SAML for authentication, LDAP for authorization

mfriedenhagen · March 3, 2022, 8:53pm

Hi,

we are currently running the latest LTS 8 but plan to switch to 9 anyways because of the missing JDK 17 support in 8.

Our internally developed SAML IdP is able to enforce MFA which we want to use. However it does not provide any group information so we may not use it for authorization.
In e.g. GitLab “groups” may be taken from LDAP which there is not used for authentication but only for authorization.
Is something similar possible in SonarQube as well?

Best Regards
Mirko

Colin · March 4, 2022, 8:27am

Hey there.

This is not possible. All user data (including groups) must come from a single source of delegated authentication.

mfriedenhagen · March 4, 2022, 6:55pm

Hi @Colin, thanks for the quick answer. Then we must look into a workaround somehow.

Topic		Replies	Views
Sync SonarQube Groups with AD SonarQube Server / Community Build active_directory , sso	1	26	August 15, 2024
SAML and Current Users SonarQube Server / Community Build security , authentication , saml	5	906	March 24, 2021
How to setup SAML with ldap request group SonarQube Server / Community Build saml	1	434	November 30, 2020
How to use Authentication but no Authorization with LDAP SonarQube Server / Community Build ldap , permissions	1	660	September 5, 2018
LDAP successfully working, LDAPS failing SonarQube Server / Community Build ldap , saml	4	3939	April 27, 2022

SAML for authentication, LDAP for authorization

Related topics