SonarQube Plugins
  1. SonarQube Plugins
  2. SONARPLUGINS-2793

Authenticate against multiple LDAP/Active Directory Servers

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: LDAP-1.2.1
    • Fix Version/s: LDAP-1.3
    • Component/s: LDAP
    • Labels:
      None

      Description

      Enable users from different domains to log in to sonar with their domain account.
      So we need to configure multiple LDAP server to authenticate the user with.

      Configuration example:

      ldap.servers=dept1,dept2
      
      ldap.dept1.url=ldap://dept1:1389
      ldap.dept1.user.baseDn=dc=dept1,dc=com
      
      ldap.dept2.url=ldap://dept2:1389
      ldap.dept2.user.baseDn=dc=dept2,dc=com
      

        Issue Links

          Activity

          Hide
          OLD - Julien HENRY added a comment -

          The current implementation consists at trying each LDAP server in declaration order until a matching user is found. For group mapping this is the same: the first LDAP server containing the user will be queried for its groups. There is no aggregation of groups from several LDAP.

          Show
          OLD - Julien HENRY added a comment - The current implementation consists at trying each LDAP server in declaration order until a matching user is found. For group mapping this is the same: the first LDAP server containing the user will be queried for its groups. There is no aggregation of groups from several LDAP.
          Hide
          Freddy Mallet added a comment - - edited

          Works well Julien, could you just cover the following use cases :

          • Interrupt the Sonar server startup when the property ldap.url is not defined and when the auto-discovery mechanism doesn't manage to find any LDAP server. Error message : "The property 'ldap.url' property is empty and SonarQube is not able to auto-discover any LDAP server."
          • Log the following INFO message when the property 'ldap.user.baseDn' is not defined: "User names and emails will not be synchronized because property 'ldap.user.baseDn' is empty"
          • Interrupt the Sonar server startup when mixing the definition of one and multiple LDAP servers. Error message : "When defining multiple LDAP servers with the property 'ldap.servers', all LDAP properties must be linked to one of those servers and this is not the case of the following properties : 'ldap.url', ... "
          • Log the following info message when starting SonarQube : "Configuring SonarQube server to use LDAP server(s): http://mlkjqdsf, http://mlkqdsf, ..."
          Show
          Freddy Mallet added a comment - - edited Works well Julien, could you just cover the following use cases : Interrupt the Sonar server startup when the property ldap.url is not defined and when the auto-discovery mechanism doesn't manage to find any LDAP server. Error message : "The property 'ldap.url' property is empty and SonarQube is not able to auto-discover any LDAP server." Log the following INFO message when the property 'ldap.user.baseDn' is not defined: "User names and emails will not be synchronized because property 'ldap.user.baseDn' is empty" Interrupt the Sonar server startup when mixing the definition of one and multiple LDAP servers. Error message : "When defining multiple LDAP servers with the property 'ldap.servers', all LDAP properties must be linked to one of those servers and this is not the case of the following properties : 'ldap.url', ... " Log the following info message when starting SonarQube : "Configuring SonarQube server to use LDAP server(s): http://mlkjqdsf , http://mlkqdsf , ..."
          Hide
          OLD - Julien HENRY added a comment -

          Done except for last point where I choose to display URL at the same time as the test connection log.

          Show
          OLD - Julien HENRY added a comment - Done except for last point where I choose to display URL at the same time as the test connection log.
          Hide
          Freddy Mallet added a comment -

          Manually tested !

          Show
          Freddy Mallet added a comment - Manually tested !
          Hide
          OLD - Julien HENRY added a comment -

          IT added

          Show
          OLD - Julien HENRY added a comment - IT added

            People

            • Assignee:
              OLD - Julien HENRY
              Reporter:
              Robby Decosemaeker
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: