Security in an R Shiny Application

前端 未结 6 1575
说谎
说谎 2021-01-29 23:54

I want to publish an R Shiny web application (http://www.rstudio.com/shiny/) on the web, but I want to password protect it so that only people with credentials can view what I h

6条回答
  •  有刺的猬
    2021-01-30 00:24

    This might be a little late but I am going to answer anyways. If you have already got a solution, can you please share it with us?

    My primary aim was very simple. I had a working version of shiny app on my laptop. I used to run it as mentioned below, all the while for testing locally.

    R -e "shiny::runApp('.')"
    

    Then came the moment when we had to put this on out on an Amazon EC2 instance.

    At first my attempt was to directly proxy apache to port 8100 on which my app would listen to. But that didn't work that well as it appears that running the server in this manner actually uses raw sockets where as using a shiny-server falls back to using sock.js hence the communication is now over HTTP instead.

    So downloaded the shiny-server app on our EC2 instance by following the instructions here: https://github.com/rstudio/shiny-server

    Btw, though the instructions there recommend you install node.js from source if you are using a RHEL instance, it worked pretty well for me by going the yum install way. You have those instructions here.

    Following the node.js, shiny-server installation & setup, edited my Apache conf (Ubuntu and RHEL call the conf differently. Hence edit the one you have). Added a virtual host to service my requests. And as you can notice, also masked it with a Apache Basic digest Auth with the Apache Location directive.

    
    
        ProxyPass / http://localhost:3838/
        ProxyPassReverse / http://localhost:3838/
        ProxyPreserveHost On
    
        
            AuthType Basic
            AuthName "Restricted Access - Authenticate"
            AuthUserFile /etc/httpd/htpasswd.users
            Require valid-user
        
    
    
    

    Apart from this also edited the shiny-server conf to listen to request from 127.0.0.1 only (localhost only). So in my shiny-server I have the following:

    listen 3838 127.0.0.1;
    

    Btw, you wouldn't need this if you are in an Amazon EC2 environment as you can use the security-group setting in your EC2 dashboard to do the same. I did this anyway as a good measure.

    This, for now, is enough as we were looking for something very quick & simple.

    Now desperately waiting for the awesome RShiny folks to provide auth as a part of the enterprise edition deal.

    Hope this helps.

提交回复
热议问题