Google Git
Sign in
apache / jena-site / 3419dda018a02842cc341be6ee7dc077a1276cda / . / content / documentation / permissions / assembler.html
blob: c1eec4078740b5e4fbd78864d671c7a54d953a58 [file] [log] [blame]
<!DOCTYPE html>
<html lang="en">
<head>
<title>Apache Jena - Jena Permissions - Assembler for a Secured Model</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="/css/bootstrap.min.css" rel="stylesheet" media="screen">
<link href="/css/bootstrap-extension.css" rel="stylesheet" type="text/css">
<link href="/css/jena.css" rel="stylesheet" type="text/css">
<link rel="shortcut icon" href="/images/favicon.ico" />
<script src="https://code.jquery.com/jquery-2.2.4.min.js"
integrity="sha256-BbhdlvQf/xTY9gja0Dq3HiwQF8LaCRTXxZKRutelT44="
crossorigin="anonymous"></script>
<script src="/js/jena-navigation.js" type="text/javascript"></script>
<script src="/js/bootstrap.min.js" type="text/javascript"></script>
<script src="/js/improve.js" type="text/javascript"></script>
</head>
<body>
<nav class="navbar navbar-default" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-ex1-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="/index.html">
<img class="logo-menu" src="/images/jena-logo/jena-logo-notext-small.png" alt="jena logo">Apache Jena</a>
</div>
<div class="collapse navbar-collapse navbar-ex1-collapse">
<ul class="nav navbar-nav">
<li id="homepage"><a href="/index.html"><span class="glyphicon glyphicon-home"></span> Home</a></li>
<li id="download"><a href="/download/index.cgi"><span class="glyphicon glyphicon-download-alt"></span> Download</a></li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-book"></span> Learn <b class="caret"></b></a>
<ul class="dropdown-menu">
<li class="dropdown-header">Tutorials</li>
<li><a href="/tutorials/index.html">Overview</a></li>
<li><a href="/documentation/fuseki2/index.html">Fuseki Triplestore</a></li>
<li><a href="/documentation/notes/index.html">How-To's</a></li>
<li><a href="/documentation/query/manipulating_sparql_using_arq.html">Manipulating SPARQL using ARQ</a></li>
<li><a href="/tutorials/rdf_api.html">RDF core API tutorial</a></li>
<li><a href="/tutorials/sparql.html">SPARQL tutorial</a></li>
<li><a href="/tutorials/using_jena_with_eclipse.html">Using Jena with Eclipse</a></li>
<li class="divider"></li>
<li class="dropdown-header">References</li>
<li><a href="/documentation/index.html">Overview</a></li>
<li><a href="/documentation/query/index.html">ARQ (SPARQL)</a></li>
<li><a href="/documentation/assembler/index.html">Assembler</a></li>
<li><a href="/documentation/tools/index.html">Command-line tools</a></li>
<li><a href="/documentation/rdfs/">Data with RDFS Inferencing</a></li>
<li><a href="/documentation/geosparql/index.html">GeoSPARQL</a></li>
<li><a href="/documentation/inference/index.html">Inference API</a></li>
<li><a href="/documentation/javadoc.html">Javadoc</a></li>
<li><a href="/documentation/ontology/">Ontology API</a></li>
<li><a href="/documentation/permissions/index.html">Permissions</a></li>
<li><a href="/documentation/extras/querybuilder/index.html">Query Builder</a></li>
<li><a href="/documentation/rdf/index.html">RDF API</a></li>
<li><a href="/documentation/rdfconnection/">RDF Connection - SPARQL API</a></li>
<li><a href="/documentation/io/">RDF I/O</a></li>
<li><a href="/documentation/rdfstar/index.html">RDF-star</a></li>
<li><a href="/documentation/shacl/index.html">SHACL</a></li>
<li><a href="/documentation/shex/index.html">ShEx</a></li>
<li><a href="/documentation/jdbc/index.html">SPARQL over JDBC</a></li>
<li><a href="/documentation/tdb/index.html">TDB</a></li>
<li><a href="/documentation/tdb2/index.html">TDB2</a></li>
<li><a href="/documentation/query/text-query.html">Text Search</a></li>
</ul>
</li>
<li class="drop down">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-book"></span> Javadoc <b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="/documentation/javadoc.html">All Javadoc</a></li>
<li><a href="/documentation/javadoc/arq/">ARQ</a></li>
<li><a href="/documentation/javadoc_elephas.html">Elephas</a></li>
<li><a href="/documentation/javadoc/fuseki2/">Fuseki</a></li>
<li><a href="/documentation/javadoc/geosparql/">GeoSPARQL</a></li>
<li><a href="/documentation/javadoc/jdbc/">JDBC</a></li>
<li><a href="/documentation/javadoc/jena/">Jena Core</a></li>
<li><a href="/documentation/javadoc/permissions/">Permissions</a></li>
<li><a href="/documentation/javadoc/extras/querybuilder/">Query Builder</a></li>
<li><a href="/documentation/javadoc/shacl/">SHACL</a></li>
<li><a href="/documentation/javadoc/tdb/">TDB</a></li>
<li><a href="/documentation/javadoc/text/">Text Search</a></li>
</ul>
</li>
<li id="ask"><a href="/help_and_support/index.html"><span class="glyphicon glyphicon-question-sign"></span> Ask</a></li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-bullhorn"></span> Get involved <b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="/getting_involved/index.html">Contribute</a></li>
<li><a href="/help_and_support/bugs_and_suggestions.html">Report a bug</a></li>
<li class="divider"></li>
<li class="dropdown-header">Project</li>
<li><a href="/about_jena/about.html">About Jena</a></li>
<li><a href="/about_jena/architecture.html">Architecture</a></li>
<li><a href="/about_jena/citing.html">Citing</a></li>
<li><a href="/about_jena/team.html">Project team</a></li>
<li><a href="/about_jena/contributions.html">Related projects</a></li>
<li><a href="/about_jena/roadmap.html">Roadmap</a></li>
<li class="divider"></li>
<li class="dropdown-header">ASF</li>
<li><a href="http://www.apache.org/">Apache Software Foundation</a></li>
<li><a href="http://www.apache.org/foundation/sponsorship.html">Become a Sponsor</a></li>
<li><a href="http://www.apache.org/licenses/LICENSE-2.0">License</a></li>
<li><a href="http://www.apache.org/security/">Security</a></li>
<li><a href="http://www.apache.org/foundation/thanks.html">Thanks</a></li>
</ul>
</li>
<li id="edit"><a href="https://github.com/apache/jena-site/edit/main/source/documentation/permissions/assembler.md" title="Edit this page on GitHub"><span class="glyphicon glyphicon-pencil"></span> Edit this page</a></li>
</ul>
</div>
</div>
</nav>
<div class="container">
<div class="row">
<div class="col-md-12">
<div id="breadcrumbs">
<ol class="breadcrumb">
<li><a href='/documentation'>DOCUMENTATION</a></li>
<li><a href='/documentation/permissions'>PERMISSIONS</a></li>
<li class="active">ASSEMBLER</li>
</ol>
</div>
<h1 class="title">Jena Permissions - Assembler for a Secured Model</h1>
<p>Jena Permissions provides a standard Jena assembler making it easy to use the <code>SecuredModel</code> in an Assembler based environment. To use the permissions assembler the assembler file must contain the lines:</p>
<pre><code>[] ja:loadClass &quot;org.apache.jena.permissions.SecuredAssembler&quot; .
sec:Model rdfs:subClassOf ja:NamedModel .
</code></pre>
<p>The secured assembler provides XXXXXXXXXXXx properties for the assembler files.</p>
<p>Assuming we define:</p>
<pre><code> @prefix sec: &lt;http://apache.org/jena/permissions/Assembler#&gt; .
</code></pre>
<p>Then the following resources are defined:</p>
<ul>
<li>
<p><code>sec:Model</code> - A secured model. One against which the security evaluator is running access checks. All sec:Model instances must have a ja:ModelName to identify it to the <code>SecurityEvaluator</code></p>
</li>
<li>
<p><code>sec:Evaluator</code> - An instance of <code>SecurityEvaluator</code>.</p>
</li>
</ul>
<p>The following are properties are also defined:</p>
<ul>
<li>
<p><code>sec:evaluatorFactory</code> - Identifies the class name of a factory class that implements a no-argument <code>getInstance()</code> method that returns an instance of <code>SecurityEvaluator</code>.</p>
</li>
<li>
<p><code>sec:baseModel</code> - Identifies the ja:Model that is to have permissions applied to it.</p>
</li>
<li>
<p><code>sec:evaluatorImpl</code> - Identifies an instance of <code>SecurityEvaluator</code>.</p>
</li>
<li>
<p><code>sec:evaluatorClass</code> - Identifies a class that implements <code>SecurityEvaluator</code></p>
</li>
<li>
<p><code>sec:args</code> - Identifies arguments to the sec:evaluatorClass constructor.</p>
</li>
</ul>
<p>The secured assembler provides two (2) mechanisms to create a secured graph. The first is to use a <code>SecurityEvaluator</code> factory.</p>
<pre><code>my:securedModel rdf:type sec:Model ;
sec:baseModel my:baseModel ;
ja:modelName &quot;https://example.org/securedBaseModel&quot; ;
sec:evaluatorFactory &quot;the.evaluator.factory.class.name&quot; .
</code></pre>
<p>In the above example static method <code>getInstance()</code> is called on the.evaluator.factory.class.name and the result is used as the SecurityEvaluator. This is used to create a secured model (<code>my:securedModel</code>) that wraps the model <code>my:baseModel</code> and identifies itself to the <code>SecurityEvaluator</code> with the URI <code>&quot;https://example.org/securedBaseModel&quot;</code>.</p>
<p>The second mechanism is to use the <code>sec:Evaluator</code> method.</p>
<pre><code>my:secEvaluator rdf:type sec:Evaluator ;
sec:args [
rdf:_1 my:secInfoModel ;
] ;
sec:evaluatorClass &quot;your.implementation.SecurityEvaluator&quot;
.
my:securedModel rdf:type sec:Model ;
sec:baseModel my:baseModel ;
ja:modelName &quot;https://example.org/securedBaseModel&quot; ;
sec:evaluatorImpl my:secEvaluator .
</code></pre>
<p>In the above example <code>my:secEvaluator</code> is defined as a <code>sec:Evaluator</code> implemented by the class <code>&quot;your.implementation.SecurityEvaluator&quot;</code>. When the instance is constructed the constructor with one argument is used and it is passed <code>my:secInfoModel</code> as an argument. <code>my:secInfoModel</code> may be any type supported by the assembler. If more than one argument is desired then <code>rdf:_2</code>, <code>rdf:_3</code>, <code>rdf:_4</code>, etc. may be added to the <code>sec:args</code> list. The <code>&quot;your.implementation.SecurityEvaluator&quot;</code> with the proper number of arguments will be called. It is an error to have more than one argument with the proper number of arguments.</p>
<p>After construction the value of <code>my:securedModel</code> is used to construct the <code>my:securedModel</code> instance. This has the same properties as the previous example other than that the <code>SecurityEvaluator</code> instance is different.</p>
</div>
</div>
</div>
<footer class="footer">
<div class="container" style="font-size:80%" >
<p>
Copyright &copy; 2011&ndash;2022 The Apache Software Foundation, Licensed under the
<a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.
</p>
<p>
Apache Jena, Jena, the Apache Jena project logo, Apache and the Apache feather logos are trademarks of
The Apache Software Foundation.
<br/>
<a href="https://privacy.apache.org/policies/privacy-policy-public.html"
>Apache Software Foundation Privacy Policy</a>.
</p>
</div>
</footer>
<script type="text/javascript">
var link = $('a[href="' + this.location.pathname + '"]');
if (link != undefined)
link.parents('li,ul').addClass('active');
</script>
</body>
</html>