Sonar Community

Unable to authenticate using LDAP with SonarQube 10.6.0.92116

SonarQube Server / Community Build

brandon (brandon) November 7, 2024, 6:33pm 1

Sonarqube won’t connect to LDAP within our environment. We have configured the config file based on the documentation as it is presented below.

We are using: SonarQube 10.6.0.92116
Zip version.

Also in the logs we are only seeing:
INFO o.s.p.l.LdapContextFactory Test LDAP connection: OK

We are not seeing the event of:
INFO org.sonar.INFO Security realm: LDAP …
Not sure if that is indication of anything.

General Configuration

sonar.security.realm=LDAP

ldap.url=ldap://xxx.xxx.xxx

ldap.bindDn=CN=SVC SonarQube,OU=Service Accounts,OU=SonarQube,OU=IT Security,OU=Enterprise Services,DC=Org,DC=ad,DC=local

ldap.bindPassword=xxxxxxxxx

ldap.StartTLS=true

User Configuration

ldap.user.baseDn=DC= Org,DC=ad,DC=local

ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login}))

ldap.user.realNameAttribute=cn

ldap.user.emailAttribute=mail

Group Configuration

ldap.group.baseDn=OU=groups,OU=SonarQube,OU=IT Security,OU=Enterprise Services,DC=Org,DC=ad,DC=local

ldap.group.request=(&(objectClass=group)(member={dn}))

ldap.group.idAttribute=sAMAccountName

Colin (Colin) November 8, 2024, 5:11pm 2

Hey there.

What log messages do you receive when a user tries to login? You can bump up the log level in global Administration > System > Log Level (these messages should appear at DEBUG)

brandon (brandon) November 19, 2024, 8:34pm 3

@Colin, First-off thanks for taking the time to comment. Sorry for the delayed response. The logs are bumped up. There is nothing that specifically sticks out to us. Is there anything specific we should be looking for?

Colin (Colin) November 25, 2024, 3:11pm 4

Normally you would see some message like this when the user attempts to login.

2019.12.10 14:33:21 DEBUG web[AW7v2dtC1TkW09XXAAF0][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:7d51:23e6:bd8f:3644%2|195.145.101.4][login|]

Are you seeing any logs when the user attempts to login?

brandon (brandon) December 12, 2024, 8:39pm 5

Yes we are seeing logs like that:

2024.12.12 14:18:06 DEBUG web[882d324c][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|10.xx.x.xxx|][login|]

Colin (Colin) December 16, 2024, 1:53pm 6

Thanks Brandon.

Your original report is quite telling that something weird is going on here.

Could you share your system information? This might reveal some odd settings. You can download it at the global Administration > System > Download System Info