LEDfan
commented
1 year ago Hi @ppiecuch
This is indeed currently not supported by ShinyProxy. The reason is that this is more complex than you may think. For example, a few issues that came up when designing such a feature:
AccessControlServiceshould be extended to allow this ( https://github.com/openanalytics/containerproxy/blob/master/src/main/java/eu/openanalytics/containerproxy/service/AccessControlService.java )UserServiceshould be updated, it contains some special code to properly handle login/logout events for anonymous users: https://github.com/openanalytics/containerproxy/blob/master/src/main/java/eu/openanalytics/containerproxy/service/UserService.java#L207-L250 This will become even more complex when allowing both anonymous and logged in users- What should happen when an anonymous users has some apps running and then they try to sign in. Should ShinyProxy stop these apps or keep them running? The difficult thing here is that when logging in, the session id of the user will change and thus we cannot use the session id for keeping track of anonymous apps (this in order to prevent session fixation attacks).
The above code should give you some hints if you want to start working on this nevertheless.
I agree this is a useful feature, but it requires some refactors in the ShinyProxy and ContainerProxy code so that's why currently we don't plan to work on this. I'll keep this feature open as a feature request.
ppiecuch
I am using Kubernetes backend with corporate ldap authorisation. Would it be possible to have an application in spec that is "public" and does not require any authorisation/authentication? I am using my custom build of shinyproxy/containerproxy and I guess I could also make some modification to the code to have that functionality if someone could point me where I should start :)
Thank you in advance Pawel