I have set up SonarQube 7.5 on a Windows 2016 Server.
I’m using IIS as a reverse-proxy with URLRewrite module to access SonarQube with https (SSL).
I have configured the LDAP integration with Active Directory.
It works because if i enter my AD userrname and password, i can log into SonarQube.
But i’d like to achieve SSO, so that i wouldn’t have to login again in SonarQube (my current login should be used automatically and i shouldn’t have to log in again).
If i go with my own reverse-proxy solution, i need it to be able to send the X-Forwarded-Groups header if i want some users to be in an administrators group instead of all users being in the default group : #Name of the header to get the list of user groups, separated by comma (optional).
If the sonar.sso.groupsHeader is set, the user will belong to those groups if groups exist in SonarQube.
If none of the provided groups exists in SonarQube, the user will only belong to the default group.
Users will always be assigned to the default group.
If you want them to also be assigned to other groups, you need indeed to use sonar.sso.groupsHeader.