7

Authentication for Sonar (3.5.1) with LDAP plugin (1.3-SNAPSHOT) is working fine. But the authorization for projects is not working with groups. From the Admin user i am able to map the LDAP user to a group created in Sonar UI. But everytime the user tries to login to Sonar, the users already mapped to a group gets deleted from the group.

Has anyone faced the same issue already? is that a problem with ldap version? or do i need to make configuration changes?

Murthy
  • 313
  • 1
  • 4
  • 17
  • I noticed that Sonar will remove users from any Sonar group, where there is no matching group membership in LDAP. I suggest that your issue might be a naming mismatch. Check that the group names are exactly alike. – Mark O'Connor Jun 13 '13 at 20:18
  • Hi Mark, I have tried creating a group in Sonar which contains the same name as in LDAP. but it does not synchronize with that group. Again i see that the authenticated LDAP user gets deleted from the Sonar groups. even i could not add the user with the sonar-users or sonar-administrators group ... Please help me in resolving this issue ... Thanks in advance.. – Murthy Jun 14 '13 at 06:25
  • First, you should use a non-SNAPSHOT version: 1.2.1. It is likely that the group mapping is not properly configured. See http://docs.codehaus.org/display/SONAR/LDAP+Plugin#LDAPPlugin-GroupMapping – David RACODON - QA Consultant Jun 17 '13 at 08:29
  • Thanks for your suggestion David. The LDAP plugin version 1.2.1 provided by sonar is not working. I could not connect to my LDAP when i use this plugin(1.2.1) whereas i am able to connect to my LDAP when use this SNAPSHOT plugin version 1.3. when will be the stable plugin to be released for sonar LDAP plugin version 1.3 ?? – Murthy Jun 18 '13 at 04:29
  • Any updates would be greatful.... Thanks in advance... – Murthy Jun 18 '13 at 04:39

1 Answers1

3

It is working fine now. Thanks for your Knowledge sharing. I am able to authenticate and authorize Sonar 3.5.1 using the username from the LDAP groups. Steps : Needed to create the group name in SONAR 3.5.1 which is the same group name or DL name in LDAP.
e.g CHENNAI-GROUP is the DL name/group name available in LDAP. You should create CHENNAI-GROUP as a group name in Sonar too and map the created group name in Sonar to any project available in Sonar. So after the next login to Sonar , any username under CHENNAI-GROUP in LDAP will be newly added to the group created in Sonar too and the mapped projects will be accessible to the username Make sure the LDAP CN names and OU names to be in correct order. Please add the following lines as below. Do not add anything more than this. Remove anything if you have added already. Append the following lines in %SONAR_HOME%/conf/sonar.properties

**

# 
# LDAP configuration
sonar.security.realm: LDAP
#sonar.authenticator.createUsers: true
ldap.url: ldap://******:389
ldap.user.baseDn: OU=<USERS>,OU=<Users>,OU=chennai,DC=<orgDC>,DC=CORP,DC=<org>,DC=IN
ldap.bindDn: <username>@<orgDC>.CORP.<org>.IN
ldap.bindPassword: ******
ldap.user.request: (&(objectClass=User)(sAMAccountName={login}))
ldap.group.baseDn: OU=DL,OU=<GROUPNAME>,DC=<orgDC>,DC=CORP,DC=org,DC=IN
ldap.group.request: (&(objectClass=group)(member={dn}))
ldap.group.idAttribute=cn
################################

**

#
Murthy
  • 313
  • 1
  • 4
  • 17