Jupyter and VSCode, which are often used in OOD, have authentication functions within their applications. OOD provides these applications to users with one-time passwords.
My question is how to securely provide users with a web application that does not have such authentication functions. For example, you can launch Remote Desktop inside a compute node and access any applications running on another node without authentication (assuming you know the host name and port number).
Does OOD provide a way to use such applications securely?
For example, is it possible to add BASIC authentication when starting an application?
OOD does not provide an authentication mechanism for the apps currently as you describe.
Codeserver and Jupyter come with their own HTTP servers and auth mechanisms, so we provide a workaround like you said with those to still get in. It should be noted though that even when they do provide BASIC auth, this is still not secure as it is an insecure mechanism to share credentials.