Securing SPARQL endpoints

SPARQL endpoints are Web services, and they are capable of more than providing Read-Only access to a back-end graph DBMS.

Though commonly general-purpose, SPARQL endpoints can also be purpose-specific, and their privileges may therefore be limited to specific Create, Read, Update, and/or Delete operations.

The privileges provided by a given Virtuoso SPARQL endpoint may be based simply upon the endpoint's URL, or upon sophisticated rules which associate specific user identities with specific database roles and privileges.

Virtuoso offers three methods for securing SPARQL endpoints:

By default, Virtuoso has several purpose-specific SPARQL endpoints, associated with these authentication methods along the following lines --

Endpoint Endpoint URL Convention More information... Notes
Basic default http://<cname>[:<port>]/sparql Virtuoso SPARQL Web Service Endpoint documentation.
SPARQL Digest
(Digest Authentication via SQL Accounts)
http://<cname>[:<port>]/sparql-auth Demonstration of setting user privileges to interact with OAuth Protected SPARQL Endpoint
SPARQL OAuth http://<cname>[:<port>]/sparql-oauth Demonstration of the OAuth keys and Protected SPARQL Endpoint features of the Virtuoso OAuth UI
SPARQL WebID? https://<cname>[:<port>]/sparql
and
https://<cname>[:<port>]/sparql-webid
Demonstration of setting WebID Protocol ACLs using the Virtuoso Authentication Server UI
SPARQL Graph Store Protocol http://<cname>[:<port>]/sparql-graph-crud Virtuoso SPARQL Authentication documentation. Primarily intended to serve requests from applications, rather than human interactions via browser.
Digest Authentication http://<cname>[:<port>]/sparql-graph-crud-auth Virtuoso SPARQL Authentication documentation. Primarily intended to serve requests from applications, rather than human interactions via browser.

We also have step-by-step guides to walk you through the process of setting up your own SPARQL endpoint(s) for --

Related

CategoryVirtuoso CategoryHowTo CategorySPARQL CategoryOAuth CategoryFOAFSSL CategoryDocumentation CategoryTutorial