Uploaded image for project: 'SonarLint For IntelliJ'
  1. SonarLint For IntelliJ
  2. SLI-216

Being authenticated should be mandatory to use the SonarLint Connected Mode

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.0
    • Component/s: Connected Mode
    • Labels:

      Description

      It's currently possible to use the SonarLint connected mode without being authenticated if the SonarQube server is configured to allow anonymous access.

      But as soon as we'll make this "Connected Mode" supporting more and more features, allowing both anonymous and authenticated access might lead to some error-prone and unexpected behaviors.

      The first known unexpected side effect is the following one :

      • Configure a SonarQube server to allow anonymous access
      • Install a COBOL plugin and set a valid COBOL license
      • Connect SonarLint to this SonarQube server and bind an Eclipse project to a SonarQube COBOL project
      • Open a COBOL source file and the following error occurs :
        Error during analysis
        org.sonar.api.utils.SonarException: No license for cobol
              at com.sonarsource.cobol.XYZ.A.B.B.A(Unknown Source)
              at com.sonarsource.cobol.XYZ.A.B.B.A(Unknown Source)
              at com.sonarsource.cobol.XYZ.A.B.H.A(Unknown Source)
              at com.sonarsource.cobol.XYZ.A.B.H.A(Unknown Source)
              at com.sonarsource.cobol.XYZ.A.B.I.A(Unknown Source)
              at com.sonarsource.cobol.XYZ.A.B.I.onSensorsPhase(Unknown Source)
              at org.sonarsource.sonarlint.core.analyzer.sensor.SensorsExecutor.execute(SensorsExecutor.java:58)
              at org.sonarsource.sonarlint.core.analyzer.sensor.PhaseExecutor.execute(PhaseExecutor.java:45)
              at org.sonarsource.sonarlint.core.container.analysis.AnalysisContainer.doAfterStart(AnalysisContainer.java:137)
              at org.sonarsource.sonarlint.core.container.ComponentContainer.startComponents(ComponentContainer.java:125)
              at org.sonarsource.sonarlint.core.container.ComponentContainer.execute(ComponentContainer.java:110)
              at org.sonarsource.sonarlint.core.container.storage.StorageGlobalContainer.analyze(StorageGlobalContainer.java:134)
        
              at org.sonarsource.sonarlint.core.ConnectedSonarLintEngineImpl.analyze(ConnectedSonarLintEngineImpl.java:156)
              at org.sonarsource.sonarlint.core.ConnectedSonarLintEngineImpl.analyze(ConnectedSonarLintEngineImpl.java:145)
              at org.sonarlint.eclipse.core.internal.server.Server.startAnalysis(Server.java:180)
              at org.sonarlint.eclipse.core.internal.jobs.AnalyzeProjectJob$1.run(AnalyzeProjectJob.java:374)
        

      Whereas when you're authenticated, such error doesn't happen.

      It will now be mandatory for a user to provide credentials (user/password or token) when creating or editing a connection to a SonarQube server. Still, a server connection that would have been previously specified without any credentials will continue to work.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                duarte.meneses Duarte Meneses
                Reporter:
                freddy.mallet Freddy Mallet (Inactive)
              • Votes:
                1 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: