I want to privately share a Shiny App among my project team members without anyone else being able to access the App and the data within it. I was thinking of deploying it at shinyapps.io using a password prompt built in the App. Is this secure enough? What is the most secure way to do this?
Related
I am trying to run the Rstudio Server on a virtual Instance running Ubuntu on Google Cloud. Given that by default, a user on google cloud does not have a sudo password on Google Cloud, connecting to the server with username/password is not directly available.
Several tutorials (see tuto 1, tuto2 and tuto 3) suggest creating a new user, which will come with username/password, hence allowing to use standard username/password with Rstudio Server. This solution raises however several issues, like access/write permission, different R package folder, difficulties to connect to new user, etc.
Is there a way to connect to the Rstudio server without creating a new user? I guess a possible way would be to add a password to the default user in Google Cloud, although this seems also difficult per se (old thread on this)?
Thanks!
I built an ERP for a small company using Django 1.11. They are expanding now and have other companies joining them and now also use the system I built.
The problem now is that some of the companies do not want their employees to be able to work from outside of the company's premises; remotely. Is there a way to achieve this on the Django application? Is there a way to tweak the Django's allowed_host setting for this purpose? Should I be checking for the location of the user connecting to the app? If so, how do I prevent the app from being fooled by those using a VPN service?
I am developing an application, which is using a mySQL database for login information's. For connecting to the database, I need the mySQL login data. I think, its a bad idea to distribute the mySQL login data with the app, so my question is, what is the common approach for that. I don't like to have a server running, which acts as a login server or whatever. So, how can you secure that login data in the application. Is it even possible, somehow? The user should not be able to read that login data out.
I read Hiding MySQL Credentials in Application, but they suggest a server running, which I would like to avoid...
Thanks in advance
Could you read the credentials from an external file local to the server? That way, you can distribute your application and include instructions to enter the correct credentials in a configuration file before running the application.
I have a SharePoint server running on my network and I am trying to build an app in Delphi which allows me to access the various SharePoint Web Services hosted there.
Running my app on the same network as the SharePoint server works fine, however, when I attempt to run it on a VM which is not part of the same Domain I can't get authenticated. I was looking for some advice as to how I should be handling authentication for this type of scenario, more specifically, should I be prompting the user for their credentials or is there some built in security model I can use for this?
Ideally I would like to try avoid dealing with Usernames & Passwords in my app and let the OS handle that sort of thing, however, at the moment I can't seem to see any other way around this.
After some investigation, for my particular scenario I decided that the best approach would be to use WinINet. I chose this approach over Indy because after some thorough investigation I found Indy did have some bugs & also it didn't have all the authentication handling we needed built in.
WinINet supports prompting for credentials & automatically authenticating across the wire. See Handling Authentication.
Hi All I am working on a single sign on system which a load of other web applications will use as its membership provider. I currently have the system up and running in ASP.NET MVC and everything works well, users can log into an application once and have access to all the other apps through that login cookie.
The problem is that users dont all have access to the same apps, this is currently handled at login and if they dont have access to the app they are denied. However with the cookie being set automatically by asp membership, if they do login to an application they have access to they are then given access to all the other apps via the cookie, including the ones they dont have access to.
Any ideas on how to fix this? Ideally I want the cookie to remain as part of the process as I like the idea of a user logging in just once to access all the apps they have. Ideally the applications will maintain the login details but check a webservice if those details have access to that app? I wont have access to the individual applications (they all use standard out the box asp membership, only the web config is altered to point to my system) and all this must be managed by the Signle Sign On area.
Many thanks in advance to those who contribute!
How about setting the names differently for each of the apps that use the membership system?