LDAP Plugin

Name	Sonar LDAP Plugin
Authors	Evgeny Mandrikov
Homepage	http://code.google.com/p/sonar-identity/
Jira	http://jira.codehaus.org/browse/SONARPLUGINS/component/14293
Latest version	0.1-SNAPSHOT
License	LGPL v3
Sources	TBA
Download	http://code.google.com/p/sonar-identity/

Compatibility matrix

Plugin	0.1-SNAPSHOT
Sonar	1.12+

	Apache DS	OpenLDAP	OpenDS	Active Directory
simple	tested	tested	tested
bind	tested	tested	tested	tested
LDAPS	tested	tested
Digest-MD5	tested		tested
CRAM-MD5	tested		tested
GSSAPI (SONARPLUGINS-300)	tested	–	–	–

Description / Features

The Sonar LDAP Plugin enables the delegation of Sonar authentication to an external system. The plugin currently supports LDAP (tested - OpenLDAP, ApacheDS) and Microsoft Active Directory (not tested).

Only password-checking is done against the external system. Authorization (access control) is still fully managed in Sonar. That’s why LDAP or Active Directory users do not automatically have access to Sonar. A Sonar account must be created first for each new user wishing to use Sonar. The Sonar administrator should also assign the user to the desired groups in order to grant him necessary rights. If exists, the password in the Sonar account will be ignored as the external system password will override it.

Usage & Installation

Place the jar into the /extensions/plugins directory
Make sure that at least one user with global administration role exists in Sonar as well as in the external system
Configure conf/sonar.properties by adding and editing the following:
conf/sonar.properties

Restart the Sonar server and check the log file for:

INFO org.sonar.INFO Authentication plugin: class com.teklabs.sonar.plugins.ldap.LdapAuthenticator
INFO org.sonar.INFO Authentication plugin started

Log in to Sonar

Troubleshooting

You can enable debug logging by adding the following to conf/logback.xml:

conf/logback.xml