Skip to Main Content
Forums

Database Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

RDF and OLS

858683May 6 2011 — edited May 9 2011
Hi, I need secure some predicates in my model. I use Resource-Level Security.
I've got three users - admin can read and write everything, doctor - can read secured predicates and researcher - can't read secured predicates. I store application table in Venca's schema (privileged user). My steps are:
1. I create user Venca and users admin, doctor, researcher
create user venca identified by pass; - same way other users
grant create session, resource to venca,admin, doctor, researcher;

2. I create policy pravidlo
execute SA_SYSDBA.CREATE_POLICY ('pravidlo', 'CTXT1');
and levels:
EXEC sa_components.create_level ('pravidlo', 1001,'P','Public Level');
EXEC sa_components.create_level ('pravidlo', 2001,'C','Confidential Level');
EXEC sa_components.create_level ('pravidlo', 3001,'S','Sensitive Level');
and labels:
EXEC sa_label_admin.create_label('pravidlo', '10000','S', TRUE);
EXEC sa_label_admin.create_label('pravidlo', '10100','P', TRUE);
EXEC sa_label_admin.create_label('pravidlo', '10200','C', TRUE);
and set privileges:
execute SA_USER_ADMIN.SET_USER_PRIVS('pravidlo','admin_u','FULL'); -- admin full access
execute SA_USER_ADMIN.SET_USER_PRIVS('pravidlo','venca','FULL'); -- venca full access
execute sa_user_admin.set_user_labels('pravidlo','venca','S','S','P','S','P'); -- I set levels for Venca because he imports RDFs from file using Jena based program and I want set all resources to label P - Public.
execute sa_user_admin.set_user_labels('pravidlo','doctor_u','P','P','P','P','P');
execute sa_user_admin.set_user_labels('pravidlo','research_u','S','S','P','S','P');
and apply policy:
execute SEM_RDFSA.APPLY_OLS_POLICY('pravidlo',sem_rdfsa.SECURE_PREDICATE);

and here is the problem: I want to set predicat's http://mysample.com/ontology/onto.owl#secThing label to level S (Sensitive level).
I use statement:
execute sem_rdfsa.set_predicate_label('model', '<http://mysample.com/ontology/onto.owl#secThing>', 'S');
but there is a problem with part "onto*bold*.*bold*owl" - the dot makes error report (I translated it to English)
ORA-55359: unauthorized operation with policy PRAVIDLO - AVPT-12406
ORA-06512: on "MDSYS.SEM_RDFSA", line 595
ORA-06512: on line 1
If I try delete the dot, statement is executed with no errors. How should I enter the predicate URI? In SPARQL i use a prefix for http://mysample.com/ontology/onto.owl#, but I think here I have to enter whole the URI.

My another questions:
1) Is there a way how to read labels of all resources and predicates? (I don't know if their labels are set correctly on import.)
2) What is the right order of actions - import data to model, apply policy, set predicate label?
3) How can I set label 'P' to all predicates and resources?

Thanks for your answers.

Comments

Jaap Spiering
Answer

Hi Qasim,

there is a similar issue here: https://community.oracle.com/thread/3583324

It seems related to the JDK version you are using, WebLogic 10.3.6 does not support Java 8. See the FMW support matrix here: http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html

regards,

Jaap

Marked as Answer by Qasim Tahir · Sep 27 2020
Qasim Tahir

Hi Jaap,

I have changed the JDK version to 1.7u80 and it worked. wsm-pm service started without any error..

Thanks for help..!

Regards,

Qasim

1 - 2
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Jun 6 2011
Added on May 6 2011
#database-key-features, #rdf-graph-property-graph, #security
3 comments
150 views