| <!DOCTYPE html> |
| <html lang="en"> |
| <head> |
| |
| |
| <title>Apache Jena - Jena Permissions - Assembler for a Secured Model</title> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <meta name="viewport" content="width=device-width, initial-scale=1.0"> |
| |
| <link href="/css/bootstrap.min.css" rel="stylesheet" media="screen"> |
| <link href="/css/bootstrap-extension.css" rel="stylesheet" type="text/css"> |
| <link href="/css/jena.css" rel="stylesheet" type="text/css"> |
| <link rel="shortcut icon" href="/images/favicon.ico" /> |
| |
| <script src="https://code.jquery.com/jquery-2.2.4.min.js" |
| integrity="sha256-BbhdlvQf/xTY9gja0Dq3HiwQF8LaCRTXxZKRutelT44=" |
| crossorigin="anonymous"></script> |
| <script src="/js/jena-navigation.js" type="text/javascript"></script> |
| <script src="/js/bootstrap.min.js" type="text/javascript"></script> |
| |
| <script src="/js/improve.js" type="text/javascript"></script> |
| |
| |
| </head> |
| |
| <body> |
| |
| <nav class="navbar navbar-default" role="navigation"> |
| <div class="container"> |
| <div class="navbar-header"> |
| <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-ex1-collapse"> |
| <span class="icon-bar"></span> |
| <span class="icon-bar"></span> |
| <span class="icon-bar"></span> |
| </button> |
| <a class="navbar-brand" href="/index.html"> |
| <img class="logo-menu" src="/images/jena-logo/jena-logo-notext-small.png" alt="jena logo">Apache Jena</a> |
| </div> |
| |
| <div class="collapse navbar-collapse navbar-ex1-collapse"> |
| <ul class="nav navbar-nav"> |
| <li id="homepage"><a href="/index.html"><span class="glyphicon glyphicon-home"></span> Home</a></li> |
| <li id="download"><a href="/download/index.cgi"><span class="glyphicon glyphicon-download-alt"></span> Download</a></li> |
| <li class="dropdown"> |
| <a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-book"></span> Learn <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li class="dropdown-header">Tutorials</li> |
| <li><a href="/tutorials/index.html">Overview</a></li> |
| <li><a href="/documentation/fuseki2/index.html">Fuseki Triplestore</a></li> |
| <li><a href="/documentation/notes/index.html">How-To's</a></li> |
| <li><a href="/documentation/query/manipulating_sparql_using_arq.html">Manipulating SPARQL using ARQ</a></li> |
| <li><a href="/tutorials/rdf_api.html">RDF core API tutorial</a></li> |
| <li><a href="/tutorials/sparql.html">SPARQL tutorial</a></li> |
| <li><a href="/tutorials/using_jena_with_eclipse.html">Using Jena with Eclipse</a></li> |
| <li class="divider"></li> |
| <li class="dropdown-header">References</li> |
| <li><a href="/documentation/index.html">Overview</a></li> |
| <li><a href="/documentation/query/index.html">ARQ (SPARQL)</a></li> |
| <li><a href="/documentation/assembler/index.html">Assembler</a></li> |
| <li><a href="/documentation/tools/index.html">Command-line tools</a></li> |
| <li><a href="/documentation/rdfs/">Data with RDFS Inferencing</a></li> |
| <li><a href="/documentation/geosparql/index.html">GeoSPARQL</a></li> |
| <li><a href="/documentation/inference/index.html">Inference API</a></li> |
| <li><a href="/documentation/javadoc.html">Javadoc</a></li> |
| <li><a href="/documentation/ontology/">Ontology API</a></li> |
| <li><a href="/documentation/permissions/index.html">Permissions</a></li> |
| <li><a href="/documentation/extras/querybuilder/index.html">Query Builder</a></li> |
| <li><a href="/documentation/rdf/index.html">RDF API</a></li> |
| <li><a href="/documentation/rdfconnection/">RDF Connection - SPARQL API</a></li> |
| <li><a href="/documentation/io/">RDF I/O</a></li> |
| <li><a href="/documentation/rdfstar/index.html">RDF-star</a></li> |
| <li><a href="/documentation/shacl/index.html">SHACL</a></li> |
| <li><a href="/documentation/shex/index.html">ShEx</a></li> |
| <li><a href="/documentation/jdbc/index.html">SPARQL over JDBC</a></li> |
| <li><a href="/documentation/tdb/index.html">TDB</a></li> |
| <li><a href="/documentation/tdb2/index.html">TDB2</a></li> |
| <li><a href="/documentation/query/text-query.html">Text Search</a></li> |
| </ul> |
| </li> |
| |
| <li class="drop down"> |
| <a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-book"></span> Javadoc <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li><a href="/documentation/javadoc.html">All Javadoc</a></li> |
| <li><a href="/documentation/javadoc/arq/">ARQ</a></li> |
| <li><a href="/documentation/javadoc_elephas.html">Elephas</a></li> |
| <li><a href="/documentation/javadoc/fuseki2/">Fuseki</a></li> |
| <li><a href="/documentation/javadoc/geosparql/">GeoSPARQL</a></li> |
| <li><a href="/documentation/javadoc/jdbc/">JDBC</a></li> |
| <li><a href="/documentation/javadoc/jena/">Jena Core</a></li> |
| <li><a href="/documentation/javadoc/permissions/">Permissions</a></li> |
| <li><a href="/documentation/javadoc/extras/querybuilder/">Query Builder</a></li> |
| <li><a href="/documentation/javadoc/shacl/">SHACL</a></li> |
| <li><a href="/documentation/javadoc/tdb/">TDB</a></li> |
| <li><a href="/documentation/javadoc/text/">Text Search</a></li> |
| </ul> |
| </li> |
| |
| <li id="ask"><a href="/help_and_support/index.html"><span class="glyphicon glyphicon-question-sign"></span> Ask</a></li> |
| |
| <li class="dropdown"> |
| <a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-bullhorn"></span> Get involved <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li><a href="/getting_involved/index.html">Contribute</a></li> |
| <li><a href="/help_and_support/bugs_and_suggestions.html">Report a bug</a></li> |
| <li class="divider"></li> |
| <li class="dropdown-header">Project</li> |
| <li><a href="/about_jena/about.html">About Jena</a></li> |
| <li><a href="/about_jena/architecture.html">Architecture</a></li> |
| <li><a href="/about_jena/citing.html">Citing</a></li> |
| <li><a href="/about_jena/team.html">Project team</a></li> |
| <li><a href="/about_jena/contributions.html">Related projects</a></li> |
| <li><a href="/about_jena/roadmap.html">Roadmap</a></li> |
| <li class="divider"></li> |
| <li class="dropdown-header">ASF</li> |
| <li><a href="http://www.apache.org/">Apache Software Foundation</a></li> |
| <li><a href="http://www.apache.org/foundation/sponsorship.html">Become a Sponsor</a></li> |
| <li><a href="http://www.apache.org/licenses/LICENSE-2.0">License</a></li> |
| <li><a href="http://www.apache.org/security/">Security</a></li> |
| <li><a href="http://www.apache.org/foundation/thanks.html">Thanks</a></li> |
| </ul> |
| </li> |
| |
| |
| |
| |
| <li id="edit"><a href="https://github.com/apache/jena-site/edit/main/source/documentation/permissions/assembler.md" title="Edit this page on GitHub"><span class="glyphicon glyphicon-pencil"></span> Edit this page</a></li> |
| </ul> |
| </div> |
| </div> |
| </nav> |
| |
| |
| <div class="container"> |
| <div class="row"> |
| <div class="col-md-12"> |
| <div id="breadcrumbs"> |
| |
|
|
|
|
|
|
|
|
|
|
|
|
| <ol class="breadcrumb">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| <li><a href='/documentation'>DOCUMENTATION</a></li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| <li><a href='/documentation/permissions'>PERMISSIONS</a></li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| <li class="active">ASSEMBLER</li>
|
|
|
|
|
|
|
|
|
| </ol>
|
|
|
|
|
|
|
| |
| |
| </div> |
| <h1 class="title">Jena Permissions - Assembler for a Secured Model</h1> |
| |
| <p>Jena Permissions provides a standard Jena assembler making it easy to use the <code>SecuredModel</code> in an Assembler based environment. To use the permissions assembler the assembler file must contain the lines:</p> |
| <pre><code>[] ja:loadClass "org.apache.jena.permissions.SecuredAssembler" . |
| sec:Model rdfs:subClassOf ja:NamedModel . |
| </code></pre> |
| <p>The secured assembler provides XXXXXXXXXXXx properties for the assembler files.</p> |
| <p>Assuming we define:</p> |
| <pre><code> @prefix sec: <http://apache.org/jena/permissions/Assembler#> . |
| </code></pre> |
| <p>Then the following resources are defined:</p> |
| <ul> |
| <li> |
| <p><code>sec:Model</code> - A secured model. One against which the security evaluator is running access checks. All sec:Model instances must have a ja:ModelName to identify it to the <code>SecurityEvaluator</code></p> |
| </li> |
| <li> |
| <p><code>sec:Evaluator</code> - An instance of <code>SecurityEvaluator</code>.</p> |
| </li> |
| </ul> |
| <p>The following are properties are also defined:</p> |
| <ul> |
| <li> |
| <p><code>sec:evaluatorFactory</code> - Identifies the class name of a factory class that implements a no-argument <code>getInstance()</code> method that returns an instance of <code>SecurityEvaluator</code>.</p> |
| </li> |
| <li> |
| <p><code>sec:baseModel</code> - Identifies the ja:Model that is to have permissions applied to it.</p> |
| </li> |
| <li> |
| <p><code>sec:evaluatorImpl</code> - Identifies an instance of <code>SecurityEvaluator</code>.</p> |
| </li> |
| <li> |
| <p><code>sec:evaluatorClass</code> - Identifies a class that implements <code>SecurityEvaluator</code></p> |
| </li> |
| <li> |
| <p><code>sec:args</code> - Identifies arguments to the sec:evaluatorClass constructor.</p> |
| </li> |
| </ul> |
| <p>The secured assembler provides two (2) mechanisms to create a secured graph. The first is to use a <code>SecurityEvaluator</code> factory.</p> |
| <pre><code>my:securedModel rdf:type sec:Model ; |
| sec:baseModel my:baseModel ; |
| ja:modelName "https://example.org/securedBaseModel" ; |
| sec:evaluatorFactory "the.evaluator.factory.class.name" . |
| </code></pre> |
| <p>In the above example static method <code>getInstance()</code> is called on the.evaluator.factory.class.name and the result is used as the SecurityEvaluator. This is used to create a secured model (<code>my:securedModel</code>) that wraps the model <code>my:baseModel</code> and identifies itself to the <code>SecurityEvaluator</code> with the URI <code>"https://example.org/securedBaseModel"</code>.</p> |
| <p>The second mechanism is to use the <code>sec:Evaluator</code> method.</p> |
| <pre><code>my:secEvaluator rdf:type sec:Evaluator ; |
| sec:args [ |
| rdf:_1 my:secInfoModel ; |
| ] ; |
| sec:evaluatorClass "your.implementation.SecurityEvaluator" |
| . |
| |
| my:securedModel rdf:type sec:Model ; |
| sec:baseModel my:baseModel ; |
| ja:modelName "https://example.org/securedBaseModel" ; |
| sec:evaluatorImpl my:secEvaluator . |
| </code></pre> |
| <p>In the above example <code>my:secEvaluator</code> is defined as a <code>sec:Evaluator</code> implemented by the class <code>"your.implementation.SecurityEvaluator"</code>. When the instance is constructed the constructor with one argument is used and it is passed <code>my:secInfoModel</code> as an argument. <code>my:secInfoModel</code> may be any type supported by the assembler. If more than one argument is desired then <code>rdf:_2</code>, <code>rdf:_3</code>, <code>rdf:_4</code>, etc. may be added to the <code>sec:args</code> list. The <code>"your.implementation.SecurityEvaluator"</code> with the proper number of arguments will be called. It is an error to have more than one argument with the proper number of arguments.</p> |
| <p>After construction the value of <code>my:securedModel</code> is used to construct the <code>my:securedModel</code> instance. This has the same properties as the previous example other than that the <code>SecurityEvaluator</code> instance is different.</p> |
| |
| |
| </div> |
| </div> |
| |
| </div> |
| |
| <footer class="footer"> |
| <div class="container" style="font-size:80%" > |
| <p> |
| Copyright © 2011–2022 The Apache Software Foundation, Licensed under the |
| <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>. |
| </p> |
| <p> |
| Apache Jena, Jena, the Apache Jena project logo, Apache and the Apache feather logos are trademarks of |
| The Apache Software Foundation. |
| <br/> |
| <a href="https://privacy.apache.org/policies/privacy-policy-public.html" |
| >Apache Software Foundation Privacy Policy</a>. |
| </p> |
| </div> |
| </footer> |
| |
| |
| <script type="text/javascript"> |
| var link = $('a[href="' + this.location.pathname + '"]'); |
| if (link != undefined) |
| link.parents('li,ul').addClass('active'); |
| </script> |
| |
| </body> |
| </html> |