I'm setting up a prototype cBioPortal environment, and I'd like to implement a very basic username and password access restriction in front of it. I don't need users to be able to sign up, just to block access to all but a specific list of usernames and passwords.
Has anyone tried to do this before? If so, what's the recommended approach? I've thought about just having an Apache server in front of the cBioPortal instance and proxying to it, and using Apache basic authentication, but if I'm using the docker-compose setup this might get a bit fiddly.
I've read through the authentication and authorisation section of the documentation here:
but these approaches (Keycloak, SAML) seem quite heavyweight and require configuration of other services. I'd like to avoid doing this if I possibly can for this initial setup.