Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-5430

User authentication by HTTP header



      User authentication can be achieved through third-party systems (proxies/servers) in front of SQ server. HTTP requests reach SQ server after being authenticated and include HTTP headers containing user information (login but also optional fields like name or email).

      This mechanism is named "Remote User Token Authentication" in Nexus : http://books.sonatype.com/nexus-book/reference/rutauth.html.

      Here are the list of properties that will be added in sonar.properties to active this feature :

      # Enable authentication using HTTP headers
      # Name of the header to get the user login.
      # Only alphanumeric, '.' and '@' characters are allowed
      # Name of the header to get the user name
      # Name of the header to get the user email (optional)
      # Name of the header to get the list of user groups, separated by comma (optional).
      # If the sonar.sso.groupsHeader is set, the user will belong to those groups if groups exist in SonarQube. 
      # If none of the provided groups exists in SonarQube, the user won't belong to any group.
      # Note that the default group will NOT be automatically added when using SSO, it should be provided in the groups list, if needed.
      # Interval used to know when to refresh name, email and groups.
      # During this interval, if for instance the name of the user is changed in the header, it will only be updated after X minutes.


        1. apache_login.png
          146 kB
        2. logged_in.png
          131 kB
        3. config.png
          368 kB

          Issue Links



              • Assignee:
                julien.lancelot Julien Lancelot
                simon.brandhof Simon Brandhof (Inactive)
              • Votes:
                16 Vote for this issue
                24 Start watching this issue


                • Due: