Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Security in an R Shiny Application

Tags:

security

r

shiny

I want to publish an R Shiny web application (http://www.rstudio.com/shiny/) on the web, but I want to password protect it so that only people with credentials can view what I have published. What is the best way to do this ?

like image 320
Nicholas Hamilton Avatar asked Aug 19 '13 13:08

Nicholas Hamilton

1 Answers

This might be a little late but I am going to answer anyways. If you have already got a solution, can you please share it with us?

My primary aim was very simple. I had a working version of shiny app on my laptop. I used to run it as mentioned below, all the while for testing locally.

R -e "shiny::runApp('.')"

Then came the moment when we had to put this on out on an Amazon EC2 instance.

At first my attempt was to directly proxy apache to port 8100 on which my app would listen to. But that didn't work that well as it appears that running the server in this manner actually uses raw sockets where as using a shiny-server falls back to using sock.js hence the communication is now over HTTP instead.

So downloaded the shiny-server app on our EC2 instance by following the instructions here: https://github.com/rstudio/shiny-server

Btw, though the instructions there recommend you install node.js from source if you are using a RHEL instance, it worked pretty well for me by going the yum install way. You have those instructions here.

Following the node.js, shiny-server installation & setup, edited my Apache conf (Ubuntu and RHEL call the conf differently. Hence edit the one you have). Added a virtual host to service my requests. And as you can notice, also masked it with a Apache Basic digest Auth with the Apache Location directive.

<VirtualHost *:80>      ProxyPass / http://localhost:3838/     ProxyPassReverse / http://localhost:3838/     ProxyPreserveHost On      <Location />         AuthType Basic         AuthName "Restricted Access - Authenticate"         AuthUserFile /etc/httpd/htpasswd.users         Require valid-user     </Location>  </VirtualHost>

Apart from this also edited the shiny-server conf to listen to request from 127.0.0.1 only (localhost only). So in my shiny-server I have the following:

listen 3838 127.0.0.1;

Btw, you wouldn't need this if you are in an Amazon EC2 environment as you can use the security-group setting in your EC2 dashboard to do the same. I did this anyway as a good measure.

This, for now, is enough as we were looking for something very quick & simple.

Now desperately waiting for the awesome RShiny folks to provide auth as a part of the enterprise edition deal.

Hope this helps.

like image 92
shingav Avatar answered Oct 08 '22 10:10

shingav
Sign in to Comment

Related questions

Eliminating NAs from a ggplot
Check if R is running in RStudio
Use hist() function in R to get percentages as opposed to raw frequencies
Parent directory in R
Update data frame via function doesn't work
Subset dataframe by multiple logical conditions of rows to remove
Alternative to expand.grid for data.frames
Detect text language in R
Performant 2D OpenGL graphics in R for fast display of raster image using qtpaint (qt) or rdyncall (SDL/OpenGL) packages?
Saving and incrementally updating nearest-neighbor model in R
Difference between Rscript and littler
knitr gets tricked by data.table `:=` assignment
Is there a more elegant way to convert two-digit years to four-digit years with lubridate?
Variable as a column name in data frame
Uninstall (remove) R package with dependencies
How to write a test for a ggplot plot
How is the feature score(/importance) in the XGBoost package calculated?
Python's equivalent for R's dput() function
Specifying multiple simultaneous output formats in knitr
Change temporary directory

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!