klepak/nova-ad-auth

There is no license information available for the latest version (v1.0) of this package.

Laravel Nova AD Authentication with SSO in IIS

v1.0 2019-03-30 19:50 UTC

This package is auto-updated.

Last update: 2024-12-24 22:11:02 UTC


README

composer require nova-ad-auth

Add package provider after Nova provider in app.php

    'providers' => [
    
        ...

        App\Providers\NovaServiceProvider::class,
        Klepak\NovaAdAuth\AdAuthenticationServiceProvider::class,
    ];

Add to EventServiceProvider

    use Adldap\Laravel\Events\AuthenticatedWithWindows;
    use Klepak\NovaAdAuth\Listeners\SynchronizeUserPermissions;
    use Klepak\NovaAdAuth\Listeners\SynchronizeUserThumbnail;

    ...

    protected $listen = [
        
        ...

        AuthenticatedWithWindows::class => [
            SynchronizeUserPermissions::class,
            SynchronizeUserThumbnail::class,
        ],
    ];

Add route middleware in Kernel.php

protected $routeMiddleware = [
    
    ...

    'auth.sso' => \Adldap\Laravel\Middleware\WindowsAuthenticate::class,
    'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class,
    'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class,
];

Publish assets

php artisan vendor:publish --provider="Klepak\NovaAdAuth\AdAuthenticationServiceProvider" --force

NOTE: this will replace your existing auth and adldap config

Configure SSO

  • Create a directory in your public folder called sso
  • Copy your index.php to this directory, and add an additional ../ to all paths
  • Create file called web.config in this directory, with following contents:
    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
        <system.webServer>
            <security>
                <authentication>
                    <windowsAuthentication enabled="true" />
                    <anonymousAuthentication enabled="false" />
                </authentication>
            </security>
            <rewrite>
                <rules>
                    <clear />
                    <rule name="Rewrite" enabled="true" stopProcessing="true">
                        <match url="^(?!storage)" ignoreCase="false" />
                        <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                            <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
                        </conditions>
                        <action type="Rewrite" url="index.php" appendQueryString="true" />
                    </rule>
                </rules>
            </rewrite>
        </system.webServer>
    </configuration>