The first question that should be answered when setting the security strategy in SonarQube is: Can anonymous users browse the SonarQube instance or must authentication be required? To To force user authentication, log in as a System administrator and go to Settings > General Settings > Security and set the
sonar.forceAuthentication property to the Force user authentication property to
true. To allow users to sign up for a SonarQube account, set the
sonar.allowUsersToSignUp Allow users to sign up property to
Creating a User
A user is a set of basic information: login, password, name and email.
To create a new user, go to Setting > Users > Add new user:
Any user can change his own password. To do soTo change your password, log in and go to My_Name > My Profile:
When the LDAP plugin is installed and activated, it is no longer possible for users to change their password. Then, only system administrators can do so through Settings > Users > Change password. Note that this password is only used when the LDAP server is not reachable and the authentication mechanism fall back to the SonarQube built-in mechanism.
When installing SonarQube, a default user with administration privileges Administer System permission is created automatically:
- Login: admin
- Password: admin
lost the admin password
In case you lost the
admin password of your SonarQube instance, you can reset it by executing the following query: