtuso 7.2\database> type loadacl.sql -- Goal: -- Restrict access to a specific named graph. In this case you have a named -- graph IRI derived from each turtle document url in your RDF dump. -- ACL Rules Declaration Script run via Virtuosos iSQL interface: -- Make Public Graph Private by adding it to Private Named Graph Group DB.DBA.RDF_GRAPH_GROUP_INS ('http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs','OpenPermID-bulk-assetClass-20151111_095807.ttl.gz') ; DB.DBA.RDF_GRAPH_GROUP_INS ('http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs','OpenPermID-bulk-industry-20151111_095806.ttl.gz') ; -- Conditional Group Description HTTP Realm -- Cleanup SPARQL PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/groups/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> DELETE { <#groupBasicNetID> ?p ?o . } WHERE { <#groupBasicNetID> ?p ?o . } ; -- Conditional Group Definition SPARQL PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/groups/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> INSERT { <#groupBasicNetID> a <http://www.openlinksw.com/ontology/acl#ConditionalGroup> ; <http://xmlns.com/foaf/0.1/name> "Identities Denoted using a NetID based Identifier" ; <http://www.openlinksw.com/ontology/acl#hasCondition> [ a <http://www.openlinksw.com/ontology/acl#GroupCondition>, <http://www.openlinksw.com/ontology/acl#GenericCondition> ; <http://www.openlinksw.com/ontology/acl#hasCriteria> <http://www.openlinksw.com/ontology/acl#NetID> ; <http://www.openlinksw.com/ontology/acl#hasComparator> <http://www.openlinksw.com/ontology/acl#IsNotNull> ; <http://www.openlinksw.com/ontology/acl#hasValue> 1 ] . } ; -- Clear ACL Cache VAL.DBA.clear_graph_acl_cache() ; -- Generic Default Realm (HTTP) Access to SPARQL with Sponger enabled. -- Cleanup SPARQL PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> DELETE { <#NetIDSpongerAccessRule1> ?p ?o . } WHERE { <#NetIDSpongerAccessRule1> ?p ?o . } ; -- ACL Definition SPARQL PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> INSERT { <#NetIDSpongerAccessRule1> a acl:Authorization ; rdfs:label "Read & Sponger Access Authorization for NetIDs" ; rdfs:comment """This ACL rule grants Sponger access to any identity denoted by a URI where identity claims are de-referenced and then verified using a variety of authentication protocols e.g., HTTP Digest, TLS basic, OAuth, WebID-TLS, OpenID, or Mozilla Persona """ ; foaf:maker <http://opluswin7qa.usnet.private:8890/dataspace/person/kidehen#this> ; acl:accessTo <urn:virtuoso:access:sparql> ; oplacl:hasAccessMode oplacl:Read, oplacl:Sponge ; acl:agent <#groupBasicNetID> ; oplacl:hasRealm oplacl:DefaultRealm ; oplacl:hasScope oplacl:Query . } ; -- Declare DeaultRealm (HTTP) ACL -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> DELETE { <#HttpTLSPrivateNamedGraphRule1> ?p ?o . } WHERE { <#HttpTLSPrivateNamedGraphRule1> ?p ?o . } ; -- ACL Definition -- Protection of Private Named Graph identified by IRI: <OpenPermID-bulk-assetClass-20151111_095807.ttl.gz> SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> INSERT { <#HttpTLSPrivateNamedGraphRule1> a acl:Authorization ; rdfs:label "Private Named Graph ACL (HTTP Realm) for Named Graph Identified by IRI: <OpenPermID-bulk-assetClass-20151111_095807.ttl.gz>" ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; oplacl:hasAccessMode oplacl:Read ; acl:accessTo <OpenPermID-bulk-assetClass-20151111_095807.ttl.gz> ; acl:agent <#groupBasicNetID> ; oplacl:hasScope oplacl:PrivateGraphs ; oplacl:hasRealm oplacl:DefaultRealm . } ; -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> DELETE { <#HttpTLSPrivateNamedGraphRule2> ?p ?o . } WHERE { <#HttpTLSPrivateNamedGraphRule2> ?p ?o . } ; -- ACL Definition -- Protection of Private Named Graph identified by IRI: <OpenPermID-bulk-industry-20151111_095806.ttl.gz> SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> INSERT { <#HttpTLSPrivateNamedGraphRule2> a acl:Authorization ; rdfs:label "Private Named Graph ACL (HTTP Realm) for Named Graph Identified by IRI: <OpenPermID-bulk-industry-20151111_095806.ttl.gz>" ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; oplacl:hasAccessMode oplacl:Read ; acl:accessTo <OpenPermID-bulk-industry-20151111_095806.ttl.gz> ; acl:agent <http://opluswin7qa.usnet.private:8890/dataspace/person/kidehen#this> , <http://kingsley.idehen.net/dataspace/person/kidehen#this> , <https://s3.amazonaws.com/webid-sandbox/Profile/Basic-Identity-Claims-And-Profile-Document.ttl#i> , <http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i> , <http://id.myopenlink.net/DAV/home/cblakeley/youid_profile_160420.ttl#i> , <https://dbfff61d85d4da9b5aefce09723385e78a93f731.googledrive.com/host/0B-Mx14cLTEsaczdJdk96UVQ0aVE/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/hwilliams/YouID/Hugh_Williams_id_myopenlink_net_1/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/danielhm/profile.ttl#i> , <http://kingsley.idehen.net/DAV/home/kidehen/onno_profile.ttl#i> , <http://id.myopenlink.net/youid/profiles/6a93163fed72f5cac745c25dd3a8ad36/Hugh_Williams_id_myopenlink_net/profile.ttl#hwilliams> , <http://id.myopenlink.net/DAV/home/wtd/YouID/WebIDTlsDelegation_id_myopenlink_net/profile.ttl#wtd> ; oplacl:hasScope oplacl:PrivateGraphs ; oplacl:hasRealm oplacl:DefaultRealm . } ; --- End of Default (HTTP) Realm ACLs for Protected Named Graphs --- ---- Start of SQLRealm ACLs ---- -- Static Group Description -- Cleanup SPARQL PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/groups/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#SQLTLSstaticGroup> ?p ?o } WHERE { <#SQLTLSstaticGroup> ?p ?o } ; -- Group Definition SPARQL PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/groups/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#SQLTLSstaticGroup> a foaf:Group ; foaf:name "Conventional Group" ; rdfs:comment """Conventioal group used to which a collection of WebIDs (in the form of a list) belong. """ ; foaf:member <http://opluswin7qa.usnet.private:8890/dataspace/person/kidehen#this> , <http://kingsley.idehen.net/dataspace/person/kidehen#this> , <https://s3.amazonaws.com/webid-sandbox/Profile/Basic-Identity-Claims-And-Profile-Document.ttl#i> , <http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i> , <http://id.myopenlink.net/DAV/home/cblakeley/youid_profile_160420.ttl#i> , <https://dbfff61d85d4da9b5aefce09723385e78a93f731.googledrive.com/host/0B-Mx14cLTEsaczdJdk96UVQ0aVE/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/hwilliams/YouID/Hugh_Williams_id_myopenlink_net_1/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/danielhm/profile.ttl#i> , <http://kingsley.idehen.net/DAV/home/kidehen/onno_profile.ttl#i> , <http://id.myopenlink.net/youid/profiles/6a93163fed72f5cac745c25dd3a8ad36/Hugh_Williams_id_myopenlink_net/profile.ttl#hwilliams> , <http://id.myopenlink.net/DAV/home/wtd/YouID/WebIDTlsDelegation_id_myopenlink_net/profile.ttl#wtd> . } ; -- Conditional Group Description SQL Realm -- Cleanup SPARQL PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/groups/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#SQLTLSgroupBasicNetID> ?p ?o } WHERE { <#SQLTLSgroupBasicNetID> ?p ?o } ; -- Conditional Group Definition SPARQL PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/groups/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#SQLTLSgroupBasicNetID> a <http://www.openlinksw.com/ontology/acl#ConditionalGroup> ; <http://xmlns.com/foaf/0.1/name> "Identities Denoted using a NetID based Identifier" ; <http://www.openlinksw.com/ontology/acl#hasCondition> [ a <http://www.openlinksw.com/ontology/acl#GroupCondition>, <http://www.openlinksw.com/ontology/acl#GenericCondition> ; <http://www.openlinksw.com/ontology/acl#hasCriteria> <http://www.openlinksw.com/ontology/acl#NetID> ; <http://www.openlinksw.com/ontology/acl#hasComparator> <http://www.openlinksw.com/ontology/acl#IsNotNull> ; <http://www.openlinksw.com/ontology/acl#hasValue> 1 ] . } ; -- Grant NetID Group Access to SQL Realm -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#NetIDTLSSQLAccessRule1> ?p ?o . } WHERE { <#NetIDTLSSQLAccessRule1> ?p ?o . } ; -- ACL Definition SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#NetIDTLSSQLAccessRule1> a acl:Authorization ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; rdfs:label "SQL Realm Access Authorization ACL for NetIDs" ; rdfs:comment """Conditional Group based ACL that provides NetIDs with SQL Realm Access.""" ; oplacl:hasAccessMode oplacl:Read ; acl:accessTo <urn:virtuoso:access:sql> ; acl:agent <#groupBasicNetID>, <#staticGroup> ; oplacl:hasScope oplacl:Query ; oplacl:hasRealm oplacl:SqlRealm . } ; -- SPASQL Access Privileges Grant to a Specific WebID (this is required for LOD Connectivity Licenses )-- -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#WebIDTLSPASQLAccessRule1> ?p ?o. } WHERE { <#WebIDTLSPASQLAccessRule1> ?p ?o. } ; -- ACL Description SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#WebIDTLSPASQLAccessRule1> a acl:Authorization ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; rdfs:label "SQL Realm Access Authorization ACL" ; rdfs:comment """Mandatory ACL for granting access to SQL Realm which then enables ODBC, JDBC, ADO.NET, OLE-DB compliant application access, subject to Agent & User Identity.""" ; oplacl:hasAccessMode oplacl:Read ; acl:accessTo <urn:virtuoso:access:sparql> ; acl:agent <http://opluswin7qa.usnet.private:8890/dataspace/person/kidehen#this> , <http://kingsley.idehen.net/dataspace/person/kidehen#this> , <https://s3.amazonaws.com/webid-sandbox/Profile/Basic-Identity-Claims-And-Profile-Document.ttl#i> , <http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i> , <http://id.myopenlink.net/DAV/home/cblakeley/youid_profile_160420.ttl#i> , <https://dbfff61d85d4da9b5aefce09723385e78a93f731.googledrive.com/host/0B-Mx14cLTEsaczdJdk96UVQ0aVE/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/hwilliams/YouID/Hugh_Williams_id_myopenlink_net_1/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/danielhm/profile.ttl#i> , <http://kingsley.idehen.net/DAV/home/kidehen/onno_profile.ttl#i> , <http://id.myopenlink.net/youid/profiles/6a93163fed72f5cac745c25dd3a8ad36/Hugh_Williams_id_myopenlink_net/profile.ttl#hwilliams> , <http://id.myopenlink.net/DAV/home/wtd/YouID/WebIDTlsDelegation_id_myopenlink_net/profile.ttl#wtd> ; oplacl:hasScope oplacl:Query ; oplacl:hasRealm oplacl:SqlRealm . } ; -- SQL Realm Authorizations (enables execution of SQL queries via SQL+TLS connections) -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#WebIDTLSSQLAccessRule1> ?p ?o. } WHERE { <#WebIDTLSSQLAccessRule1> ?p ?o. } ; -- ACL Description SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#WebIDTLSSQLAccessRule1> a acl:Authorization ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; rdfs:label "SQL Realm Access Authorization ACL" ; rdfs:comment """Mandatory ACL for granting access to SQL Realm which then enables ODBC, JDBC, ADO.NET, OLE-DB compliant application access, subject to Agent & User Identity.""" ; oplacl:hasAccessMode oplacl:Read ; acl:accessTo <urn:virtuoso:access:sql> ; acl:agent <http://opluswin7qa.usnet.private:8890/dataspace/person/kidehen#this> , <http://kingsley.idehen.net/dataspace/person/kidehen#this> , <https://s3.amazonaws.com/webid-sandbox/Profile/Basic-Identity-Claims-And-Profile-Document.ttl#i> , <http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i> , <http://id.myopenlink.net/DAV/home/cblakeley/youid_profile_160420.ttl#i> , <https://dbfff61d85d4da9b5aefce09723385e78a93f731.googledrive.com/host/0B-Mx14cLTEsaczdJdk96UVQ0aVE/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/hwilliams/YouID/Hugh_Williams_id_myopenlink_net_1/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/danielhm/profile.ttl#i> , <http://kingsley.idehen.net/DAV/home/kidehen/onno_profile.ttl#i> , <http://id.myopenlink.net/youid/profiles/6a93163fed72f5cac745c25dd3a8ad36/Hugh_Williams_id_myopenlink_net/profile.ttl#hwilliams> , <http://id.myopenlink.net/DAV/home/wtd/YouID/WebIDTlsDelegation_id_myopenlink_net/profile.ttl#wtd> ; oplacl:hasScope oplacl:Query ; oplacl:hasRealm oplacl:SqlRealm . } ; --- SQL Query Access Restrictions (SQLRealm re. ODBC, JDBC, ADO.NET) --- -- Query Request Rate -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> PREFIX oplrest: <http://www.openlinksw.com/ontology/restrictions#> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#URIBurnerTLSSQLAccessRestriction1> ?p ?o . } WHERE { <#URIBurnerTLSSQLAccessRestriction1> ?p ?o . } ; -- Restriction Definition SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> PREFIX oplrest: <http://www.openlinksw.com/ontology/restrictions#> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#URIBurnerTLSSQLAccessRestriction1> a oplrest:Restriction ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; rdfs:label "SQL Realm Query Rate Restriction" ; rdfs:comment """Mandatory Restriction for metering Query Request Rates per second.""" ; oplacl:hasAccessMode oplacl:Read ; oplrest:hasRestrictedResource <urn:virtuoso:restrictions:sql-request-rate> ; oplrest:hasMaxValue "100"^^xsd:integer ; acl:agent <http://opluswin7qa.usnet.private:8890/dataspace/person/kidehen#this> , <http://kingsley.idehen.net/dataspace/person/kidehen#this> , <https://s3.amazonaws.com/webid-sandbox/Profile/Basic-Identity-Claims-And-Profile-Document.ttl#i> , <http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i> , <http://id.myopenlink.net/DAV/home/cblakeley/youid_profile_160420.ttl#i> , <https://dbfff61d85d4da9b5aefce09723385e78a93f731.googledrive.com/host/0B-Mx14cLTEsaczdJdk96UVQ0aVE/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/hwilliams/YouID/Hugh_Williams_id_myopenlink_net_1/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/danielhm/profile.ttl#i> , <http://kingsley.idehen.net/DAV/home/kidehen/onno_profile.ttl#i> , <http://id.myopenlink.net/youid/profiles/6a93163fed72f5cac745c25dd3a8ad36/Hugh_Williams_id_myopenlink_net/profile.ttl#hwilliams> , <http://id.myopenlink.net/DAV/home/wtd/YouID/WebIDTlsDelegation_id_myopenlink_net/profile.ttl#wtd> ; oplacl:hasRealm oplacl:SqlRealm . } ; -- Query Results Size -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> PREFIX oplrest: <http://www.openlinksw.com/ontology/restrictions#> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#URIBurnerTLSSQLAccessRestriction2> ?p ?o . } WHERE { <#URIBurnerTLSSQLAccessRestriction2> ?p ?o . } ; -- Restriction Definition SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> PREFIX foaf: <http://xmlns.com/foaf/0.1/> PREFIX oplrest: <http://www.openlinksw.com/ontology/restrictions#> WITH GRAPH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#URIBurnerTLSSQLAccessRestriction2> a oplrest:Restriction ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; rdfs:label "SQL Realm Resultset [Query Solution] Size Restriction" ; rdfs:comment """Mandatory Restriction for restrictng maximum size of query resultsets [solutions].""" ; oplrest:hasRestrictedResource <urn:virtuoso:restrictions:sql-result-rows> ; oplrest:hasMaxValue "200"^^xsd:integer ; acl:agent <http://opluswin7qa.usnet.private:8890/dataspace/person/kidehen#this> , <http://kingsley.idehen.net/dataspace/person/kidehen#this> , <https://s3.amazonaws.com/webid-sandbox/Profile/Basic-Identity-Claims-And-Profile-Document.ttl#i> , <http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i> , <http://id.myopenlink.net/DAV/home/cblakeley/youid_profile_160420.ttl#i> , <https://dbfff61d85d4da9b5aefce09723385e78a93f731.googledrive.com/host/0B-Mx14cLTEsaczdJdk96UVQ0aVE/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/hwilliams/YouID/Hugh_Williams_id_myopenlink_net_1/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/danielhm/profile.ttl#i> , <http://kingsley.idehen.net/DAV/home/kidehen/onno_profile.ttl#i> , <http://id.myopenlink.net/youid/profiles/6a93163fed72f5cac745c25dd3a8ad36/Hugh_Williams_id_myopenlink_net/profile.ttl#hwilliams> , <http://id.myopenlink.net/DAV/home/wtd/YouID/WebIDTlsDelegation_id_myopenlink_net/profile.ttl#wtd> ; oplacl:hasRealm oplacl:SqlRealm . } ; -- Private Graph ACL Private Named Graph identified by IRI: <OpenPermID-bulk-assetClass-20151111_095807.ttl.gz> -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#TLSSQLPrivateNamedGraphRule1> ?p ?o . } WHERE { <#TLSSQLPrivateNamedGraphRule1> ?p ?o . } ; -- ACL Description SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#TLSSQLPrivateNamedGraphRule1> a acl:Authorization ; rdfs:label "Private Named Graph ACL (SQL Realm) for Named Graph Identified by IRI: <OpenPermID-bulk-assetClass-20151111_095807.ttl.gz>" ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; oplacl:hasAccessMode oplacl:Read ; acl:accessTo <OpenPermID-bulk-assetClass-20151111_095807.ttl.gz> ; acl:agent <#SQLTLSgroupBasicNetID>, <#SQLTLSstaticGroup> ; oplacl:hasScope oplacl:PrivateGraphs ; oplacl:hasRealm oplacl:SqlRealm . } ; -- Private Graph ACL Private Named Graph identified by IRI: <OpenPermID-bulk-industry-20151111_095806.ttl.gz> -- Cleanup SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> DELETE { <#TLSSQLPrivateNamedGraphRule2> ?p ?o . } WHERE { <#TLSSQLPrivateNamedGraphRule2> ?p ?o . } ; -- ACL Description SPARQL PREFIX oplacl: <http://www.openlinksw.com/ontology/acl#> PREFIX acl: <http://www.w3.org/ns/auth/acl#> WITH <http://{URIQA-DefaultHost-INI-file-setting}/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23SqlRealm> INSERT { <#TLSSQLPrivateNamedGraphRule2> a acl:Authorization ; rdfs:label "Private Named Graph ACL (SQL Realm) for Named Graph Identified by IRI: <OpenPermID-bulk-industry-20151111_095806.ttl.gz>" ; foaf:maker <http://kingsley.idehen.net/dataspace/person/kidehen#this> ; oplacl:hasAccessMode oplacl:Read ; acl:accessTo <OpenPermID-bulk-industry-20151111_095806.ttl.gz> ; acl:agent <http://opluswin7qa.usnet.private:8890/dataspace/person/kidehen#this> , <http://kingsley.idehen.net/dataspace/person/kidehen#this> , <https://s3.amazonaws.com/webid-sandbox/Profile/Basic-Identity-Claims-And-Profile-Document.ttl#i> , <http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i> , <http://id.myopenlink.net/DAV/home/cblakeley/youid_profile_160420.ttl#i> , <https://dbfff61d85d4da9b5aefce09723385e78a93f731.googledrive.com/host/0B-Mx14cLTEsaczdJdk96UVQ0aVE/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/hwilliams/YouID/Hugh_Williams_id_myopenlink_net_1/profile.ttl#identity> , <http://id.myopenlink.net/DAV/home/danielhm/profile.ttl#i> , <http://kingsley.idehen.net/DAV/home/kidehen/onno_profile.ttl#i> , <http://id.myopenlink.net/youid/profiles/6a93163fed72f5cac745c25dd3a8ad36/Hugh_Williams_id_myopenlink_net/profile.ttl#hwilliams> , <http://id.myopenlink.net/DAV/home/wtd/YouID/WebIDTlsDelegation_id_myopenlink_net/profile.ttl#wtd> ; oplacl:hasScope oplacl:PrivateGraphs ; oplacl:hasRealm oplacl:SqlRealm . } ; -- Add sample data SPARQL WITH <OpenPermID-bulk-assetClass-20151111_095807.ttl.gz> INSERT { <#this> <#relatedTo> <#that> } ; SPARQL WITH <OpenPermID-bulk-assetClass-20151111_095807.ttl.gz> INSERT {<#kingsley> <#knows> <#hugh> } ; COMMIT WORK ; </verbatim> A normal digest connection can then be made to the Virtuoso database using <code>isql</code> command line tool and the script loaded into Virtuoso as follows: <verbatim> C:\Program Files\OpenLink Software\Virtuso 7.2\database> ..\bin\isql 1111 Connected to OpenLink Virtuoso Driver: 07.20.3217 OpenLink Virtuoso ODBC Driver OpenLink Interactive SQL (Virtuoso), version 07.20.3217. Type HELP; for help and EXIT; to exit. SQL> load loadacl.sql; Done. -- 4 msec. Done. -- 0 msec. Done. -- 4 msec. Done. -- 8 msec. Done. -- 1 msec. Done. -- 43 msec. Done. -- 3 msec. Done. -- 2 msec. Done. -- 2 msec. Done. -- 2 msec. Done. -- 3 msec. Done. -- 2 msec. Done. -- 2 msec. Done. -- 2 msec. Done. -- 5 msec. Done. -- 2 msec. Done. -- 3 msec. Done. -- 2 msec. Done. -- 3 msec. Done. -- 2 msec. Done. -- 3 msec. Done. -- 1 msec. Done. -- 4 msec. Done. -- 1 msec. Done. -- 4 msec. Done. -- 1 msec. Done. -- 2 msec. Done. -- 2 msec. Done. -- 3 msec. Done. -- 0 msec. SQL> </verbatim> ---+++Related * [[VirtWTDSoftwareAgentDocCreation][Virtuoso WebID+TLS+Delegation Step by Step Configuration Guide]] * [[VirtWTDServerSetup][Virtuoso Server WebID+TLS+Delegation Setup]] * [[VirtWTDSoftwareAgentDocCreation][Software Agent & WebID Profile Document Creation]] * [[VirtWTDACLTesting][WebID+TLS+Delegation ACL Testing]] * [[VirtWTDWebIdProfileDocInNamedGraph][Using Named Graph for hosting WebID Profile Document Data]]
sioc:id
a685b2d61c87488f93b2cf576ebee9e1
sioc:link
n2:VirtWTDVALACLCreation
sioc:has_container
n10:VOS
n8:has_services
n9:item
atom:title
VirtWTDVALACLCreation
sioc:links_to
n2:VirtWTDSoftwareAgentDocCreation n14:ValQuickStartGuide n16:WebID n2:VirtWTDWebIdProfileDocInNamedGraph n2:VirtWTDServerSetup n2:VirtWTDACLTesting
atom:source
n10:VOS
atom:author
n4:this
atom:published
2018-04-13T12:09:49Z
atom:updated
2019-07-11T07:03:48Z
sioc:topic
n10:VOS