klepak/nova-ad-auth

There is no license information available for the latest version (v1.0) of this package.

Laravel Nova AD Authentication with SSO in IIS

Maintainers

Details

github.com/klepak/nova-ad-auth

Source

Issues

Installs: 4

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 0

Open Issues: 0

Type:project

v1.0 2019-03-30 19:50 UTC

Requires

Unknown License c049ce07c2b75b59e72bf36224ce07208199b636

  • Knut Leborg <knut.woop@lepa.no>

This package is auto-updated.

Last update: 2024-04-24 20:47:03 UTC

README

composer require nova-ad-auth

Add package provider after Nova provider in app.php

    'providers' => [
    
        ...

        App\Providers\NovaServiceProvider::class,
        Klepak\NovaAdAuth\AdAuthenticationServiceProvider::class,
    ];

Add to EventServiceProvider

    use Adldap\Laravel\Events\AuthenticatedWithWindows;
    use Klepak\NovaAdAuth\Listeners\SynchronizeUserPermissions;
    use Klepak\NovaAdAuth\Listeners\SynchronizeUserThumbnail;

    ...

    protected $listen = [
        
        ...

        AuthenticatedWithWindows::class => [
            SynchronizeUserPermissions::class,
            SynchronizeUserThumbnail::class,
        ],
    ];

Add route middleware in Kernel.php

protected $routeMiddleware = [
    
    ...

    'auth.sso' => \Adldap\Laravel\Middleware\WindowsAuthenticate::class,
    'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class,
    'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class,
];

Publish assets

php artisan vendor:publish --provider="Klepak\NovaAdAuth\AdAuthenticationServiceProvider" --force

NOTE: this will replace your existing auth and adldap config

Configure SSO

  • Create a directory in your public folder called sso
  • Copy your index.php to this directory, and add an additional ../ to all paths
  • Create file called web.config in this directory, with following contents:
    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
        <system.webServer>
            <security>
                <authentication>
                    <windowsAuthentication enabled="true" />
                    <anonymousAuthentication enabled="false" />
                </authentication>
            </security>
            <rewrite>
                <rules>
                    <clear />
                    <rule name="Rewrite" enabled="true" stopProcessing="true">
                        <match url="^(?!storage)" ignoreCase="false" />
                        <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                            <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
                        </conditions>
                        <action type="Rewrite" url="index.php" appendQueryString="true" />
                    </rule>
                </rules>
            </rewrite>
        </system.webServer>
    </configuration>