%META:TOPICPARENT{name="VirtSPARQLEndpointProtection"}%
---+ Securing your SPARQL Endpoint via OAuth
SPARQL endpoints are easy for random visitors to accidentally overload. Virtuoso allows you to secure your SPARQL endpoint against such abuses in various ways, including OAuth.
---++Sample scenario
The following sample scenario demonstrates the OAuth keys and Protected SPARQL Endpoint features of the Virtuoso Auth UI:
1. Download and install the conductor_dav.vad
and ods_framework_dav.vad (commercial)
or ods_framework_dav.vad (open source)
packages.
1. Go to http://<cname>:<port>/conductor
,
where <cname>:<port>
are replaced by your local server values.
1. Log in as user "dba
" or another user with DBA privileges
1. Go to System Admin-> User Accounts:
%BR%%BR%%BR%%BR%
1 Click "Create New Account":
%BR%%BR%%BR%%BR%
1 In the presented form enter respectively:
* Account name, for ex:demo1
; enter password and then confirm it;
* User type: SQL/ODBC and WebDAV
* Account role: SPARQL_UPDATE
%BR%%BR%%BR%%BR%
1 Click "Save".
1 The created user should be shown in the list of registered users:
%BR%%BR%%BR%%BR%
1. Go to http://<cname>:<port>/oauth/
,
where <cname>:<port>
are replaced by your local server values.
%BR%%BR%%BR%%BR%
1. Click the "OAuth Keys" link:
%BR%%BR%%BR%%BR%
1. Log in as user demo1
:
%BR%%BR%%BR%%BR%
1. The OAuth application registration form will be shown.
%BR%%BR%%BR%%BR%
1. Select SPARQL from the "Application name" list, and click the "Generate Keys" button.
1. A Consumer Key for SPARQL will be generated:
90baa79108b1d972525bacc76c0279c02d6421e8
%BR%%BR%%BR%%BR%
1. Click the "Back to main menu" link.
%BR%%BR%%BR%%BR%
1. Click the "Protected SPARQL Endpoint" link.
1. The OpenLink Virtuoso SPARQL Query form will be shown:
%BR%%BR%%BR%%BR%
%BR%%BR%%BR%%BR%
1. Enter a simple query, for ex:
SELECT *
WHERE
{
?s ?p ?o
}
LIMIT 10
1. For "OAuth token", enter the Consumer Key value which was generated above, i.e.,
90baa79108b1d972525bacc76c0279c02d6421e8
%BR%%BR%%BR%%BR%
1. Click the "Run Query" button.
1. In the OAuth Authorization Service form, enter the password for user demo1 and click the "Login" button.
%BR%%BR%%BR%%BR%
1. Next you should authorize the request:
%BR%%BR%%BR%%BR%
1. On successful authentication and authorization, the query results should be shown:
%BR%%BR%%BR%%BR%
---++Related
* [[VirtSPARQLEndpointProtection][Safeguarding your Virtuoso-hosted SPARQL Endpoint]]
* [[VirtTipsAndTricksGuideSPARQLEndpointProtection][SPARQL Endpoint Protection Methods Collection]]
* [[http://docs.openlinksw.com/virtuoso/][Virtuoso documentation]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#rdfsupportedprotocolendpoint][SPARQL Service Endpoint]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#rdfsupportedprotocolendpointuri][Service Endpoint Security]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#sparqwebservicetbl][Managing a SPARQL Web Service Endpoint]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html][SPARQL]]
* [[VirtTipsAndTricksGuide][Virtuoso Tips and Tricks Collection]]
* [[VirtSPARQLDET][SPARQL Endpoint DET Configuration Guide]]
* [[VirtSPARQLSecurityWebID][WebID Protocol & SPARQL Endpoint ACLs Tutorial]]
* [[VirtTipsAndTricksGuideSPARQLEndpoints][Securing SPARQL endpoints]]
* [[http://ods.openlinksw.com/wiki/ODS/OdsSPARQLAuth][SPARUL over SPARQL using the http://cname:port/sparql-auth endpoint]]
* [[VirtAuthServerUI][Virtuoso Authentication Server UI]]
* [[VirtSPARQLSSL][Manage a SPARQL-WebID based Endpoint]]
* [[VirtSetupSSL][Configure Virtuoso instance as an X.509 Certificate Authority and HTTPS listener]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSSetupSSL][Configure Virtuoso+ODS instance as an X.509 Certificate Authority and HTTPS listener]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtODSSecurityWebID][WebID Protocol Support in OpenLink Data Spaces]].
* Manage ODS Datadspaces Objects WebID Access Control Lists (ACLs):
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebID][ODS Briefcase WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebIDPerson][Person Entity WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebIDGroup][Group Entity WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebIDPublic][Public WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSFeedManagerWebIDACL][ODS Feed Manager WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSFeedManagerWebIDACLPerson][Person Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSFeedManagerWebIDACLGroup][Group Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSFeedManagerWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSCalendarWebIDACL][ODS Calendar WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSCalendarWebIDACLPerson][Person Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSCalendarWebIDACLGroup][Group Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSCalendarWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBookmarksWebIDACL][ODS Bookmark Manager WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBookmarksWebIDACLPerson][Person Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBookmarksWebIDACLGroup][Group Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBookmarksWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSAddressBookWebIDACL][ODS Addressbook WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSAddressBookWebIDACLPerson][Person Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSAddressBookWebIDACLGroup][Group Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSAddressBookWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSPkiSetup][Guide for Set up a X.509 certificate issuer and HTTPS listener and generate ODS user certificates.]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtODSPubSubHub][Setting up PubSubHub in ODS]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtPubSubHub][PubSubHubBub Demo Client Example]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtFeedPubSubHub][Feed subscription via PubSubHub protocol Example ]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtPubSubHubACL][Setting Up PubSubHub to use WebID Protocol or IP based control lists]]
* [[http://ods.openlinksw.com/wiki/ODS/OdsKeyImport][CA Keys Import using Conductor]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSGenerateX509Certificate][Generate an X.509 Certificate hosted WebID Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSGenerateWebIDX509CertOSKeystore][Generate an X.509 Certificate (with a WebID watermark) to be managed by host operating system keystore]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSGenerateWebIDX509CertBrsKeystore][Generate an X.509 Certificate (with a WebID watermark) to be managed by a browser-based keystore]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSWebIDIdP][Using Virtuoso's WebID Verification Proxy Service with a WebID-bearing X.509 certificate]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSWebIDIdpProxy][Using Virtuoso's WebID Identity Provider (IdP) Proxy Service with an X.509 certificate]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebIDShareFile][ODS Briefcase WebID Protocol Share File Guide]]
* [[http://esw.w3.org/topic/foaf+ssl][WebID Protocol Specification]]
* [[https://foaf.me/simpleLogin.php][Test WebID Protocol Certificate page]]
* [[http://test.foafssl.org/cert/][WebID Protocol Certificate Generation page]]
* [[http://oauth.net/core/1.0/][OAuth API]]
CategoryVirtuoso CategoryHowTo CategorySPARQL CategoryOAuth CategoryFOAFSSL CategoryDocumentation CategoryTutorial