SAML SSO implementation for SonarQube


(Yatheesh) #1

Hello team,

I 'm from LogMeIn team, we are using Sonarqube Version 6.7.4 (build 38452) - LGPL v3 - Community.

We are looking for SAML single sign on feature in sonarqube to provide our users a seamless login. Can you please suggest how we can have SAML SSO integration for above said version. I have gone through the documentation - https://docs.sonarqube.org/display/PLUG/SAML+Authentication+Plugin
I found some limitation in the plugin which is updated in the documentation. We would like to hear from you the complete working SAML SSO solutions with the request properly encrypted for SonarQube using Azure AD as IDP. And on top of this we wanted to integrate multi factor authentication.
Please suggest the best way to achieve this with 6.7.4 version.


(Julien Lancelot) #2

Hi Yatheesh,

Could you please elaborate more on :

Thanks.
Regards,
Julien Lancelot


(Yatheesh) #3

Hi Julien,

I can see that below limitations in the plugin

Limitations

  • SAML requests are not signed. Client signature validation should be disabled in the Identity Provider.
  • SAML encrypted responses are not supported. SAML encryption should be disabled in the Identity Provider.

We own a Sonar Qube enterprise version Version 6.7.4 (build 38452) - LGPL v3 - Community - We would like to integrate single sign on feature for the sonar qube instance to provide seamless login experience for the user. Could you please help provide information on setting up single sign on for Sonar Qube instance.

Thanks
Yatheesh


(Yatheesh) #4

Can you please respond to the above posted question


(Wouter Admiraal) #5

Hi Yateesh,

The documentation provides a detailed step-by-step guide for setting up SonarQube as a SAML SP: https://docs.sonarqube.org/display/PLUG/SAML+Authentication+Plugin#SAMLAuthenticationPlugin-ExampleofconfigurationusingKeycloakasaSAMLIdentityProvider

Depending on your SAML IdP software, the steps might be slightly different, but overall, it will be very similar.