SonarQube Plugins
  1. SonarQube Plugins
  2. SONARPLUGINS-2793

Authenticate against multiple LDAP/Active Directory Servers

    Details

    • Type: New Feature New Feature
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: LDAP-1.2.1
    • Fix Version/s: LDAP-1.3
    • Component/s: LDAP
    • Labels:
      None
    • Number of attachments :
      0

      Description

      Enable users from different domains to log in to sonar with their domain account.
      So we need to configure multiple LDAP server to authenticate the user with.

      Configuration example:

      ldap.servers=dept1,dept2
      
      ldap.dept1.url=ldap://dept1:1389
      ldap.dept1.user.baseDn=dc=dept1,dc=com
      
      ldap.dept2.url=ldap://dept2:1389
      ldap.dept2.user.baseDn=dc=dept2,dc=com
      

        Issue Links

          Activity

          Hide
          Julien HENRY added a comment -

          The current implementation consists at trying each LDAP server in declaration order until a matching user is found. For group mapping this is the same: the first LDAP server containing the user will be queried for its groups. There is no aggregation of groups from several LDAP.

          Show
          Julien HENRY added a comment - The current implementation consists at trying each LDAP server in declaration order until a matching user is found. For group mapping this is the same: the first LDAP server containing the user will be queried for its groups. There is no aggregation of groups from several LDAP.
          Hide
          Freddy Mallet added a comment - - edited

          Works well Julien, could you just cover the following use cases :

          • Interrupt the Sonar server startup when the property ldap.url is not defined and when the auto-discovery mechanism doesn't manage to find any LDAP server. Error message : "The property 'ldap.url' property is empty and SonarQube is not able to auto-discover any LDAP server."
          • Log the following INFO message when the property 'ldap.user.baseDn' is not defined: "User names and emails will not be synchronized because property 'ldap.user.baseDn' is empty"
          • Interrupt the Sonar server startup when mixing the definition of one and multiple LDAP servers. Error message : "When defining multiple LDAP servers with the property 'ldap.servers', all LDAP properties must be linked to one of those servers and this is not the case of the following properties : 'ldap.url', ... "
          • Log the following info message when starting SonarQube : "Configuring SonarQube server to use LDAP server(s): http://mlkjqdsf, http://mlkqdsf, ..."
          Show
          Freddy Mallet added a comment - - edited Works well Julien, could you just cover the following use cases : Interrupt the Sonar server startup when the property ldap.url is not defined and when the auto-discovery mechanism doesn't manage to find any LDAP server. Error message : "The property 'ldap.url' property is empty and SonarQube is not able to auto-discover any LDAP server." Log the following INFO message when the property 'ldap.user.baseDn' is not defined: "User names and emails will not be synchronized because property 'ldap.user.baseDn' is empty" Interrupt the Sonar server startup when mixing the definition of one and multiple LDAP servers. Error message : "When defining multiple LDAP servers with the property 'ldap.servers', all LDAP properties must be linked to one of those servers and this is not the case of the following properties : 'ldap.url', ... " Log the following info message when starting SonarQube : "Configuring SonarQube server to use LDAP server(s): http://mlkjqdsf , http://mlkqdsf , ..."
          Hide
          Julien HENRY added a comment -

          Done except for last point where I choose to display URL at the same time as the test connection log.

          Show
          Julien HENRY added a comment - Done except for last point where I choose to display URL at the same time as the test connection log.
          Hide
          Freddy Mallet added a comment -

          Manually tested !

          Show
          Freddy Mallet added a comment - Manually tested !
          Hide
          Julien HENRY added a comment -

          IT added

          Show
          Julien HENRY added a comment - IT added

            People

            • Assignee:
              Julien HENRY
              Reporter:
              Robby Decosemaeker
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: