Container Sharing : Users Seeing Other Sessions Informations

[adanba]

Hello,

I'm using ShinyProxy 3.1.1 (backend with Docker) with the multi-users per container feature enabled (seats-per-container = 5) and minimum available seats (minimum-seats-available = 3). Authentication is managed through Keycloak.

I've encountered a strange issue with this setup: sometimes, users end up seeing other users' sessions, including their user ID on the screen, credentials (HTTP_X_SP_USERID, HTTP_X_SP_USERGROUPS).

Example:
User A connects and is assigned Seat 1, seeing their correct username.
User B connects but is assigned an unexpected seat and sees User A's username instead of their own.
Do you have any insights into what might be causing this behavior? Any guidance would be appreciated.

Thanks!

[LEDfan]

Hi, thanks for opening this issue!

I'm not yet able to reproduce it yet, but of course we want to fix this. Could you provide the following information:

• are you using the redis backend?
• how often does this happen, e.g. is it once a week, or does it happen very often? (this is just useful to know for reproducing, we will fix it in any case)
• we have a sanity check in the code, that checks whether shinyproxy is proxying to the correct proxy, I extended this check to also check the headers. Could you try image openanalytics/shinyproxy-snapshot:3.1.1-20250221.091902 and check whether you see the following warning:

Invalid proxy state, userId user1, does not match user1 in header

[LEDfan]

Hi @adanba did you already have some time to look into the above questions?
A user with a similar report (#539) was running multiple instances of the shinyproxy operator, which caused this issue. Could you check whether you have a similar issue with your deployment? For example, are you running multiple ShinyProxy issues without properly enabling Redis?

[LEDfan]

Hi @adanba any news on this? We really want to fix this issue before the next release, but we'd need more information.