Browse Prior Art Database

A REST Web Service for Templating Database Queries

IP.com Disclosure Number: IPCOM000235432D
Publication Date: 2014-Feb-27
Document File: 4 page(s) / 67K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a template approach to make database queries reusable in web applications.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 43% of the total text.

Page 01 of 4

A REST Web Service for Templating Database Queries

Data is often published on the web in a form that can be queried using powerful query languages such as Structured Query Language (SQL) and SPARQL Protocol and Resource Description Framework (RDF) Query Language (SPARQL). However, writing useful, efficient queries often requires a deep knowledge of the underlying data model and the physical storage method of that data model .

It is therefore highly desirable to have skilled database developers write and publish black-box queries that can be parameterized by application developers or end users. This way, the query user is shielded from the details of the query and only knowledge of the parameters is required. The result is a simpler web application. This also enables the query to be transparently updated if a better query structure is found or if the physical database design changes.

The system described herein solves the problem of making database queries more reusable in web applications.

The standard approach for parameterizing SQL queries is to use host variables . There is no standard for SPARQL queries.

SQL host variables represent single data values, only used in certain well-defined places within an SQL statement; there can be no dynamic alteration of the structure of the SQL statement. One common use case is to test a data item for membership in a variable-length list of literal data values that are selected by a user at runtime .

In the case of SPARQL, a previously disclosed a solution supported runtime parameters using the Rational Reportable Representational State Transfer (REST) specification. This approach allows the result set to be filtered using Extensible Markup Language Path Language (XPath) expressions. The latter were automatically translated into SPARQL FILTER clauses, which were appended to the

end of the query. Although this produces a correct result, the performance is in many cases far less than that which would have been written by a skilled human. Furthermore, in practice, users require the ability to inject arbitrary runtime parameters into the body of SPARQL queries. This motivated the adoption of a general-purpose template language.

The core idea is three-fold:

1. Use a full-featured source code templating language to define query templates

2. Provide default values for all template variables such that the result of using the default value in the template results in a valid query

3. Use Hypertext Transfer Protocol (HTTP) query parameters to assign runtime values to the template variables such that the result of applying the runtime value (or, if no runtime value is provided, then the default value) to the template results in a valid query

The use of general templates exposes queries to the risk of injection of malicious query fragments by attackers. In order to address this risk, the web service can be configured to use authentication. Furthermore, the invented system includes a

1


Page 02 of 4

featur...