How to setup SAML with ldap request group

Hi community,

i have a question for you.

actually, i have a configuration in my config file.

|ldap.user.request=(&(objectCategory=Person)(sAMAccountName={login})(|(memberof=CN=DEV-UTILISATEUR-test,OU=Applications,OU=CORPO,OU=Groupes,DC=qc,DC=ca)(memberof=CN=DEV-ADMINISTRATEUR-test,OU=Applications,OU=CORPO,OU=Groupes,DC=qc,DC=ca)))

when i try to log in with LDAP, my user need has a member of DEV-UTILISATEUR-test ou Administrateur.

so, when i pass with SAML login, this validation in ldap.user.request are not checked … i am automatic logged in.

do you have some idea ?

Regards,
Sébastien

Hi @Mortagne,

Stupid question, but: is the | in front of |ldap.user.request a copy-paste error, or is it actually what you have in your configuration file? If the latter, can you remove it and restart SonarQube?

If the line is correct, did you try this search using some other tool? For instance, an LDAP CLI? Or perhaps some other service is also using this query for authentication? This could help validate the issue is indeed on SonarQube’s side, and not some configuration problem on LDAP.