We are using Sonarqube DE 8.1.
Currently we are using LDAP authentication, and it is working fine.
The only issue I have is that a new user is automatically have access to Sonarqube, without ‘granted’ rights explicitly.
We have 3 user groups:
- normal users
- quality gate admins: those who can administer/change quality profiles/gates
- system admins: those who can administer the system
I am considering to switch to Crowd based authentication, but I am not sure what would this mean for the existing users.
As far as I can see (checking the Postgresql DB), there are user accounts in the Sonarqube database. These are probably mapped to users in LDAP.
If we move to Crowd based auth
what will happen to the existing users in the sonarqube database?
Are those updated, or those will be ignored and new entries will be created?
Would a new user be able to login to Sonarqube, if in Crowed he is a member of the dedicated ‘sonar-user’ group? This is the whole purpose and advantage of Crows: central location of user administration for multiple applications.
How should my 3 user group look like? Should those be also created in Crowd? Where could I assign the necessary rights to these groups? If Crowd connection is proper, those groups in Crowd that are assigned to Sonarqube will be listed in the group administration page of Sonarqube?
I tried to gather information on this topic, but it seems that to Crowd plugin is not maintained by Sonarqube itself, so the documentation of the plugin is really bare minimum. And it only covers how to setup the Sonarqube server to talk to Crowd, and mentioned nothing about users and groups.