Awesome
<div align="center"> <a href="https://github.com/arces-wot/SEPA"> <img width="300px" src="./doc/logo.png"> </a> <br> <br> <a href="https://travis-ci.org/arces-wot/SEPA"> <img src="https://travis-ci.org/arces-wot/SEPA.svg?branch=master"> </a> <a href="https://bintray.com/arces-wot/sepa-java-libs/client-api"> <img src="https://img.shields.io/badge/client%20api-latest-cyan.svg"> </a> <a href="https://github.com/arces-wot/SEPA/releases"> <img src="https://img.shields.io/github/downloads/arces-wot/SEPA/total.svg?colorB=blue"> </a> <a href="https://github.com/arces-wot/SEPA/tree/dev"> <img src="https://img.shields.io/badge/unstable-dev-violet.svg"> </a> <a href="https://gitter.im/sepa_dev/Lobby#"> <img src="https://img.shields.io/badge/chat-on%20gitter-red.svg"> </a> <br> <a href="https://www.gnu.org/licenses/gpl-3.0"> <img src="https://img.shields.io/badge/License-GPLv3-blue.svg"> </a> <a href="hhttps://www.gnu.org/licenses/lgpl-3.0"> <img src="https://img.shields.io/badge/License-LGPL%20v3-blue.svg"> </a> </div>Table of Contents
Introduction
SEPA (SPARQL Event Processing Architecture) is a publish-subscribe architecture designed to support information level interoperability. The architecture is built on top of generic SPARQL endpoints (conformant with SPARQL 1.1 protocol) where publishers and subscribers use standard SPARQL 1.1 Updates and Queries. Notifications about events (i.e., changes in the RDF knowledge base) are expressed in terms of added and removed SPARQL binding results since the previous notification. To know more about SEPA architecture and vision please refer to this paper. SEPA proposal has been formalized in the following unofficial dratfs:
- SPARQL Event Processing Architecture (SEPA) contribute here
- SPARQL 1.1 Secure Event Protocol contribute here
- SPARQL 1.1 Subscribe Language contribute here
- JSON SPARQL Application Profile (JSAP) contribute here
Demo
Quick start
-
Download the SEPA Engine and run it:
java -jar engine-x.y.z.jar
-
Download Blazegraph (or use any other SPARQL 1.1 Protocol compliant service) and run it as shown here
-
Use the SEPA Playground to check basic functionalities of the engine.
For Hackers 💻👩💻👨💻
<a href="https://asciinema.org/a/251211"> <img width="300px" src="https://asciinema.org/a/251211.svg"> </a>Configuration
The SEPA engine can be used with different SPARQL endpoints which must support SPARQL 1.1 protocol. The endpoint can be configured using
a JSON file endpoint.jpar
. Furthermore, the engine has various parameters that can be used to configure the standard behavior; they
can be set using another JSON file called engine.jpar
.
In the repository, you will find some versions of endpoint-{something}.jpar
file. According to your underlying SPARQL endpoint, you have to rename the correct file to endpoint.jpar
.
The default version of endpoint.jpar
configures the engine to use use a local running instance of Blazegraph as SPARQL 1.1 Protocol Service.
{
"host":"localhost",
"sparql11protocol":{
"protocol":"http",
"port":9999,
"query":{
"path":"/blazegraph/namespace/kb/sparql",
"method":"POST",
"format":"JSON"},
"update":{
"path":"/blazegraph/namespace/kb/sparql",
"method":"POST",
"format":"JSON"}}}
The default version of engine.jpar
configures the engine to listen for incoming SPARQL 1.1 SE Protocol requests at the following URLs:
- Query: http://localhost:8000/query
- Update: http://localhost:8000/update
- Subscribe/Unsubscribe: ws://localhost:9000/subscribe
- SECURE Query: https://localhost:8443/secure/query
- SECURE Update: https://localhost:8443/secure/update
- SECURE Subscribe/Unsubscribe: wss://localhost:9443/secure/subscribe
- Regitration: https://localhost:8443/oauth/register
- Token request: https://localhost:8443/oauth/token
{"parameters":{
"scheduler":{
"queueSize":100,
"timeout":5000},
"processor":{
"updateTimeout":5000,
"queryTimeout":5000,
"maxConcurrentRequests":5,
"reliableUpdate":true},
"spu":{"timeout":5000},
"gates":{
"security":{
"tls":false,
"enabled":false,
"type":"local"},
"paths":{
"secure":"/secure",
"update":"/update",
"query":"/query",
"subscribe":"/subscribe",
"unsubscribe":"/unsubscribe",
"register":"/oauth/register",
"tokenRequest":"/oauth/token"},
"ports":{
"http":8000,
"https":8443,
"ws":9000,
"wss":9443}}}}
Logging
SEPA uses log4j2 by Apache. A default configuration is stored in the file log4j2.xml provided with the distribution. If the file resides in the engine folder, but it is not used, add the following JVM directive to force using it:
java -Dlog4j.configurationFile=./log4j2.xml
-jar engine-x.y.z.jar
Security
By default, the engine implements a simple in-memory OAuth 2.0 client-credential flow. It uses a JKS for storing the keys and certificates for SSL and JWT signing/verification. A default sepa.jks
is provided including a single X.509 certificate (the password for both the store and the key is: sepa2017
). If you face problems using the provided JKS, please delete the sepa.jks
file and create a new one as follows: keytool -genkey -keyalg RSA -alias sepakey -keystore sepa.jks -storepass sepa2017 -validity 360 -keysize 2048
Run java -jar engine-x.y.z.jar -help
for a list of options. The Java Keytool can be used to create, access and modify a JKS.
SEPA also implements other two security mechanisms:
- LDAP: it extends the default one by storing clients's information into an LDAP server (tested with Apache Directory)
- KEYCLOAK: authentication based on OpenID Connect in managed by Keycloak
Security is configured within the engine.jpar
as follows:
{"gates":{
"security":{
"tls": false,
"enabled": true,
"type": "local"
}}}
where
type
can assume one of the following values:local
,ldap
,keycloak
tls
is used whentype
=ldap
to enable or not LDAP StartTLS
JMX monitoring
The SEPA engine is also distributed with a default JMX configuration jmx.properties
(including the jmxremote.password
and jmxremote.access
files for password and user grants). Remember to change password file permissions using: chmod 600 jmxremote.password
. To enable remote JMX, the engine must be run as follows: java -Dcom.sun.management.config.file=jmx.properties -jar engine-x.y.z.jar
. Using jconsole
is possible to monitor and control the most important engine parameters. By default, the port is 5555
and the root:root
credentials grant full control (read/write).
Usage
The SEPA engine can be configured from the command line. Run java -jar engine-x.y.z.jar -help
for the list of available settings.
java [JMX] [JVM] [LOG4J] -jar SEPAEngine_X.Y.Z.jar [-help] [-secure=true] [-engine=engine.jpar] [-endpoint=endpoint.jpar] [JKS OPTIONS] [LDAP OPTIONS] [ISQL OPTIONS]
secure
: overwrite the current secure option of engine.jparengine
: can be used to specify the JSON configuration parameters for the engine (default: engine.jpar)endpoint
: can be used to specify the JSON configuration parameters for the endpoint (default: endpoint.jpar)help
: to print this help
[JMX]
Dcom.sun.management.config.file=jmx.properties
: to enable JMX remote managment
[JVM]
XX:+UseG1GC
[LOG4J]
Dlog4j.configurationFile=path/to/log4j2.xml
[JKS OPTIONS]
sslstore
<jks> : JKS for SSL CA (default: ssl.jks)sslpass
<pwd> : password of the JKS (default: sepastore)jwtstore
<jks> : JKS for the JWT key (default: jwt.jks)jwtalias
<alias> : alias for the JWT key (default: jwt)jwtstorepass
<pwd> : password for the JKS (default: sepakey)jwtaliaspass
<pwd> : password for the JWT key (default: sepakey)
[LDAP OPTIONS]
ldaphost
<name> : host (default: localhost)ldapport
<port> : port (default: 10389)ldapdn
<dn> : domain (default: dc=sepatest,dc=com)ldapusersdn
<dn> : domain (default: null)ldapuser
<usr> : username (default: null)ldappwd
<pwd> : password (default: null)
[ISQL OPTIONS]
isqlpath
<path> : location of isql (default: /usr/local/virtuoso-opensource/bin/)isqlhost
<host> : host of Virtuoso (default: localhost)isqluser
<user> : user of Virtuoso (default: dba)isqlpass
<pass> : password of Virtuoso (default: dba)
Contributing
You are very welcome to be part of SEPA community. If you find any bug feel free to open an issue here on GitHub, but also feel free to ask any question. For more details check Contributing guidelines. Besides, if you want to help the SEPA development follow this simple steps:
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Check some IDE specific instruction below
- Do your stuff
- Provide tests for your features if applicable
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
Pull request with unit tests have an higher likelihood to be accepted, but we are not to restrictive. So do not be afraid to send your contribution!
Clone in Eclipse
There is no particular restriction in your IDE choice. Here we provide a short guide to import the GitHub cloned project inside Eclipse. Any other IDEs work fine.
- Open Eclipse
- File > Import > Maven
- Choose "Check out Maven Projects from SCM"
- In the field SCM URL choose 'git' and add the clone address from Github. If 'git' is not found, tap into "Find more SCM connectors in the m2e Marketplace"
- go on... The project is cloned. Enjoy!
Build with Maven
SEPA engine is a Maven project composed by two sub-projects:
- Client-api
- Engine
As first, you need to build client-api skipping JUnit tests:
mvn install -DskipTests
In fact, clien-api JUnit tests include integration tests that require a SEPA engine running
Then you can build the engine with this command:
mvn install
That create an executable inside the target directory. To know more about Maven please refer to the official documentation.
History
SEPA has been inspired and influenced by Smart-M3. SEPA authors have been involved in the development of Smart-M3 since its origin.
The main differences beetween SEPA and Smart-M3 are the protocol (now compliant with the SPARQL 1.1 Protocol) and the introduction of a security layer (based on TLS and JSON Web Token for client authentication).
All the SEPA software components have been implemented from scratch.
Credits
SEPA stands for SPARQL Event Processing Architecture. SEPA is promoted and maintained by the Dynamic linked data and Web of Things Research Group @ ARCES, the Advanced Research Center on Electronic Systems "Ercole De Castro" of the University of Bologna.
License
SEPA Engine is released under the GNU GPL, SEPA APIs are released under the GNU LGPL