问题
Authentication for Sonar (3.5.1) with LDAP plugin (1.3-SNAPSHOT) is working fine. But the authorization for projects is not working with groups. From the Admin user i am able to map the LDAP user to a group created in Sonar UI. But everytime the user tries to login to Sonar, the users already mapped to a group gets deleted from the group.
Has anyone faced the same issue already? is that a problem with ldap version? or do i need to make configuration changes?
回答1:
It is working fine now. Thanks for your Knowledge sharing.
I am able to authenticate and authorize Sonar 3.5.1 using the username from the LDAP groups.
Steps :
Needed to create the group name in SONAR 3.5.1 which is the same group name or DL name in LDAP.
e.g CHENNAI-GROUP is the DL name/group name available in LDAP. You should create CHENNAI-GROUP as a group name in Sonar too and map the created group name in Sonar to any project available in Sonar.
So after the next login to Sonar , any username under CHENNAI-GROUP in LDAP will be newly added to the group created in Sonar too and the mapped projects will be accessible to the username
Make sure the LDAP CN names and OU names to be in correct order.
Please add the following lines as below. Do not add anything more than this. Remove anything if you have added already.
Append the following lines in %SONAR_HOME%/conf/sonar.properties
**
## LDAP configuration
sonar.security.realm: LDAP
#sonar.authenticator.createUsers: true
ldap.url: ldap://******:389
ldap.user.baseDn: OU=<USERS>,OU=<Users>,OU=chennai,DC=<orgDC>,DC=CORP,DC=<org>,DC=IN
ldap.bindDn: <username>@<orgDC>.CORP.<org>.IN
ldap.bindPassword: ******
ldap.user.request: (&(objectClass=User)(sAMAccountName={login}))
ldap.group.baseDn: OU=DL,OU=<GROUPNAME>,DC=<orgDC>,DC=CORP,DC=org,DC=IN
ldap.group.request: (&(objectClass=group)(member={dn}))
ldap.group.idAttribute=cn
################################
**
#来源:https://stackoverflow.com/questions/17086192/ldap-authenticated-user-gets-deleted-from-the-group-created-in-sonar-for-every-f