LDAP configuration

SonarQube Server / Community Build
,
1

We had used our credentials in order to login to the application, now we would like to have SSO via LDAP, I have addded following lines to the properties.conf

# LDAP CONFIGURATION
sonar.security.realm=LDAP
ldap.url=ldaps://ldappw.ua.com:636
ldap.bindDn=
ldap.bindPassword=

ldap.user.baseDn=dc=companyName,dc=DOMAIN
ldap.user.request=(&(sAMAccountName={0}))
ldap.user.realNameAttribute=name
ldap.user.emailAttribute=mail

ldap.group.request=(objectClass=group)
ldap.group.idAttribute=cn

but we are getting errors in the log

022.07.22 09:23:46 ERROR webBackground initialization failed. Stopping SonarQube
org.sonar.api.utils.SonarException: Security realm fails to start: null
	at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:93)
	at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40)
	at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
	at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
	at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
	at org.picocontainer.behaviors.Stored.start(Stored.java:110)
	at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
	at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
	at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
	at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:90)
	at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:583)
	at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:213)
	at org.sonar.server.platform.PlatformImpl.startLevel34Containers(PlatformImpl.java:187)
	at org.sonar.server.platform.PlatformImpl$1.lambda$doRun$0(PlatformImpl.java:120)
	at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.runIfNotAborted(PlatformImpl.java:370)
	at org.sonar.server.platform.PlatformImpl$1.doRun(PlatformImpl.java:120)
	at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.run(PlatformImpl.java:354)
	at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.lang.NullPointerException: null
	at org.sonar.auth.ldap.LdapGroupMapping.(LdapGroupMapping.java:51)
	at org.sonar.auth.ldap.LdapSettingsManager.getGroupMappings(LdapSettingsManager.java:119)
	at org.sonar.auth.ldap.LdapRealm.init(LdapRealm.java:58)
	at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:87)
	... 18 common frames omitted
2022.07.22 09:23:46 INFO  webHard stopping process
2

Hi,

What version of SonarQube are you using?

 
Ann

3

version 9.2.3

4

Hi,

Please turn your server logging up - I believe TRACE is needed - to see if you get extra details on the failure. Note that you’ll want to turn them back down to INFO again right away - the logs get big, fast at TRACE level.

 
Ann

5

how to check the Trace?

6

Hi,

You can configure the log level in $SONARQUBE-HOME/conf/sonar.properties. Then check the same server logs where you found the error you shared above.

 
Ann

7

2022.07.25 08:39:44 ERROR web[o.s.s.p.Platform] Background initialization failed. Stopping SonarQube
org.sonar.api.utils.SonarException: Security realm fails to start: null
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:93)
at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40)
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
at org.picocontainer.behaviors.Stored.start(Stored.java:110)
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:90)
at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:583)
at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:213)
at org.sonar.server.platform.PlatformImpl.startLevel34Containers(PlatformImpl.java:187)
at org.sonar.server.platform.PlatformImpl$1.lambda$doRun$0(PlatformImpl.java:120)
at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.runIfNotAborted(PlatformImpl.java:370)
at org.sonar.server.platform.PlatformImpl$1.doRun(PlatformImpl.java:120)
at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.run(PlatformImpl.java:354)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.lang.NullPointerException: null
at org.sonar.auth.ldap.LdapGroupMapping.(LdapGroupMapping.java:51)
at org.sonar.auth.ldap.LdapSettingsManager.getGroupMappings(LdapSettingsManager.java:119)
at org.sonar.auth.ldap.LdapRealm.init(LdapRealm.java:58)
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:87)
… 18 common frames omitted
2022.07.25 08:39:44 INFO web[o.s.s.app.WebServer] WebServer stopped

8

Hi,

I didn’t get anything extra from the updated logs. In the end, this is about your LDAP configuration. The best thing to do is use a 3rd-party LDAP tool to perfect your connection settings, and then port them over to SonarQube.

 
HTH,
Ann

9

Can you please send me the instructions for LDAP conf? Do we have to import the cert using keytool command?

10

@ganncamp seems I have to change this ldap.user.baseDn=dc=companyName,dc=DOMAIN
but where can I find this info?

11

Hi,

You should talk to your LDAP admins, or other folks at your company who have integrated with LDAP.

 
HTH,
Ann

12

I have made some changes to the sonar.properties file @ganncamp but when I go to sonarqubedev.ua.com:111111/sessions/login, it redirects me to sonarqubedev.ua.com:111111/sessions/new, any ideas why?

13

this is what I get
2022.07.25 10:54:36 INFO web[o.s.s.u.SystemPasscodeImpl] System authentication by passcode is disabled

14

Hi,

Sorry, I’ve gone as far as I’m able & given you^ the best advice I can.

 
Ann

15

@ganncamp
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A71, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839 ]
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
at java.naming/com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1875)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1798)
at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1815)
at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
at java.naming/javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
at org.sonar.auth.ldap.LdapSearch.find(LdapSearch.java:130)
at org.sonar.auth.ldap.LdapSearch.findUnique(LdapSearch.java:143)
at org.sonar.auth.ldap.LdapUsersProvider.getUserDetails(LdapUsersProvider.java:80)
… 157 common frames omitted