Sonarqube doesn't load my LDAP config

Hi,

I'm using the SonarQube Community Version ( version 9.5 ) on Kubernetes. I added my LDAP configuration to conf/sonar.properties. But I don't see any log in Web.log related to LDAP. Anyone help me, pls?

That is my LDAP config

sonar.security.realm=LDAP
sonar.authenticator.downcase=true

ldap.url=ldap://*.*.*.*:389
ldap.bindDn=admin
ldap.bindPassword=*********
ldap.authentication=simple

# User Configuration
ldap.user.baseDn=ou=People,dc=ldap,dc=skuad,dc=in
ldap.user.realNameAttribute=cn
ldap.user.LastNameAttribute=sn
ldap.user.firstNameAttribute=givenName
ldap.user.emailAttribute=mail
ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login}))

# Group Configuration
ldap.group.baseDn=ou=Groups,dc=ldap,dc=skuad,dc=in
ldap.group.request=(&(objectClass=posixGroup)(memberUid={uid}))

sonarqube_web.log (79.8 KB)

That’s my Web.log file. problem is that SonarQube doesn’t load my LDAP. I don’t see any log related to LDAP configuration.

Thanks

Hey there.

Where are you putting this configuration?

Hi, conf/sonar.properties file inside the sonarqube pod.

I would suggest giving more details about your values.yaml file you’re using

i don’t edit values.yml. just install helm 'kubectl create namespace sonarqube
helm upgrade --install -n sonarqube sonarqube sonarqube/sonarqube

Okay. Then the values in conf/sonar.properties probably aren’t being taken into account. There are some options to pass configuration (documented in the README), specifically sonarProperties.

hello @Colin , thanks for your reply. When I set LDAP config under sonarProperties, it’s loading my LDAP config. but it’s gettting error. this is my config. Can you help me to work?

sonarProperties:
  sonar.security.realm: LDAP
  sonar.authenticator.downcase: true

  ldap.url: ldap://34.****:389
  ldap.bindDn: admin
  ldap.bindPassword: ******
  ldap.user.baseDn: ou=People,dc=ldap,dc=skuad,dc=in
  ldap.group.baseDn: ou=Groups,dc=ldap,dc=skuad,dc=in

here are some logs from sonarqube container pod

2022.10.17 18:37:08 INFO  web[][o.s.a.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=ou=People,dc=ldap,dc=skuad,dc=in, request=(&(objectClass=inetOrgPerson)(uid={0})), realNameAttribute=cn, emailAttribute=mail}
2022.10.17 18:37:08 INFO  web[][o.s.a.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=ou=Groups,dc=ldap,dc=skuad,dc=in, idAttribute=cn, requiredUserAttributes=[dn], request=(&(objectClass=groupOfUniqueNames)(uniqueMember={0}))}
2022.10.17 18:37:08 INFO  web[][o.s.a.l.LdapContextFactory] Test LDAP connection: FAIL
2022.10.17 18:37:08 WARN  web[][o.s.c.a.AnnotationConfigApplicationContext] Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.ws.WebServiceEngine': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.ws.AuthenticationWs': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.ws.LoginAction': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.CredentialsAuthentication': Unsatisfied dependency expressed through constructor parameter 2; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.CredentialsExternalAuthentication': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.user.SecurityRealmFactory': Initialization of bean failed; nested exception is org.sonar.api.utils.SonarException: Security realm fails to start: Unable to open LDAP connection
2022.10.17 18:37:08 ERROR web[][o.s.s.p.Platform] Background initialization failed. Stopping SonarQube
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.ws.WebServiceEngine': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.ws.AuthenticationWs': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.ws.LoginAction': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.CredentialsAuthentication': Unsatisfied dependency expressed through constructor parameter 2; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.CredentialsExternalAuthentication': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.user.SecurityRealmFactory': Initialization of bean failed; nested exception is org.sonar.api.utils.SonarException: Security realm fails to start: Unable to open LDAP connection
        at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
        at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
        at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:953)
        at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:918)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583)
        at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:187)
        at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:80)
        at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:647)
        at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:196)
        at org.sonar.server.platform.PlatformImpl.startLevel34Containers(PlatformImpl.java:177)
        at org.sonar.server.platform.PlatformImpl$1.lambda$doRun$0(PlatformImpl.java:105)
        at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.runIfNotAborted(PlatformImpl.java:344)
        at org.sonar.server.platform.PlatformImpl$1.doRun(PlatformImpl.java:105)
        at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.run(PlatformImpl.java:328)
        at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.ws.AuthenticationWs': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.ws.LoginAction': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.CredentialsAuthentication': Unsatisfied dependency expressed through constructor parameter 2; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.CredentialsExternalAuthentication': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.user.SecurityRealmFactory': Initialization of bean failed; nested exception is org.sonar.api.utils.SonarException: Security realm fails to start: Unable to open LDAP connection
        at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
        at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
        at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
        at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.addCandidateEntry(DefaultListableBeanFactory.java:1607)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.findAutowireCandidates(DefaultListableBeanFactory.java:1571)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveMultipleBeans(DefaultListableBeanFactory.java:1437)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1347)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1309)
        at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
        at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
        ... 22 common frames omitted
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.ws.LoginAction': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.CredentialsAuthentication': Unsatisfied dependency expressed through constructor parameter 2; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.authentication.CredentialsExternalAuthentication': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@5c8da962-org.sonar.server.user.SecurityRealmFactory': Initialization of bean failed; nested exception is org.sonar.api.utils.SonarException: Security realm fails to start: Unable to open LDAP connection

It looks like your LDAP server can’t be connected to from within then pod.

org.sonar.api.utils.SonarException: Security realm fails to start: Unable to open LDAP connection

You should make sure look into whether or not resources like your LDAP server can be accessed from within your pod.

@Colin Hi , LDAP is working but getting SSL handshake error? how can I solve it?

        ... 100 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake
        at java.base/sun.security.ssl.SSLSocketImpl.handleEOF(SSLSocketImpl.java:1696)
        at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1514)
        at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:456)
        at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:921)
        at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1291)
        at java.base/java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:81)
        at java.base/java.io.BufferedOutputStream.flush(BufferedOutputStream.java:142)
        at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Connection.java:414)
        at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Connection.java:387)
        at java.naming/com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359)
        at java.naming/com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214)
        ... 114 common frames omitted
        Suppressed: java.net.SocketException: Broken pipe (Write failed)
                at java.base/java.net.SocketOutputStream.socketWrite0(Native Method)
                at java.base/java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:110)
                at java.base/java.net.SocketOutputStream.write(SocketOutputStream.java:150)
                at java.base/sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:81)
                at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:389)
                at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:296)
                at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:468)
                ... 122 common frames omitted
Caused by: java.io.EOFException: SSL peer shut down incorrectly
        at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:483)
        at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:472)
        at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:160)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
        at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
        ... 124 common frames omitted