ShinyProxy without LDAP

ShinyProxy
#1

Setup worked out the box, but I could only test it with Tesla/password, because we have no LDAP server, and setting up one seems a rather nasty job. Is there some way for a simplified login, e.g. with a database or even a simple table?

My typical application: In medical research, figures and images are often interpreted visually by experts. To evaluate images, these are presented randomly to well-known people in the world who rate features.

– We must be sure that only persons in a database with given password do the rating
– Shiny must know which person is logged in to save the rater id in the database.

We have used shinyapps with authentication for the, but for long running studies, it is too expensive.

#2

Hi @dmenne,

Nice to hear from you and good that things worked out of the box. Currently there is either LDAP authentication ( authentication: ldap) or no authentication (authentication: none) which will not be useful in your case. If you put nginx in front (e.g. as described here ), you could use a password file at nginx level (HTTP basic auth) with the current version of ShinyProxy, but that will not yet pass the information on to the application to write it to the database. In other words: we should add other authentication methods to cover your scenario (so I added it to our planning ;-).

Best,
Tobias

#3

Hi @dmenne and @tverbeke,

I think this question is tightly related to my question, see: Pass custom arguments to the Shiny app

Our initial thought was to pass the user name and additional parameters as a URL query string, and check it against a DB from within the Shiny app before displaying the actual widgets. However, this solution did not work as described in my response to @tverbeke’s suggestion.

Regards,
Denes

#4

@dmenne and @tdenes:

In release 0.7.5 there is a new authentication mechanism authentication: simple which allows to define users (and groups) inside the application.yml configuration file. Usage of this mechanism has been documented on the configuration section of the ShinyProxy site.

Hope this is useful!

Best,
Tobias

#5

Wow… I thought this was a plan for the next year. Thanks, will test

Dieter

#6

Thanks for implementing this so quickly. Am I right that it has the same problem as the LDAP version, i.e. that the ID of the logged in user is not available to Shiny?

Dieter

#7

Hi Dieter,

In fact username is available to shiny via the environment variable SHINYPROXY_USERNAME (as noted in www.shinyproxy.io/configuration). This works both for LDAP and simple authentication.

Maxim

#8

Thanks, that’s fine! Sorry, I had missed that in the LDAP docs.

#9

Hi Maxim,
is there a way to get the shinyproxy group for simple authentication, or the LDAP string in the shiny app? I couldn’t find it in the system environments and I thought that it could be useful for for example allowing access to data on the basis of belonging to some group. Something like SHINYPROXY_GROUP?
Thanks
Jan

#10

Hi Jan,

This is currently not available, but it is a good suggestion and might be added in the future, thanks!

Maxim

#11

Hi,

I think you can just request this information directly from your LDAP server.

In you shinyproxy environment variable, you do have access to SHINYPROXY_USERNAME by a call userId <-
Sys.getenv(“SHINYPROXY_USERNAME”)

I’m using the following code to retrieve the LDAP groups. Depend on the structure of you LDAP directories, the code might be slightly different. You need to figure out what is the key word in your LDAP for user id when you request groups. In my case, it’s ‘memberUid’. Note that a user could be in different groups.

ldapUrl <-
  paste0("ldap://your.org/ou=group,dc=your,dc=org?cn?sub?memberUid=",
         userId)
ldapResult <- RCurl::getURL(ldapUrl)

groups.v <- unlist(stringr::str_split(ldapResult, "\n\n\n"))
m <- regexpr("cn: .+?$", groups.v, perl = TRUE)
gsub("cn: ", "", regmatches(groups.v, m))
#12

@Jan_Kucera, @Keqiang_Li

The groups the authenticated user is member of are made available to the Shiny application via the environment variable SHINYPROXY_USERGROUPS since version 1.0.0.

See

https://www.shinyproxy.io/downloads/

for this and other new features.

Best,
Tobias