Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-3138

Fallback to Sonar database if external security provider failed

    Details

      Description

      We want to use local sonar build-in users database and additionally ldap. At the moment only either or works.
      E.g for the sionar pdf report plugin you need an sonar user account, because the plugin uses api which need authentification. Here we want to use a local sonar account and not need to create ldap account for it.
      Secondly we need a local "backup" user account for an ldap account, in case ldap fails, and without having to change the sonar.authenticator.class

      Maybe the ldap Plugin can support to have several sonar.authenticator.class, e.g
      sonar.authenticator.class: org.sonar.plugins.ldap.LdapAuthenticator, org.sonar.EmbeddedAuthenticator

        Issue Links

          Activity

          Hide
          godin OLD - Evgeny Mandrikov added a comment -

          Integration tests added.

          Show
          godin OLD - Evgeny Mandrikov added a comment - Integration tests added.
          Hide
          freddy.mallet Freddy Mallet added a comment -

          Don't know why but this feature doesn't work with the LDAP plugin.

          Show
          freddy.mallet Freddy Mallet added a comment - Don't know why but this feature doesn't work with the LDAP plugin.
          Hide
          godin OLD - Evgeny Mandrikov added a comment -

          Indeed Freddy, seems that following use-case doesn't work and was not covered by integration tests :

          1. set "sonar.security.savePassword" to "false" (default value)
          2. create local Sonar user, which doesn't exist in external system, e.g. username "foo" with a password "12345"
          3. try to login => fails, whereas we expecting success

          I'm going to fix this and update integration tests.

          Show
          godin OLD - Evgeny Mandrikov added a comment - Indeed Freddy, seems that following use-case doesn't work and was not covered by integration tests : set "sonar.security.savePassword" to "false" (default value) create local Sonar user, which doesn't exist in external system, e.g. username "foo" with a password "12345" try to login => fails, whereas we expecting success I'm going to fix this and update integration tests.
          Hide
          godin OLD - Evgeny Mandrikov added a comment -

          Bug was on plugin side, so I fixed it as part of SONARPLUGINS-1311 in r5110.
          Integration tests updated.

          Show
          godin OLD - Evgeny Mandrikov added a comment - Bug was on plugin side, so I fixed it as part of SONARPLUGINS-1311 in r5110 . Integration tests updated.
          Hide
          freddy.mallet Freddy Mallet added a comment -

          Manually tested

          Show
          freddy.mallet Freddy Mallet added a comment - Manually tested

            People

            • Assignee:
              godin OLD - Evgeny Mandrikov
              Reporter:
              cforce cforce
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: