With Shiny Server Pro, you can restrict access to applications by organizing them into location
s, then using the required_user
or required_group
directive to specify who should be able to see the apps in each location
. For example:
/etc/shiny-server/shiny-server.conf
run_as shiny;
auth_passwd_file /etc/shiny-server/passwd;
log_dir /var/log/shiny-server;
# Define a server that listens on port 3838
server {
listen 3838;
# Define a location at the URL "/example1"
location /example1 {
site_dir /srv/shiny-server/example1;
required_user bob jane maria;
}
# Define a location at the URL "/example2"
location /example2 {
site_dir /srv/shiny-server/example2;
}
# Define a location at the URL "/example3"
location /example3 {
site_dir /srv/shiny-server/example3;
required_user andy beatrice;
}
}
# Provide the admin interface on port 4151.
admin 4151 {
required_user admin;
}
This configuration uses flat-file authentication and three locations.
- Location
/example1
is restricted to the users bob, jane, and maria. All applications deployed as subdirectories under/srv/shiny-server/example1
will only be accessible to those three users. - Location
/example2
is not restricted. All applications deployed as subdirectories under/srv/shiny-server/example2
are open to all users; these applications will not require a login. - Location
/example3
is restricted to andy and beatrice. All applications deployed as subdirectories under/srv/shiny-server/example3
will only be accessible to those two users.
This pattern holds true for any type of authentication, not just flat-file auth. If you are using PAM, LDAP, or AD authentication, you could choose to use the required_group
directive to restrict a location to members of a particular group, instead of listing out each user in the required_user
directive. For instance, this configuration would restrict the example4 location to the users in a group called shiny_group:
# Define a location at the URL "/example4"
location /example4 {
site_dir /srv/shiny-server/example4;
required_group shiny_group;
}
Comments