Versions Compared

Old Version 71

changes.mady.by.user Simon Brandhof

Saved on

compared with

New Version Current

changes.mady.by.user David RACODON

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Secure a Sonar instance by forcing login prior to access to any page
  • Make a given project non accessible to anonymous
  • Allow access to source code (Code Viewer) to a given set of users
  • Restrict access to a project to a given group of users
  • Define who can administer a project (setting exclusion patterns, tunning tuning plugins configuration for that project, …)
  • Define who can administer a Sonar instance

...

Enter the old password, the new one and confirm it:

Note
titleLDAP plugin

When the LDAP plugin is installed and activated, it is no longer possible for users to change their password. Then, only system administrators can do so through Settings > Security > Users.

 

Authorization

The way authorization is implemented in Sonar is pretty standard. It is possible to create as many users and groups of users as required in the system. The users can then be attached (or not) to (multiple) groups. Groups and / or users are then given (multiple) roles. The roles grant access to projects, services and functionalities in Sonar.

...

  • Anyone is a group that exists in the system, but that cannot be managed. Every user belongs to this group.
  • sonar-users is the group to which users are automatically added. This group can be changed through the Security Global Settings. See Global Security Settings, property sonar.defaultGroup for more information.

...

  1. Anchor
    defaultUserGroup
    Default user group: any new user created will automatically join this group.
  2. Anchor
    forceUserAuthentication
    Force user authentication: this is really the first question that should be answered when setting the security strategy in Sonar. Can anybody browse the Sonar instance or do you need to be authenticated?
  3. Allow users to sign up online: this means that anybody can access a form to create himself an account in the system. Note that after filling up the form, the user should log in.
  4. Anchor
    importSources
    Import sources: if set to false, source code will not be accessible for any user, to restrict access to source code for some users only, see Code viewers role.

Delegation to an External System

...