- versions used (SonarQube, Scanner, Plugin, and any relevant extension) : 8.9.3
Authentication and authorization is working fine with LDAP. We have group in AD named sonar-admins and same group in Sonarqube.When users login via ldap, sonar-admins gets assigned to users and authorizaiton works fine.
Now, we have setup headers based single sign-on in SonarQube. When same user belonging to sonar-admins group logs in to Sonarqube, his permissions are reset and user is signed in belonging to sonar-users group. After this when same user signs in authenticating via ldap ( without SSO ), user is assigned 2 goups in Sonarqube automatically :: sonar-users and sonar-admins. After this SSO authentication and authorization works fine.
Can you please help me get around the issue? Sonarqube is taking SSO users as a new user assigned then sonar-users group (which is default for new users) rather than mapping them against already present authorization.