Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


This plugin enables the delegation of SonarQube TM authentication to an external system. The plugin currently supports Atlassian Crowd.

Only password-checking is done against the external system. Authorization (access control) is still fully managed in SonarQubeTM. That’s why Crowd users do not automatically have access to SonarQubeTM. A SonarQube TM account must be created first for each new user wishing to use SonarQubeTM. The System administrator should also assign the user to the desired groups in order to grant him necessary rights. If exists, the password in the SonarQube TM account will be ignored as the external system password will override it.


  1. Install the plugin through the Update Center or download it into the SONARQUBE_HOME/extensions/plugins directory
  2. Restart the SonarQube TM server


  1. Make sure that at least one user with System administration role exists in SonarQube TM as well as in the external system
  2. Update the SONARQUBE_HOME/conf/ file by adding the following lines:

    Code Block
    # Activates the plugin. Leave blank or comment out to use default SonarQube authentication.
    sonar.authenticator.class: org.sonar.plugins.crowd.CrowdAuthenticator
    # Ignore failure at startup if the connection to external system is refused.
    # Users can browse SonarQube but not log in as long as the connection fails.
    # When set to true, SonarQube will not start if connection to external system fails.
    # Default is false.
    #sonar.authenticator.ignoreStartupFailure: true
    # Automatically create users.
    # When set to true, user will be created after successful authentication, if doesn't exists.
    # The default group affected to new users can be defined online, in SonarQube general settings. The default value is "sonar-users".
    # Default is false.
    #sonar.authenticator.createUsers: true
    # URL of the Crowd server (usually ends with /services/).
    # Crowd application name.
    # Default is 'sonar'.
    # Crowd application password.
  3. Restart the SonarQubeTM server SonarQubeserver and check the log file for:

    No Format
    INFO  org.sonar.INFO  Authentication plugin: class org.sonar.plugins.crowd.CrowdAuthenticator
    INFO  org.sonar.INFO  Authentication plugin started
  4. Log in to SonarQubeTM


You can enable debug logging by adding the following to conf/logback.xml: