| <!DOCTYPE html> |
| <html lang="en"> |
| <head> |
| |
| |
| <title>Apache Jena - HTTP Authentication</title> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <meta name="viewport" content="width=device-width, initial-scale=1.0"> |
| |
| <link href="/css/bootstrap.min.css" rel="stylesheet" media="screen"> |
| <link href="/css/bootstrap-icons.css" rel="stylesheet" media="screen"><link rel="stylesheet" type="text/css" href="https://jena.apache.org/sass/jena.1b17c39a117e22b46db4c66f6395dc27c134a60377d87d2d5745b8600eb69722.css" integrity="sha256-GxfDmhF+IrRttMZvY5XcJ8E0pgN32H0tV0W4YA62lyI="> |
| <link rel="shortcut icon" href="/images/favicon.ico" /> |
| |
| </head> |
| |
| <body> |
| |
| <nav class="navbar navbar-expand-lg bg-body-tertiary" role="navigation"> |
| <div class="container"> |
| <div class="navbar-header"> |
| <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation"> |
| <span class="navbar-toggler-icon"></span> |
| </button> |
| <a class="navbar-brand" href="/index.html"> |
| <img class="logo-menu" src="/images/jena-logo/jena-logo-notext-small.png" alt="jena logo">Apache Jena</a> |
| </div> |
| |
| <div class="collapse navbar-collapse" id="navbarNav"> |
| <ul class="navbar-nav me-auto mb-2 mb-lg-0"> |
| <li id="homepage" class="nav-item"><a class="nav-link" href="/index.html"><span class="bi-house"></span> Home</a></li> |
| <li id="download" class="nav-item"><a class="nav-link" href="/download/index.cgi"><span class="bi-download"></span> Download</a></li> |
| <li class="nav-item dropdown"> |
| <a href="#" class="nav-link dropdown-toggle" role="button" data-bs-toggle="dropdown" aria-expanded="false"><span class="bi-journal"></span> Learn <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li class="dropdown-header">Tutorials</li> |
| <li><a class="dropdown-item" href="/tutorials/index.html">Overview</a></li> |
| <li><a class="dropdown-item" href="/documentation/fuseki2/index.html">Fuseki Triplestore</a></li> |
| <li><a class="dropdown-item" href="/documentation/notes/index.html">How-To's</a></li> |
| <li><a class="dropdown-item" href="/documentation/query/manipulating_sparql_using_arq.html">Manipulating SPARQL using ARQ</a></li> |
| <li><a class="dropdown-item" href="/tutorials/rdf_api.html">RDF core API tutorial</a></li> |
| <li><a class="dropdown-item" href="/tutorials/sparql.html">SPARQL tutorial</a></li> |
| <li><a class="dropdown-item" href="/tutorials/using_jena_with_eclipse.html">Using Jena with Eclipse</a></li> |
| <li class="dropdown-divider"></li> |
| <li class="dropdown-header">References</li> |
| <li><a class="dropdown-item" href="/documentation/index.html">Overview</a></li> |
| <li><a class="dropdown-item" href="/documentation/query/index.html">ARQ (SPARQL)</a></li> |
| <li><a class="dropdown-item" href="/documentation/io/">RDF I/O</a></li> |
| <li><a class="dropdown-item" href="/documentation/assembler/index.html">Assembler</a></li> |
| <li><a class="dropdown-item" href="/documentation/tools/index.html">Command-line tools</a></li> |
| <li><a class="dropdown-item" href="/documentation/rdfs/">Data with RDFS Inferencing</a></li> |
| <li><a class="dropdown-item" href="/documentation/geosparql/index.html">GeoSPARQL</a></li> |
| <li><a class="dropdown-item" href="/documentation/inference/index.html">Inference API</a></li> |
| <li><a class="dropdown-item" href="/documentation/ontology/">Ontology API</a></li> |
| <li><a class="dropdown-item" href="/documentation/permissions/index.html">Permissions</a></li> |
| <li><a class="dropdown-item" href="/documentation/extras/querybuilder/index.html">Query Builder</a></li> |
| <li><a class="dropdown-item" href="/documentation/rdf/index.html">RDF API</a></li> |
| <li><a class="dropdown-item" href="/documentation/rdfconnection/">RDF Connection - SPARQL API</a></li> |
| <li><a class="dropdown-item" href="/documentation/rdfstar/index.html">RDF-star</a></li> |
| <li><a class="dropdown-item" href="/documentation/shacl/index.html">SHACL</a></li> |
| <li><a class="dropdown-item" href="/documentation/shex/index.html">ShEx</a></li> |
| <li><a class="dropdown-item" href="/documentation/tdb/index.html">TDB</a></li> |
| <li><a class="dropdown-item" href="/documentation/tdb2/index.html">TDB2</a></li> |
| <li><a class="dropdown-item" href="/documentation/query/text-query.html">Text Search</a></li> |
| </ul> |
| </li> |
| |
| <li class="nav-item dropdown"> |
| <a href="#" class="nav-link dropdown-toggle" role="button" data-bs-toggle="dropdown" aria-expanded="false"><span class="bi-journal-code"></span> Javadoc <b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li><a class="dropdown-item" href="/documentation/javadoc.html">All Javadoc</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/arq/">ARQ</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/fuseki2/">Fuseki</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/geosparql/">GeoSPARQL</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/jena/">Jena Core</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/permissions/">Permissions</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/extras/querybuilder/">Query Builder</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/shacl/">SHACL</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/tdb/">TDB</a></li> |
| <li><a class="dropdown-item" href="/documentation/javadoc/text/">Text Search</a></li> |
| </ul> |
| </li> |
| </ul> |
| <form class="d-flex" role="search" action="/search" method="GET"> |
| <div class="input-group"> |
| <input class="form-control border-end-0 border m-0" type="search" name="q" id="search-query" placeholder="Search...." aria-label="Search" style="width: 10rem;"> |
| <button class="btn btn-outline-secondary border-start-0 border" type="submit"> |
| <i class="bi-search"></i> |
| </button> |
| </div> |
| </form> |
| <ul class="navbar-nav"> |
| <li id="ask" class="nav-item"><a class="nav-link" href="/help_and_support/index.html" title="Ask"><span class="bi-patch-question"></span><span class="text-body d-none d-xxl-inline"> Ask</span></a></li> |
| |
| <li class="nav-item dropdown"> |
| <a href="#" title="Get involved" class="nav-link dropdown-toggle" role="button" data-bs-toggle="dropdown" aria-expanded="false"><span class="bi-megaphone"></span><span class="text-body d-none d-xxl-inline"> Get involved </span><b class="caret"></b></a> |
| <ul class="dropdown-menu"> |
| <li><a class="dropdown-item" href="/getting_involved/index.html">Contribute</a></li> |
| <li><a class="dropdown-item" href="/help_and_support/bugs_and_suggestions.html">Report a bug</a></li> |
| <li class="dropdown-divider"></li> |
| <li class="dropdown-header">Project</li> |
| <li><a class="dropdown-item" href="/about_jena/about.html">About Jena</a></li> |
| <li><a class="dropdown-item" href="/about_jena/architecture.html">Architecture</a></li> |
| <li><a class="dropdown-item" href="/about_jena/citing.html">Citing</a></li> |
| <li><a class="dropdown-item" href="/about_jena/team.html">Project team</a></li> |
| <li><a class="dropdown-item" href="/about_jena/contributions.html">Related projects</a></li> |
| <li><a class="dropdown-item" href="/about_jena/roadmap.html">Roadmap</a></li> |
| <li><a class="dropdown-item" href="/about_jena/security-advisories.html">Security Advisories</a></li> |
| <li class="dropdown-divider"></li> |
| <li class="dropdown-header">ASF</li> |
| <li><a class="dropdown-item" href="https://www.apache.org/">Apache Software Foundation</a></li> |
| <li><a class="dropdown-item" href="https://www.apache.org/foundation/sponsorship.html">Become a Sponsor</a></li> |
| <li><a class="dropdown-item" href="https://www.apache.org/licenses/LICENSE-2.0">License</a></li> |
| <li><a class="dropdown-item" href="https://www.apache.org/security/">Security</a></li> |
| <li><a class="dropdown-item" href="https://www.apache.org/foundation/thanks.html">Thanks</a></li> |
| </ul> |
| </li> |
| |
| |
| |
| |
| <li class="nav-item" id="edit"><a class="nav-link" href="https://github.com/apache/jena-site/edit/main/source/documentation/sparql-apis/http-auth.md" title="Edit this page on GitHub"><span class="bi-pencil-square"></span><span class="text-body d-none d-xxl-inline"> Edit this page</span></a></li> |
| </ul> |
| </div> |
| </div> |
| </nav> |
| |
| <div class="container"> |
| <div class="row"> |
| <div class="col-md-12"> |
| |
| <div id="breadcrumbs"> |
|
|
|
|
|
|
|
|
|
|
|
|
| <ol class="breadcrumb mt-4 p-2 bg-body-tertiary">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| <li class="breadcrumb-item"><a href='/documentation'>DOCUMENTATION</a></li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| <li class="breadcrumb-item"><a href='/documentation/sparql-apis'>SPARQL APIS</a></li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| <li class="breadcrumb-item active">HTTP AUTH</li>
|
|
|
|
|
|
|
|
|
| </ol>
|
|
|
|
|
|
|
| |
| </div> |
| <h1 class="title">HTTP Authentication</h1> |
| |
| |
| <main class="d-flex flex-xl-row flex-column"> |
| |
| <aside class="text-muted align-self-start mb-3 p-0 d-xl-none d-block"> |
| <h2 class="h6 sticky-top m-0 p-2 bg-body-tertiary">On this page</h2> |
| <nav id="TableOfContents"> |
| <ul> |
| <li><a href="#auth">Authentication</a> |
| <ul> |
| <li><a href="#jdk-httpclientauthenticator">JDK HttpClient.authenticator</a></li> |
| <li><a href="#challenge-registration">Challenge registration</a></li> |
| <li><a href="#ttservicett"><tt>SERVICE</tt></a></li> |
| </ul> |
| </li> |
| <li><a href="#authentication-examples">Authentication Examples</a></li> |
| <li><a href="#bearer-authentication">Bearer Authentication</a></li> |
| </ul> |
| </nav> |
| </aside> |
| <article class="flex-column me-lg-4"> |
| <p><i><a href="../archive/versions/http-auth-old.html">Old documentation</a> (Jena 3.1.1 to Jena 4.2.0)</i></p> |
| <p>Jena 4.3.0 and later uses the JDK <code>java.net.http</code> package. Jena adds API support |
| for challenge-based authentication and also provide HTTP digest authentication.</p> |
| <h2 id="auth">Authentication</h2> |
| <p>There are 5 variations:</p> |
| <ol> |
| <li>Basic authentication</li> |
| <li>Challenge-Basic authentication</li> |
| <li>Challenge-Digest authentication</li> |
| <li>URL user (that is, <code>user@host.net</code> in the URL)</li> |
| <li>URL user and password in the URL (that is, <code>user:password@host.net</code> in the URL)</li> |
| </ol> |
| <p>Basic authentication occurs where the app provides the user and password |
| information to the JDK <code>HttpClient</code> and that information is always used when |
| sending HTTP requests with that <code>HttpClient</code>. It does not require an initial |
| request-challenge-resend to initiate. This is provided natively by the <code>java.net.http</code> |
| JDK code. See <code>HttpClient.newBuilder().authenticate(...)</code>.</p> |
| <p>Challenge based authentication, for “basic” or “digest”, are provided by Jena. |
| The challenge happens on the first contact with the remote endpoint and the |
| server returns a 401 response with an HTTP header saying which style of |
| authentication is required. There is a registry of users name and password for |
| endpoints which is consulted and the appropriate |
| <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization"><code>Authorization:</code></a> |
| header is generated then the request resent. If no registration matches, the 401 |
| is passed back to the application as an exception.</p> |
| <p>Because it is a challenge response to a request, the request must be sent twice, |
| first to trigger the challenge and then again with the HTTP authentication |
| information. To make this automatic, the first request must not be a streaming |
| request (the stream is not repeatable). All HTTP request generated by Jena are |
| repeatable.</p> |
| <p>The URL can contain a <code>userinfo</code> part, either the <code>users@host</code> form, or the |
| <code>user:password@host</code> form. If just the user is given, the authentication |
| environment is consulted for registered users-password information. If user and |
| password is given, the details as given are used. This latter form is not |
| recommended and should only be used if necessary because the password is |
| in-clear in the SPARQL query.</p> |
| <p>Jena also has <a href="#bearer-authentication">support for bearer authentication</a>.</p> |
| <h3 id="jdk-httpclientauthenticator">JDK HttpClient.authenticator</h3> |
| <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-java" data-lang="java"><span style="display:flex;"><span> <span style="color:#080;font-style:italic">// Basic or Digest - determined when the challenge happens. |
| </span></span></span><span style="display:flex;"><span><span style="color:#080;font-style:italic"></span> AuthEnv<span style="color:#666">.</span><span style="color:#b44">get</span><span style="color:#666">().</span><span style="color:#b44">registerUsernamePassword</span><span style="color:#666">(</span>URI<span style="color:#666">.</span><span style="color:#b44">create</span><span style="color:#666">(</span>dataURL<span style="color:#666">),</span> <span style="color:#b44">"user"</span><span style="color:#666">,</span> <span style="color:#b44">"password"</span><span style="color:#666">);</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#a2f;font-weight:bold">try</span> <span style="color:#666">(</span> QueryExecution qExec <span style="color:#666">=</span> QueryExecutionHTTP<span style="color:#666">.</span><span style="color:#b44">service</span><span style="color:#666">(</span>dataURL<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">endpoint</span><span style="color:#666">(</span>dataURL<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">queryString</span><span style="color:#666">(</span><span style="color:#b44">"ASK{}"</span><span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">build</span><span style="color:#666">())</span> <span style="color:#666">{</span> |
| </span></span><span style="display:flex;"><span> qExec<span style="color:#666">.</span><span style="color:#b44">execAsk</span><span style="color:#666">();</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">}</span> |
| </span></span></code></pre></div><p>alternatively, the java platform provides basic authentication. |
| This is not challenge based - any request sent using a <code>HttpClient</code> configured |
| with an authenticator will include the authentication details. |
| (Caution - including sending username/password to the wrong site!). |
| Digest authentication must use <code>AuthEnv.get().registerUsernamePassword</code>.</p> |
| <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-java" data-lang="java"><span style="display:flex;"><span> Authenticator authenticator <span style="color:#666">=</span> AuthLib<span style="color:#666">.</span><span style="color:#b44">authenticator</span><span style="color:#666">(</span><span style="color:#b44">"user"</span><span style="color:#666">,</span> <span style="color:#b44">"password"</span><span style="color:#666">);</span> |
| </span></span><span style="display:flex;"><span> HttpClient httpClient <span style="color:#666">=</span> HttpClient<span style="color:#666">.</span><span style="color:#b44">newBuilder</span><span style="color:#666">()</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">authenticator</span><span style="color:#666">(</span>authenticator<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">build</span><span style="color:#666">();</span> |
| </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-java" data-lang="java"><span style="display:flex;"><span> <span style="color:#080;font-style:italic">// Use with RDFConnection |
| </span></span></span><span style="display:flex;"><span><span style="color:#080;font-style:italic"></span> <span style="color:#a2f;font-weight:bold">try</span> <span style="color:#666">(</span> RDFConnection conn <span style="color:#666">=</span> RDFConnectionRemote<span style="color:#666">.</span><span style="color:#b44">service</span><span style="color:#666">(</span>dataURL<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">httpClient</span><span style="color:#666">(</span>httpClient<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">build</span><span style="color:#666">())</span> <span style="color:#666">{</span> |
| </span></span><span style="display:flex;"><span> conn<span style="color:#666">.</span><span style="color:#b44">queryAsk</span><span style="color:#666">(</span><span style="color:#b44">"ASK{}"</span><span style="color:#666">);</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">}</span> |
| </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-java" data-lang="java"><span style="display:flex;"><span> <span style="color:#a2f;font-weight:bold">try</span> <span style="color:#666">(</span> QueryExecution qExec <span style="color:#666">=</span> QueryExecutionHTTP<span style="color:#666">.</span><span style="color:#b44">service</span><span style="color:#666">(</span>dataURL<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">httpClient</span><span style="color:#666">(</span>httpClient<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">endpoint</span><span style="color:#666">(</span>dataURL<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">queryString</span><span style="color:#666">(</span><span style="color:#b44">"ASK{}"</span><span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">build</span><span style="color:#666">())</span> <span style="color:#666">{</span> |
| </span></span><span style="display:flex;"><span> qExec<span style="color:#666">.</span><span style="color:#b44">execAsk</span><span style="color:#666">();</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">}</span> |
| </span></span></code></pre></div><h3 id="challenge-registration">Challenge registration</h3> |
| <p><code>AuthEnv</code> maintains a registry of credentials and also a registry of which service URLs |
| the credentials should be used. It supports registration of endpoint prefixes so that one |
| registration will apply to all URLs starting with a common root.</p> |
| <p>The main function is <code>AuthEnv.get().registerUsernamePassword</code>.</p> |
| <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-java" data-lang="java"><span style="display:flex;"><span> <span style="color:#080;font-style:italic">// Application setup code |
| </span></span></span><span style="display:flex;"><span><span style="color:#080;font-style:italic"></span> AuthEnv<span style="color:#666">.</span><span style="color:#b44">get</span><span style="color:#666">().</span><span style="color:#b44">registerUsernamePassword</span><span style="color:#666">(</span><span style="color:#b44">"username"</span><span style="color:#666">,</span> <span style="color:#b44">"password"</span><span style="color:#666">);</span> |
| </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-java" data-lang="java"><span style="display:flex;"><span> <span style="color:#666">...</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#a2f;font-weight:bold">try</span> <span style="color:#666">(</span> QueryExecution qExec <span style="color:#666">=</span> QueryExecutionHTTP<span style="color:#666">.</span><span style="color:#b44">service</span><span style="color:#666">(</span>dataURL<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">endpoint</span><span style="color:#666">(</span>dataURL<span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">queryString</span><span style="color:#666">(</span><span style="color:#b44">"ASK{}"</span><span style="color:#666">)</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">.</span><span style="color:#b44">build</span><span style="color:#666">())</span> <span style="color:#666">{</span> |
| </span></span><span style="display:flex;"><span> qExec<span style="color:#666">.</span><span style="color:#b44">execAsk</span><span style="color:#666">();</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">}</span> |
| </span></span></code></pre></div><p>When an HTTP 401 response with an <code>WWW-Authenticate</code> header is received, the Jena http handling code |
| will will look for a suitable authentication registration (exact or longest prefix), and retry the |
| request. If it succeeds, a modifier is installed so all subsequent request to the same endpoint will |
| have the authentication header added and there is no challenge round-trip.</p> |
| <h3 id="ttservicett"><tt>SERVICE</tt></h3> |
| <p>The same mechanism is used for the URL in a SPARQL <code>SERVICE</code> clause. If there is a 401 challenge, |
| the registry is consulted and authentication applied.</p> |
| <p>In addition, if the SERVICE URL has a username as the <code>userinfo</code> (that is, <code>https://users@some.host/...</code>), |
| that user name is used to look in the authentication registry.</p> |
| <p>If the <code>userinfo</code> is of the form “username:password” then the information as given in the URL is |
| used.</p> |
| <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-java" data-lang="java"><span style="display:flex;"><span> AuthEnv<span style="color:#666">.</span><span style="color:#b44">get</span><span style="color:#666">().</span><span style="color:#b44">registerUsernamePassword</span><span style="color:#666">(</span>URI<span style="color:#666">.</span><span style="color:#b44">create</span><span style="color:#666">(</span><span style="color:#b44">"http://host/sparql"</span><span style="color:#666">),</span> <span style="color:#b44">"u"</span><span style="color:#666">,</span> <span style="color:#b44">"p"</span><span style="color:#666">);</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#080;font-style:italic">// Registration applies to SERVICE. |
| </span></span></span><span style="display:flex;"><span><span style="color:#080;font-style:italic"></span> Query query <span style="color:#666">=</span> QueryFactory<span style="color:#666">.</span><span style="color:#b44">create</span><span style="color:#666">(</span><span style="color:#b44">"SELECT * { SERVICE <http://host/sparql> { ?s ?p ?o } }"</span><span style="color:#666">);</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#a2f;font-weight:bold">try</span> <span style="color:#666">(</span> QueryExecution qExec <span style="color:#666">=</span> QueryExecution<span style="color:#666">.</span><span style="color:#b44">create</span><span style="color:#666">().</span><span style="color:#b44">query</span><span style="color:#666">(</span>query<span style="color:#666">).</span><span style="color:#b44">dataset</span><span style="color:#666">(...).</span><span style="color:#b44">build</span><span style="color:#666">()</span> <span style="color:#666">)</span> <span style="color:#666">{</span> |
| </span></span><span style="display:flex;"><span> System<span style="color:#666">.</span><span style="color:#b44">out</span><span style="color:#666">.</span><span style="color:#b44">println</span><span style="color:#666">(</span><span style="color:#b44">"Call using SERVICE..."</span><span style="color:#666">);</span> |
| </span></span><span style="display:flex;"><span> ResultSet rs <span style="color:#666">=</span> qExec<span style="color:#666">.</span><span style="color:#b44">execSelect</span><span style="color:#666">();</span> |
| </span></span><span style="display:flex;"><span> ResultSetFormatter<span style="color:#666">.</span><span style="color:#b44">out</span><span style="color:#666">(</span>rs<span style="color:#666">);</span> |
| </span></span><span style="display:flex;"><span> <span style="color:#666">}</span> |
| </span></span></code></pre></div><h2 id="authentication-examples">Authentication Examples</h2> |
| <p><a href="https://github.com/apache/jena/tree/main/jena-examples/src/main/java/arq/examples/auth">jena-examples:arq/examples/auth/</a>.</p> |
| <h2 id="bearer-authentication">Bearer Authentication</h2> |
| <p>Bearer authentication requires that the application to obtain a token to present |
| to the server.</p> |
| <ul> |
| <li><a href="https://tools.ietf.org/html/rfc6750">RFC 6750</a></li> |
| <li><a href="https://tools.ietf.org/html/rfc6751">RFC 6751</a></li> |
| <li><a href="https://tools.ietf.org/html/rfc7519">JSON Web Tokens (JWT)</a></li> |
| <li><a href="https://tools.ietf.org/html/rfc8725">JSON Web Token Best Current Practices</a></li> |
| </ul> |
| <p>How this token is obtained depends on the deployment environment.</p> |
| <p>The application can either register the token to be used:</p> |
| <pre tabindex="0"><code> AuthEnv.get().addBearerToken(targetURL, jwtString); |
| </code></pre><p>or can provide a token provider for 401 challeneges stating bearer authentication.</p> |
| <pre tabindex="0"><code> AuthEnv.get().setBearerTokenProvider( |
| (uri, challenge)->{ ... ; return jwtString; }); |
| </code></pre> |
| </article> |
| |
| <aside class="text-muted align-self-start mb-3 mb-xl-5 p-0 d-none d-xl-flex flex-column sticky-top"> |
| <h2 class="h6 sticky-top m-0 p-2 bg-body-tertiary">On this page</h2> |
| <nav id="TableOfContents"> |
| <ul> |
| <li><a href="#auth">Authentication</a> |
| <ul> |
| <li><a href="#jdk-httpclientauthenticator">JDK HttpClient.authenticator</a></li> |
| <li><a href="#challenge-registration">Challenge registration</a></li> |
| <li><a href="#ttservicett"><tt>SERVICE</tt></a></li> |
| </ul> |
| </li> |
| <li><a href="#authentication-examples">Authentication Examples</a></li> |
| <li><a href="#bearer-authentication">Bearer Authentication</a></li> |
| </ul> |
| </nav> |
| </aside> |
| </main> |
| |
| </div> |
| </div> |
| </div> |
| |
| <footer class="bd-footer py-4 py-md-5 mt-4 mt-lg-5 bg-body-tertiary"> |
| <div class="container" style="font-size:80%" > |
| <p> |
| Copyright © 2011–2024 The Apache Software Foundation, Licensed under the |
| <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>. |
| </p> |
| <p> |
| Apache Jena, Jena, the Apache Jena project logo, Apache and the Apache feather logos are trademarks of |
| The Apache Software Foundation. |
| <br/> |
| <a href="https://privacy.apache.org/policies/privacy-policy-public.html" |
| >Apache Software Foundation Privacy Policy</a>. |
| </p> |
| </div> |
| </footer> |
| |
| <script src="/js/popper.min.js.js" type="text/javascript"></script> |
| <script src="/js/bootstrap.min.js" type="text/javascript"></script> |
| <script src="/js/improve.js" type="text/javascript"></script> |
| |
| <script type="text/javascript"> |
| (function() { |
| 'use strict' |
| |
| |
| |
| const links = document.querySelectorAll(`a[href="${window.location.pathname}"]`) |
| if (links !== undefined && links !== null) { |
| for (const link of links) { |
| |
| link.classList.add('active') |
| let parentElement = link.parentElement |
| let count = 0 |
| const levelsLimit = 4 |
| |
| |
| |
| |
| |
| while (['UL', 'LI'].includes(parentElement.tagName) && count <= levelsLimit) { |
| if (parentElement.tagName === 'LI') { |
| |
| |
| |
| parentElement.querySelector('a:first-child').classList.add('active') |
| } |
| parentElement = parentElement.parentElement |
| count++ |
| } |
| } |
| } |
| })() |
| </script> |
| |
| </body> |
| </html> |