LDAP - Sonar.authenticator.downcase=true is not working as expected

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    SonarQube 9.5
  • what are you trying to achieve
    Trying to restrict case-insensitive login to sonarqube
  • what have you tried so far to achieve this
    “sonar.authenticator.downcase=true” is applied in sonarqube conf file.

But, it is still allowing users to login with case insensitive user id.

Summary

image

As a result multiple users are being created with the same name but different cases
Please let me know how to fix this.

Thanks
vsk

Hey there.

There are probably one of two things going on:

  • You haven’t restarted your SonarQube server (completely, from the command line) since applying the configuration
  • You need to POST api/users/update_login the logins of existing users to be all lowercase in order for them to match the lowercased data, and not create a new user.

Hi Colin,

For sure I did restart my sonarqube using command line after the changes to configuration.
I am not talking about a single user, I want to apply the same rule for all the users.

web API you have suggested, is useful when we want to update a user login only one at a time.

2 things here

  1. I think it is not mentioned anywhere in documentation. If yes, please share the link.
  2. I am not looking to for all users to be lowercase. Whatever is there as in configured LDAP-AD, that should only be allowed to login to SonarQube. And they must not be able to login with any type of casing they wish (UPPER,Lower, Camel etc…)

Thanks

To be clear – what sonar.authenticator.downcase does is not restrict the casing that the user can use, but instead transform whatever input the user has given to be lowercase – and that is the value used as the SonarQube username.

But, it is not doing the expected work.
Even after setting that value to be true, user is able to login with UPPERCASE, lowercase, CamelCasing. I think they can login anyway as long as they spell it ryt. And for each type, a new user is being created on Sonar.

Not sure how to fix it. Please provide your support to fix it.

Thanks

Can someone guide/help me how to fix this issue. Any help is much appreciated.

Thanks

Hi

Please let me know your solution fix this issue.

Thanks

Hey there.

Please do not bump threads.

Summary

I didn’t mean it my friend, I just want to remind the issue as it is kind of urgent for me. I don’t know if we can ping you in personal chat.

Hi,

please let me know if there is any update on this issue.

Thanks

Hey there.

I would first suggest making sure the value is being taken into account. You should be able to find the setting key in http://mysonarqubeinstance.com/api/settings/values and see if the value is true or false

To be clear – this will continue to be the case even when sonar.authenticator.downcase is set to true. What shouldn’t happen is that a new user is created. So – login will work eVeNiFcAsEdLiKeThIs.