Enabling LDAP prevent Sonar Qube from starting

SonarQube 9.9 LTS Upgrade
1

Make sure to tell us:

  • What version are you upgrading from?
    I upgraded from 9.7.1 to 9.9.1
  • System information (Operating system, Java version, Database provider/version)
    Windows 2016 Data Center, Microsoft OpenJDK 17.0.9 - Postgres 12.5
  • What’s the issue you’re facing?
    Once I upgrade to 9.9.1 I reviewed the configuration files from 9.7.1, But I forget to enable LDAP. I was able to logon with the local admin account. Everything looked good. When I tried to log on with LDAP account I realized I forgot to uncomment sonar.security.realm=LDAP. Once I did that and restart it crash with a hard STOP.
    sonar.LDAP.log (107.4 KB)
2

Hi,

It looks like you shut SonarQube down (abruptly?) and then tried to restart it before all the child processes had shut down.

Port 9001 is, by default, the port Elasticsearch uses. So this logging:

2023.10.27 18:03:26 DEBUG app[][o.a.h.i.n.c.InternalHttpAsyncClient] [exchange: 1] Request connection for {}->http://127.0.0.1:9001
2023.10.27 18:03:26 DEBUG app[][o.a.h.i.n.c.PoolingNHttpClientConnectionManager] Connection request: [route: {}->http://127.0.0.1:9001][total kept alive: 0; route allocated: 0 of 10; total allocated: 0 of 30]
2023.10.27 18:03:26 DEBUG app[][o.a.h.i.n.c.PoolingNHttpClientConnectionManager] Connection request failed
java.net.ConnectException: Connection refused: no further information
	at java.base/sun.nio.ch.Net.pollConnect(Native Method)
	at java.base/sun.nio.ch.Net.pollConnectNow(Net.java:672)
	at java.base/sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:946)
	at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.processEvent(DefaultConnectingIOReactor.java:174)
	at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.processEvents(DefaultConnectingIOReactor.java:148)
	at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor.execute(AbstractMultiworkerIOReactor.java:351)
	at org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager.execute(PoolingNHttpClientConnectionManager.java:221)
	at org.apache.http.impl.nio.client.CloseableHttpAsyncClientBase$1.run(CloseableHttpAsyncClientBase.java:64)
	at java.base/java.lang.Thread.run(Thread.java:840)
2023.10.27 18:03:26 DEBUG app[][o.a.h.i.n.c.InternalHttpAsyncClient] [exchange: 1] connection request failed
2023.10.27 18:03:26 DEBUG app[][o.e.c.RestClient] request [GET http://127.0.0.1:9001/] failed
java.net.ConnectException: Connection refused: no further information
	at java.base/sun.nio.ch.Net.pollConnect(Native Method)
	at java.base/sun.nio.ch.Net.pollConnectNow(Net.java:672)
	at java.base/sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:946)
	at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.processEvent(DefaultConnectingIOReactor.java:174)
	at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.processEvents(DefaultConnectingIOReactor.java:148)
	at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor.execute(AbstractMultiworkerIOReactor.java:351)
	at org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager.execute(PoolingNHttpClientConnectionManager.java:221)
	at org.apache.http.impl.nio.client.CloseableHttpAsyncClientBase$1.run(CloseableHttpAsyncClientBase.java:64)
	at java.base/java.lang.Thread.run(Thread.java:840)

Is telling you there’s a problem with Elasticsearch. You can probably find more detail in $SONARQUBE-HOME/logs/es.log.

 
HTH,
Ann

3

So I have enable LDAP and restarted the process. I have attached both sonar.log and es.log.

I also just realized I am running the wrong version.

  • Community Edition
  • Version 9.9.1 (build 69595)

I am going to upgrade to Enterprise 9.9.2 (LTS)

es.log (398.4 KB)
sonar.log (107.4 KB)

4

I have upgraded to LTS 9.9.2 and I am having the same issues. I had to disable the LDAP security realm to get the site online. I can log in with local admin username and password. If they any additional log you would like me to acquire, please let me know.

5

Hi,

What shows up in web.log?

 
Ann

6

Please find the web log attached. I didn’t see any glaring error messages.

web.log (1.7 MB)

7

Looking over the console output I see the following JAVA warning:
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.sonar.process.PluginSecurityManager (file:/C:/SonarQube/ent9.9.2/lib/sonar-application-9.9.2.77730.jar)
WARNING: Please consider reporting this to the maintainers of org.sonar.process.PluginSecurityManager
WARNING: System::setSecurityManager will be removed in a future release

I am wondering if this warning is causing the LDAP plugin to not work.

8

Hi,

That WARNING is a red herring. You can safely ignore it.

It’s a lot easier to read your web.log, when I filter out the TRACE and DEBUG logging. :slight_smile: FYI, DEBUG can be useful when your instance is running and you’re having a problem logging in. I’ve yet to see a situation where TRACE logging was needed.

So with the log whittled down, it’s easy to find the exception, and in the exception message:

The property 'ldap.user.baseDn' property is empty while it is mandatory.

As I said, it’s easiest to get a standalone LDAP client to perfect your connection settings and then configure those setting into SonarQube.

 
HTH,
Ann

9

You are correct. The ldap.user.baseDN was blank.

10

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.