Hi this is more question of code security, rather than a question about a directly coding related problem. But I was wondering is it possible to see the code in ui.R and the server.R and that generates the app web browser page?
e.g. Although I’m sure I could just ask Garrett to see the code…is it possible, without authorisation, to somehow see the code related to this URL http://glimmer.rstudio.com/gsee/TFX/ which is running the a shinny app? As this might be a problem if putting up sensitive data/code etc.
Is there a way to add a secure username and password to shinny apps? so that only selected users can access the app?
I know obviously you can see code that run shinny apps from gists, but was more curious about glimmer apps.
P.S. Garrett (if you see this), im just using your app as a good app example…as it uses glimmer…, and in my opinion its attractive code.
As you talk about shiny applications that run on
glimmer.rstudio.com, you talk about applications that run on shiny server (in contrary to applications run locally via a call torunApp).A such, both
ui.Randserver.Rare located on the server, and they are not downloaded to your computer when you run it. Moreover, they seem to be protected by shiny, as if you try to access them via an URL, such as http://shinyserver.example.com/app/server.R, all you will get is an HTTP 404 error.So, in the same way that it is not possible to access the PHP or Ruby files that power a website or web applications, you can’t, for obvious security reasons, access the R files behind a shiny application.
As for protecting access to a shiny application, I’m not sure it is a builtin feature in shiny server yet, but if you run it behind an Apache or Nginx proxy it should be possible to use HTTP authentication for that.
Note : I’m not a shiny expert at all, so this answer could be partially wrong. I just hope not totally 🙂