attack-navigator icon indicating copy to clipboard operation
attack-navigator copied to clipboard

Published 20 hours ago verified publisher icon mitre-attack

Offline Navigator Authentication

Open leftytwoeyes opened this issue 4 years ago • 2 comments
trafficstars

Request to implement AADFS Authentication for on-prem hosted Navigator. Failed to implement following the below tutorial

https://docs.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-angular

leftytwoeyes avatar May 25 '21 16:05 leftytwoeyes

The Navigator is a clientside only application, so authentication is definitely possible without actual code changes to the application. If you use the compile for use elsewhere instructions you will essentially end up with a series of static files (HTML, CSS and Javascript) to serve to the client. You can then host these using your webserver of choice, and use built in authentication/authorization features to restrict access to those files. For example, here's instructions for how to do so in apache.

Built-in authentication and authorization is a feature we may eventually add so I will keep this issue open, but it's definitely possible to get this working with the current codebase.

isaisabel avatar May 25 '21 17:05 isaisabel