Using openLDAP with sonarqube 7.4

(Jodi Einsmann) #1

We are trying to pilot Sonarqube in or development environment. I have installed Sonarqube 7.4 on my RHEL 7.2 machine. I configured ldap with the parameters that I have used successfully run other tools. However, I am not able to get sonarqube to authenticate using ldap. I am just triying to get a basic setup working with LDAP. it has been frustrating. Also, there is really no detail in the logs (set to DEBUG mode). Below I have posted the LDAP config of the file. I have attached theweb-log.txt (29.8 KB)
access-log.txt (12.2 KB)
web and access logs. I would love to know what I am doing wrong in this setup. Thanks in advance for all you input.





I am using the defaults


(Colin Mueller) #2


It feels worth asking – are you restarting the SonarQube service after implementing the LDAP configuration in your $SONARQUBE_HOME/conf/ file?

Also, where are you setting the log-level to DEBUG? In the same file?



(Jodi Einsmann) #3


Yes, I am restarting using command line like so ./ restart. Yes on the second question as well. I set the log level DEBUG in the file.

(Jodi Einsmann) #4

So I removed my previous install of sonarqube CE v 7.4 and reinstalled it using the same LDAP configuration. I am still not able to login successfully using LDAP. But I see the following in the web.log. This section of the log suggests to me that the machine is able to connect to the ldap service without issue. Am I correct?

Server ID: BF41A1F2-AWg5plWzZYU7j-yLvCib
2019.01.10 16:46:24 INFO web[org.sonar.INFO] Security realm: LDAP
2019.01.10 16:46:24 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=ou=People,dc=md,dc=hns,dc=net, request=(&(objectClass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2019.01.10 16:46:24 INFO web[o.s.p.l.LdapSettingsManager] Groups will not be synchronized, because property ‘’ is empty.
2019.01.10 16:46:24 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection on ldap:// OK
2019.01.10 16:46:24 INFO web[org.sonar.INFO] Security realm started

(Jodi Einsmann) #5

I think I solved the issue as I am able to now login using ldap credentials. I have posted below what I did so maybe someone else can benefit.

Although connection to ldap server was successful (based on the previous snippet from my web log that I put in the last post) I was still not able to login using ldap. After restarting sonarqube and retrying the login I also see the following in the log.

2019.01.11 08:58:50 DEBUG web[AWg53m+VgzN5R5S4AAA6][o.s.p.l.LdapUsersProvider] Requesting details for user aeinsman
2019.01.11 08:58:50 DEBUG web[AWg53m+VgzN5R5S4AAA6][o.s.p.l.LdapSearch] Search: LdapSearch{baseDn=ou=People,dc=md,dc=hns,dc=net, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[aeinsman], attributes=[mail, cn]}
2019.01.11 08:58:50 DEBUG web[AWg53m+VgzN5R5S4AAA6][o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.pool=true,, java.naming.referral=follow}
2019.01.11 08:58:50 DEBUG web[AWg53m+VgzN5R5S4AAA6][o.s.p.l.LdapUsersProvider] User aeinsman not found in
2019.01.11 08:58:50 DEBUG web[AWg53m+VgzN5R5S4AAA6][auth.event] login failure [cause|No user details][method|FORM][provider|REALM|LDAP][IP||][login|aeinsman]

so I read some old posts here and found that someone changed the ldap.user.requests value like so;

#LDAP user request. (default: (&(objectClass=inetOrgPerson)(uid={login})) )

I did the same and I can now login