Hi there,
I've been struggling to get RStudio Server Pro proxied authentication working. I have the /etc/rstudio/rserver.conf setup to proxy authentication, e.g.:
auth-proxy=1
auth-proxy-sign-in-url=https://localhost:8443/auth/login
That's an ExpressJS app I'm using to authenticate with AWS Cognito, but it seems RStudio is ignoring the X-RStudio-Username header I'm returning (or I don't understand what I'm doing).
I tried a simple test just with curl on the same host as RStudio, like so:
ubuntu@ip-172-31-78-107:/etc/rstudio$ curl -X GET -k -H 'X-RStudio-Username: testput' -i 'https://localhost/'
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 15 Aug 2020 00:26:28 GMT
Content-Type: text/html
Content-Length: 56
Connection: keep-alive
Set-Cookie: user-id=; expires=Thu, 13 Aug 2020 23:59:59 GMT; path=/; HttpOnly; secure
Set-Cookie: persist-auth=; expires=Thu, 13 Aug 2020 23:59:59 GMT; path=/; HttpOnly; secure
Location: https://localhost/auth-sign-in?appUri=%2F
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
https://localhost/auth-sign-in?appUri=%2F
Note that the redirect is to the vanilla RStudio login page: https://localhost/auth-sign-in, not my custom auth proxy (which ends in /auth/login)
Note, too that RStudio logs show it receiving the header (user "testput"):
ubuntu@ip-172-31-78-107:~$ tail /var/log/rstudio-server/rserver-http-access.log
127.0.0.1 - - [14/Aug/2020:23:16:15 +0000] "GET / HTTP/1.1" 302 56 "-" "curl/7.58.0" "testput"
127.0.0.1 - - [14/Aug/2020:23:16:50 +0000] "GET / HTTP/1.1" 302 56 "-" "curl/7.58.0" "testput"
At this point I've tried several things over three days, and RStudio support doesn't know what to do either.
Regards, --Jim Abraham