I am running a single app using shinyproxy, with two users defined in application.yml using simple authentication.
The app runs perfectly when the first user logs in and starts the app. However, when the second user logs in and tries to start the app, the message “Not authorized to access this proxy” is displayed.
Note that it is the order that the users log on that matters, both users are able to start the app individually - as long as the other user is not logged in.
My understanding (and the main reason I looked into shinyproxy) is that a second instance of the app should be launched in this situation.
Does anyone have any idea of what could be wrong? I have followed the instructions without any deviations I can think of. My application.yml below.
Hi,
I am having the exact same error, with a slight difference. In my case I only get this error if I login into different sessions using the same user. So if user1 logs in and runs the app, and then same user1 logs in from a different browser session and log in then I get this error, otherwise the app runs fine.
Are you having a different experience @Anders ?
Even then, is this behavior expected? That one user logs in once only from same session?
When user1 logs out from one of the sessions, user1 can then access the app from the other session.
Regards
Mohsen
My problem looks to have resolved itself after a reboot (yes, I know… Sorry.). @Mohsen, yes I do se that error when trying to log in twice using the same user in two different sessions. After logging the user out and than trying again the app starts as expected. I guess this behavior is expected, but perhaps an other message than “Not authorized to access this proxy” would be a good idea, e.g. “User already logged in”, or something?
This could be a bug indeed. The intended behaviour is:
If two users access the same URL (e.g. /app/01_hello) from their browsers, each user should get their own shiny app running in a private container.
If a user accesses the same URL from 2 browser sessions, both sessions should direct the user to the same shiny app instance; it should not spawn 2 containers.
The message “Not authorized to access this proxy” should only appear if a user tries to access another user’s instance.
How did you perform these tests? Using different browsers, different tabs in the same browser, or incognito tabs?
OK, I’ve tried using both different browsers (on different computers) and using incognito sessions. Both cases requires logging in twice with the same user, and when the second “copy” of the user tries to access the /app/01_hello I see the “Not authorized …” error message.
In the same browser session (where I only need to log in once), however, everything is fine when opening. The user gets two instances of the app on the same container.
Hi @fmichielssen
This is the steps to reproduce the bug:
1. open two different sessions in two browser windows one normal, one incognito
2. browse to the shiny-proxy demo app on both session and login the same user, for example jack
3. run the hello-world app in one session
4. run the same hellop-world app in the other session
5. you will get the "Not authorized to access this proxy" error
So does indeed seem to be a bug.
I have submitted a bug report on github.
Hi @akenny
Are you sure about the reproduction steps? Different users caused this error?
I have explained the steps which reproduces the error for me here, but when logging in with different users in different sessions, I did not see any error.
Hi @tverbeke
Thank you for the quick release fixing this issue.
I have checked and my quick tests show this to be behaving as expected now.
One other issue that I have noticed:
When the same user logs in from two separate sessions (let’s call them jack/session1 and jack/session2, and in one session you run the “Hello Application” app, there is a container started for jack/session1 which can be confirmed from the logs that is printed by shinyproxy. Then when jack/session2 runs the same “Hello Application” app, there is no indication of a new container being started. I suppose this means they are sharing the same container for both user/sessions.
I have noticed if I run the same app from the two user/sessions at very quickly at around the same time, only one will run and the other sometimes stays blank or gives a 404 error.
This is a screenshot of two user/sessions run at around the same time.
Going from the admin pages for the app, same container ID is shown for both user/sessions.
When logging in with different users, the behavior is as expected and two separate containers have been spun:
Is this by design? Maybe to make better use of resources?
One of the problems when I work with Shiny Server was that it is single threaded and therefore from separate sessions when running an app which takes few seconds to run, user1/session2 would need to wait until user1/session1 finished running the time consuming event. I expect similar thing will happen with ShinyProxy if that is the behavior as explained above. Is that a fair assumption?
It is indeed by design that a single user gets a single container per app.
The only exception is authentication: none, where each session is considered a different ‘user’.
The 404 on quick access from 2 sessions appears to be a timing issue, we’ll look into this.
Hi @tverbeke-
We are running 2.0.5 ShinyProxy and we still have 404 error when a new pod is launched.The we hit F5 to refresh the page and the app is starting. Once the pod is live that issue never happen again.
Since we use kubernetes with auto-scaling enabled, every time there is a need to launch a new pod the user will see 404 page - if he tried to refresh it will work fine but most of them give up here and since the app is broken.
