If you want to access the SonarQube server with LDAP credentials (i.e. with Active Directory Credentials), we need to integrate the SonarQube with LDAP servers. Now, in this article we will discuss the integration process of LDAP with SonarQube. We need to install an LDAP plugin for integration process. This plugin allows the delegation of SonarQube authentication and authorization to an LDAP server (including LDAP Service of Active Directory). So, please make sure to install LDAP plugin in SonarQube before configuring the setup.
Plugin Installation:
The following are the steps to install the LDAP plugin in SonarQube.
- Configuring the integration setup requires a plugin named ‘sonar-ldap-plugin’.
- We can install the plugin through the Marketplace or simply download and place the plugin in ‘$SONARQUBE_HOME/extensions/plugins’ directory.
Configurations:
- After the installation of plugin, we need to configure LDAP plugin by editing the file called ‘$SONARQUBE_HOME/conf/sonar.properties’. We have 3 configurations In the ‘sonar.properties’ file (i.e. General configuration, User mapping and Group mapping). So, in order to configure the plugin, we must provide the values of the parameters specified below for all configurations in ‘sonar.properties’ file.
# LDAP configuration # General Configuration sonar.security.realm=LDAP ldap.url=ldap://myserver.mycompany.com ldap.bindDn=my_bind_dn ldap.bindPassword=my_bind_password # User Configuration ldap.user.baseDn=ou=Users,dc=mycompany,dc=com ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login})) ldap.user.realNameAttribute=cn ldap.user.emailAttribute=mail # Group Configuration ldap.group.baseDn=ou=Groups,dc=sonarsource,dc=com ldap.group.request=(&(objectClass=posixGroup)(memberUid={uid}))
Please also check the image below as an example to fill in along with parameter values.
2. Once the values of the parameters are provided, restart the SonarQube server and check the log file for:
3. When the test LDAP connection is OK, try logging in with the LDAP credentials into SonarQube.
Conclusion:
Integration of SonarQube with Active Directory (LDAP) allows authentication and authorisation against both the external and the internal authentication systems.