• Topic
  • Discussion
  • ODS.VAL_ValCustomization(Last) -- DAVWikiAdmin? , 2017-06-29 07:33:21 Edit WebDAV System Administrator 2017-06-29 07:33:21

    VAL Customization

    Introduction

    VAL can be customized in various ways, by manipulating the triples in a set of pre-defined private graphs. Typically these details will be hidden behind user interface elements, but it is good to know them anyway.

    Customizing the Standard VAL Authentication Page

    VAL allows some customization of the authenticate.vsp page (also see the the VAL VSP Authentication Tutorial).

    Customizing the Logos

    Logos displayed on the authentication page can easily be customized per application realm. By default, VAL shows details about the identity provider on the left, and the Virtuoso logo as the image on the right.

    To set the left and right logos for the default realm, one can simply insert corresponding triples into the VAL config graph:


    SPARQL
    PREFIX  oplcfg:  <http://www.openlinksw.com/ontology/configuration#>
    PREFIX  oplacl:  <http://www.openlinksw.com/ontology/acl#>
    INSERT
      INTO <urn:virtuoso:val:config> 
        {
          oplacl:DefaultRealm  oplcfg:hasLeftLogo  <http://path/to/a-logo.png> ;
                               oplcfg:hasRightLogo <http://path/to/another-logo.png> .
        };
    

    Similarly, the href targets of these logos (which default as shown here) can be set via:


    SPARQL
    PREFIX  oplcfg:  <http://www.openlinksw.com/ontology/configuration#>
    PREFIX  oplacl:  <http://www.openlinksw.com/ontology/acl#>
    INSERT
      INTO <urn:virtuoso:val:config> 
        {
          oplacl:DefaultRealm  oplcfg:hasLeftAnchor   <http://www.openlinksw.com/> ;
                               oplcfg:hasRightAnchor  <http://virtuoso.openlinksw.com/> .
    };
    

    Customizing the Access Request Dialog

    There are two modes to how the Access Request Dialog is to be presented:

    • the user needs to press a button to show it (the default)
    • the dialog is shown automatically when an authenticated person is has been denied access to a resource

    This setting is tied to the application realm, which means that it does not apply to any other realm.

    To show the dialog automatically in the default realm, one sets the following property:


    SPARQL
    PREFIX  oplcfg:  <http://www.openlinksw.com/ontology/configuration#>
    INSERT
      INTO <urn:virtuoso:val:config> 
        {
          <urn:virtuoso:val:realms:default>  oplcfg:hasRequestAccessDialogMode  oplcfg:SimpleRequestAccessDialog
        };
    

    To restore the default, one simply deletes the configuration:


    SPARQL
    PREFIX  oplcfg:  <http://www.openlinksw.com/ontology/configuration#>
    DELETE
      FROM <urn:virtuoso:val:config> 
        {
          <urn:virtuoso:val:realms:default>  oplcfg:hasRequestAccessDialogMode  oplcfg:SimpleRequestAccessDialog
        };
    

    Customizing the ACL Graphs

    The VAL ACL system uses a set of named graphs to store rules, groups, and restrictions. By default, VAL uses one graph for each combination of application realm and ACL resource type. It uses the default hostname (HOST in the example below) of the Virtuoso instance.

    Example: The default graph which stores the rules in the default realm is the following:
    http://HOST/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm
    

    On firsts usage of the API to create a rule, group, or restriction this graph will be created and made private. It will then be stored in the VAL configuration using the oplacl:hasRuleDocument property:


    { oplacl:DefaultRealm  oplacl:hasRuleDocument  <http://HOST/acl/graph/rules/http%3A%2F%2Fwww.openlinksw.com%2Fontology%2Facl%23DefaultRealm> }
    

    It is possible to customize these graphs (ideally before the API creates them) which might be desireable for manual ACL resource creation via SPARQL Insert. Since VAL will honor the setting above one can simply add the required triples into the VAL config graph.

    Example: Given that one wants to change the rule, group, and restriction graphs for the default application realm, the following will do:
    SPARQL
    PREFIX  oplacl:  <http://www.openlinksw.com/ontology/acl#>
    PREFIX  oplres:  <http://www.openlinksw.com/ontology/restrictions#>
    WITH <urn:virtuoso:val:config>
      INSERT
        {
          oplacl:DefaultRealm         oplacl:hasRuleDocument  <urn:acl:rules> ;
                                     oplacl:hasGroupDocument  <urn:acl:groups> ;
                               oplres:hasRestrictionDocument  <urn:acl:restrictions> .
        };
    

    VAL will honor these settings, and store and read all rules, groups, and restrictions from the configured graphs.

    Warnings:

    • Be aware that VAL does not automatically migrate rules, groups, and restrictions between graphs. This means that changing the graph identifiers will disable existing rules, groups, and restrictions.

    • It is highly recommended that these graphs be made and kept private:

      DB.DBA.RDF_GRAPH_GROUP_INS ( 'http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs', 'urn:acl:rules' ); DB.DBA.RDF_GRAPH_GROUP_INS ( 'http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs', 'urn:acl:groups' ); DB.DBA.RDF_GRAPH_GROUP_INS ( 'http://www.openlinksw.com/schemas/virtrdf#PrivateGraphs', 'urn:acl:restrictions' );

    Customizing the Page Footers

    VAL's own /sparql integration allows to set a custom page footer. This can be used to for example show social sharing controls via Javascript commands. Each endpoint has its own configuration. The following example shows how the main /sparql endpoint of http://my.openlinksw.com can be enhanced with social sharing controls:


    SPARQL
    PREFIX  oplcfg:  <http://www.openlinksw.com/ontology/configuration#>
    WITH <urn:virtuoso:val:config>
      INSERT 
        {
          <http://my.openlinksw.com/sparql>  oplcfg:hasFooter  [
                                                                                   a  oplcfg:HtmlSnippet ;
                                                                  oplcfg:hasHtmlBody  """<script type="text/javascript" src="http://s7.addthis.com/js/300/addthis_widget.js">
                                                                                         </script>
                                                                                         <script type="text/javascript">
                                                                                           addthis.layers({
                                                                                             'theme' : 'transparent',
                                                                                             'share' : {
                                                                                               'position' : 'right',
                                                                                               'services' : 'google,linkedin,twitter,facebook,more'
                                                                                             }
                                                                                           });
                                                                                         </script>
                                                                                      """
                                                                ] 
        }