问题
I've setup proxied authentication for RStudio Server.
RStudio Server is redirecting to a middleware implemented using Express JS The middleware creates a request to the authentication server and then parses the response from it.
Then the middleware adds the X-RStudio-Username header to the response, which is a re-direction to the RStudio. However, the header is added to the response from the middleware, and then the browser doesn't keep it when it redirects to RStudio Server
Since the browser request doesn't have the required header, RStudio requests the authentication again creating an infinite loop
How should I approach this case?
What would be the best way to add the required header for RStudio Server?
回答1:
The browser won't add this header for you. You need to add it in the layer that proxies traffic through to RStudio Server. If you don't have such a layer already, you will need to add it using e.g. Nginx. This layer could authenticate the request using whatever mechanism your auth provider supports and add the X-RStudio-Username header (which we recommend renaming for security reasons).
Since you're using RStudio Server Pro, our support team would be happy to help you with this:
support@rstudio.com
You'll also be glad to know that we're working on SAML support for an upcoming release of RStudio Server Pro!
来源:https://stackoverflow.com/questions/60197971/rstudio-proxied-authetication