Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
{iframe:src=http://update.sonarsource.org/plugins/pam-confluence.html|width=700|height=250|frameborder=0}
Your browser does not support iframes.
{iframe}

...

  1. Install jpam
    1. Download jpam for your system from here
    2. Alternatively:
      1. Copy the jpam's native library following these directions
      2. Copy the jpam's native libray in sonar/bin/<your arch>/lib
  2. Install the plugin through the Update Center or download it into the SONARQUBE_HOME/extensions/plugins directory
  3. Make sure that at least one user with global administration role exists in SonarQube as well as in the external system
  4. Update the SONARQUBE_HOME/conf/sonar.properties file by adding the following lines:

    Code Block
    borderStyledashed
    titlesonar.properties
    sonar.security.realm: PAM
    pam.serviceName=system-auth
    # Automatically create users.
    # When set to true, user will be created after successful authentication, if doesn't exists.
    # The default group affected to new users can be defined online, in SonarQube general settings. The default value is "sonar-users".
    # Default is false.
    sonar.authenticator.createUsers: true
    
  5. Restart SonarQube and check logs for:

    Code Block
    borderStyledashed
    2012.11.24 20:32:34 INFO  org.sonar.INFO  Security realm: PAM
    2012.11.24 20:32:34 INFO  org.sonar.INFO  Security realm started
  6. Log in to SonarQube

Include Page
Include - Technical Users
Include - Technical Users

Known Issues

Crash using PAM winbind authentication (pam_winbind.so)

...

  1. Edit /etc/security/pam_winbind.conf:
  2. Set Kerberos authentication:

    Code Block
    borderStyledashed
    title/etc/security/pam_winbind.conf
    #
    # pam_winbind configuration file
    #
    # /etc/security/pam_winbind.conf
    #
    
    [global]
    
    # turn on debugging
    #debug = yes
    
    # request a cached login if possible
    # (needs "winbind offline logon = yes" in smb.conf)
    cached_login = yes
    
    # authenticate using kerberos
    krb5_auth = yes
    
    # when using kerberos, request a "FILE" krb5 credential cache type
    # (leave empty to just do krb5 authentication but not have a ticket
    # afterwards)
    ;krb5_ccache_type = FILE
    
    # make successful authentication dependend on membership of one SID
    # (can also take a name)
    ;require_membership_of =
    

Change Log

JIRA Issues
anonymoustrue
titleRelease 0.2
renderModestatic
width900
columnstype;key;summary;priority
urlhttp://jira.codehaus.org/sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml?fixfor=18999&pid=11911&sorter/field=priority&sorter/order=DESC&tempMax=1000

 

JIRA Issues
anonymoustrue
titleRelease 0.1
renderModestatic
width900
columnstype;key;summary;priority
urlhttp://jira.codehaus.org/sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml?fixfor=17263&pid=11911&sorter/field=priority&sorter/order=DESC&tempMax=1000