How can I prevent my OpenRDF Sesame 2.6.5 RDF storage from the modification(INSERT/DELETE) via SPARQL endpoint?
'Select' queries will be done via POST requests.
Forbid(via Apache Tomcat config. files for Sesame's WARs) the following SPARQL HTTP endpoint URLs:
http:/localhost:8080/openrdf-sesame/repositories/test/update...
and
http:/localhost:8080/openrdf-workbench/repositories/test/update... ?
You can control this kind of thing using basic HTTP authentication. See this article for a step-by-step tutorial on how to configure this in Tomcat.
The trick is to make sure that only certain authenticated users have write access to the repository. In terms of HTTP authentication that means you want to restrict access to all POST, PUT and DELETE requests on any URL patterns that correspond to modifications in the Sesame REST protocol.
SPARQL Update operations are executed as POST requests against the repositories/<REPID>/statements URL, so you will have restrict access on that pattern. In addition you will probably also want to restrict access to Graph Store protocol operations (repositories/<REPID>/rdf-graphs/*).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With