LDAP configuration

We had used our credentials in order to login to the application, now we would like to have SSO via LDAP, I have addded following lines to the properties.conf

# LDAP CONFIGURATION
sonar.security.realm=LDAP
ldap.url=ldaps://ldappw.ua.com:636
ldap.bindDn=
ldap.bindPassword=

ldap.user.baseDn=dc=companyName,dc=DOMAIN
ldap.user.request=(&(sAMAccountName={0}))
ldap.user.realNameAttribute=name
ldap.user.emailAttribute=mail

ldap.group.request=(objectClass=group)
ldap.group.idAttribute=cn

but we are getting errors in the log

022.07.22 09:23:46 ERROR webBackground initialization failed. Stopping SonarQube
org.sonar.api.utils.SonarException: Security realm fails to start: null
	at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:93)
	at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40)
	at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
	at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
	at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
	at org.picocontainer.behaviors.Stored.start(Stored.java:110)
	at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
	at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
	at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
	at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:90)
	at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:583)
	at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:213)
	at org.sonar.server.platform.PlatformImpl.startLevel34Containers(PlatformImpl.java:187)
	at org.sonar.server.platform.PlatformImpl$1.lambda$doRun$0(PlatformImpl.java:120)
	at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.runIfNotAborted(PlatformImpl.java:370)
	at org.sonar.server.platform.PlatformImpl$1.doRun(PlatformImpl.java:120)
	at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.run(PlatformImpl.java:354)
	at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.lang.NullPointerException: null
	at org.sonar.auth.ldap.LdapGroupMapping.(LdapGroupMapping.java:51)
	at org.sonar.auth.ldap.LdapSettingsManager.getGroupMappings(LdapSettingsManager.java:119)
	at org.sonar.auth.ldap.LdapRealm.init(LdapRealm.java:58)
	at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:87)
	... 18 common frames omitted
2022.07.22 09:23:46 INFO  webHard stopping process

Hi,

What version of SonarQube are you using?

 
Ann

version 9.2.3

Hi,

Please turn your server logging up - I believe TRACE is needed - to see if you get extra details on the failure. Note that you’ll want to turn them back down to INFO again right away - the logs get big, fast at TRACE level.

 
Ann

how to check the Trace?

Hi,

You can configure the log level in $SONARQUBE-HOME/conf/sonar.properties. Then check the same server logs where you found the error you shared above.

 
Ann

2022.07.25 08:39:44 ERROR web[o.s.s.p.Platform] Background initialization failed. Stopping SonarQube
org.sonar.api.utils.SonarException: Security realm fails to start: null
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:93)
at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40)
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
at org.picocontainer.behaviors.Stored.start(Stored.java:110)
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:90)
at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:583)
at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:213)
at org.sonar.server.platform.PlatformImpl.startLevel34Containers(PlatformImpl.java:187)
at org.sonar.server.platform.PlatformImpl$1.lambda$doRun$0(PlatformImpl.java:120)
at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.runIfNotAborted(PlatformImpl.java:370)
at org.sonar.server.platform.PlatformImpl$1.doRun(PlatformImpl.java:120)
at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.run(PlatformImpl.java:354)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.lang.NullPointerException: null
at org.sonar.auth.ldap.LdapGroupMapping.(LdapGroupMapping.java:51)
at org.sonar.auth.ldap.LdapSettingsManager.getGroupMappings(LdapSettingsManager.java:119)
at org.sonar.auth.ldap.LdapRealm.init(LdapRealm.java:58)
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:87)
… 18 common frames omitted
2022.07.25 08:39:44 INFO web[o.s.s.app.WebServer] WebServer stopped

Hi,

I didn’t get anything extra from the updated logs. In the end, this is about your LDAP configuration. The best thing to do is use a 3rd-party LDAP tool to perfect your connection settings, and then port them over to SonarQube.

 
HTH,
Ann

Can you please send me the instructions for LDAP conf? Do we have to import the cert using keytool command?

@ganncamp seems I have to change this ldap.user.baseDn=dc=companyName,dc=DOMAIN
but where can I find this info?

Hi,

You should talk to your LDAP admins, or other folks at your company who have integrated with LDAP.

 
HTH,
Ann

I have made some changes to the sonar.properties file @ganncamp but when I go to sonarqubedev.ua.com:111111/sessions/login, it redirects me to sonarqubedev.ua.com:111111/sessions/new, any ideas why?

this is what I get
2022.07.25 10:54:36 INFO web[o.s.s.u.SystemPasscodeImpl] System authentication by passcode is disabled

Hi,

Sorry, I’ve gone as far as I’m able & given you^ the best advice I can.

 
Ann

@ganncamp
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A71, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839 ]
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
at java.naming/com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1875)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1798)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1815)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
at java.naming/javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
at org.sonar.auth.ldap.LdapSearch.find(LdapSearch.java:130)
at org.sonar.auth.ldap.LdapSearch.findUnique(LdapSearch.java:143)
at org.sonar.auth.ldap.LdapUsersProvider.getUserDetails(LdapUsersProvider.java:80)
… 157 common frames omitted