recommended apache2 redstore proxy configuration?

[ramorrismorris]

I wonder how/if people are proxying redstore through apache2. My naive way below has important drawbacks for a production web server.

I'm proxying redstore through apache2 on ubuntu linux 11.10 with proxy configuration

ProxyPass /redstore/ http://localhost:9080/ ProxyPass /query http://localhost:9080/query etc... ProxyPassReverse /redstore/ http://localhost:9080/ ProxyPassReverse /query http://localhost:9080/query etc

This works, but sacrifices things in the apache2 document root, which is unsatisfactory. It seems to be necessary because redstore.c generates the home page with document root-relative href's, such as href="/query". It should be the case that only the top-level proxy and revers proxy /redstore/ are needed, but this is not enough because ProxyPassReverse does not look into html [1].

I had a brief fling at trying to make redstore.c generate relative links, such as simply href="query" and href="./query", but at runtime something complained about "Unsupported path" or words to that effect.

Before I try [2] I wonder if someone has a better solution.

[1] "Only the HTTP response headers specifically mentioned above will be rewritten. Apache will not rewrite other response headers, nor will it rewrite URL references inside HTML pages. This means that if the proxied content contains absolute URL references, they will by-pass the proxy. A third-party module that will look inside the HTML and rewrite URL references is Nick Kew's mod_proxy_html." Referenced in: https://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypassreverse

[2 ]http://apache.webthing.com/mod_proxy_html/

[njh]

Hello,

I have been giving this some thought and I have decided that it is not recommended to proxy using Apache, mainly because redstore is not designed for that kind of thing.

1) it is not guaranteed to be secure (in fact I am pretty sure it isn't) - it would be bad to expose it to the world. 2) it can only process a single request at a time - there is only one process/thread 3) performance isn't great

RedStore is intended to be something that you can get up and running quickly on a development machine or used for training.

I would suggest using 4store for this type of situation. I would also recommend putting something between a triplestore and the rest of the world. If you want to allow public SPARQL querying, try using something like the EasyRdf SPARQL Query form: https://github.com/njh/easyrdf/blob/master/examples/sparql_queryform.php

Or SNORQL: https://github.com/kurtjx/SNORQL

[ramorrismorris]

Thanks for thinking about this. I had come to that conclusion myself. I did find RedStore a simple to deploy and useful exploratory testbed, but we've gained more experience and moved on. At the moment we are integrating Apache Jena Fuseki, which meets our need to invoke the same SPARQL endpoints from shell scripts, from within Java code, and from within PHP code. We've particularly been exploring SPARQLPuSH, a cool semantic Pub/Sub application of the Google PubSubHubbub protocol that lets you express a subscription as a SPARQL query and delivers an RSS notification when anything that meets the query is added to or changed in the triple store.

But RedStore definitely played a role in our education.

Thanks again Bob Morris

Robert A. Morris

Emeritus Professor  of Computer Science UMASS-Boston 100 Morrissey Blvd Boston, MA 02125-3390

IT Staff Filtered Push Project Harvard University Herbaria Harvard University

web: http://efg.cs.umb.edu/ web: http://etaxonomy.org/mw/FilteredPush

http://www.cs.umb.edu/~ram

The content of this communication is made entirely on my own behalf and in no way should be deemed to express official positions of The University of Massachusetts at Boston or Harvard University.

On Sat, Jun 16, 2012 at 6:29 AM, Nicholas Humfrey reply@reply.github.com wrote:

Hello,

I have been giving this some thought and I have decided that it is not recommended to proxy using Apache, mainly because redstore is not designed for that kind of thing.

1) it is not guaranteed to be secure (in fact I am pretty sure it isn't) - it would be bad to expose it to the world. 2) it can only process a single request at a time - there is only one process/thread 3) performance isn't great

RedStore is intended to be something that you can get up and running quickly on a development machine or used for training.

I would suggest using 4store for this type of situation. I would also recommend putting something between a triplestore and the rest of the world. If you want to allow public SPARQL querying, try using something like the EasyRdf SPARQL Query form: https://github.com/njh/easyrdf/blob/master/examples/sparql_queryform.php

Or SNORQL: https://github.com/kurtjx/SNORQL

---

Reply to this email directly or view it on GitHub: https://github.com/njh/redstore/issues/43#issuecomment-6372230