credentials for sesame remote_store_endpoint?

[kgeographer]

I have a Sesame 2.7.11 store I can access fine with Workbench and the Win2 client. The Win2 client respects permissions set in web.xml, so I can secure it. Can't run queries with arc2 though if any security is set. arc2 does work if I leave the store wide open.

How can I send BASIC authentication credentials? I see in ARC2_Reader.php an arc_reader_credentials array() and tried un-commenting and supplying a 'host' => 'user:pass' for the endpoint but I get 500 errors in the browser. Tried hard and failed to locate any other documentation.

any suggestions appreciated, thanks

[bnowack]

Hm, this should work... You could try accessing the endpoint with the reader directly in order to debug the authentication:

header("Content-type: text/plain; charset=utf-8");
$config = array(
    'http_accept_header' => 'Accept: */*',
    'arc_reader_credentials' => array(
        'ENDPOINT_HOST' => 'USER:PASS'
    )
);
$reader = ARC2::getComponent('Reader', $config);
$reader->activate('ENDPOINT_URL');

echo "\nformat:" . $reader->getFormat();

while ($data = $reader->readStream()) {
    echo $data;
}
$reader->closeStream();

print_r($reader->getErrors());

[kgeographer]

I've found an immediate workaround via Jeen Broekstra in using Tomcat web.xml constraints to prevent write/delete calls made via REST. I can use Sesame workbench and windows client (which do recognize credentials) to manage the repositories.

Still, I'd feel better to harden it further, so I will give this a try soon.

thanks

[k00ni]

Hi @kgeographer, any news here? Issue seems solved to me.