启用LDAP时SonarQube令牌访问 [英] SonarQube token access when LDAP is enabled

问题描述

只需安装一台全新的SonarQube 6.7.1 服务器，并将其配置为通过LDAP插件( 2.2 build 608 )对用户进行身份验证.到目前为止一切顺利.

Just stood up a brand new SonarQube 6.7.1 server and configured it to authenticate users via the LDAP plugin (2.2 build 608). So far so good.

但是，当用户尝试使用带有令牌的maven运行命令行扫描时:

However, when users trying to run a command line scan using maven with a token:

mvn sonar:sonar -Dsonar.login=438fd33be6d6e5c9146c674717fea4675f0eb

...他们得到以下错误:

...they get the following error:

Not authorized. Please check the properties sonar.login and sonar.password.

Sonar日志显示:

The Sonar logs are showing:

2018.01.19 18:20:14 DEBUG web[AWELLmgpg7dbJTF2AALW][o.s.p.l.LdapUsersProvider] User 438fd33be6d6e5c9146c674717fea4675f0eb not found in <default> 2018.01.19 18:20:14 DEBUG web[AWELLmgpg7dbJTF2AALW][auth.event] login failure [cause|No user details][method|BASIC][provider|REALM|LDAP]

2018.01.19 18:20:14 DEBUG web[AWELLmgpg7dbJTF2AALW][o.s.p.l.LdapUsersProvider] User 438fd33be6d6e5c9146c674717fea4675f0eb not found in <default> 2018.01.19 18:20:14 DEBUG web[AWELLmgpg7dbJTF2AALW][auth.event] login failure [cause|No user details][method|BASIC][provider|REALM|LDAP]

这使Sonar的LDAP插件看起来像试图在LDAP上查找用户，该用户的名称将是访问令牌.显然，这是行不通的！

This makes it look like Sonar's LDAP plugin is attempting to look up a user on LDAP whose name would be the access token. Clearly this isn't going to work!

我们正在使用声纳Maven插件版本 3.4.0.905 .

We are using sonar maven plugin version 3.4.0.905.

IntelliJ SonarLint使用相同的令牌.这似乎表明Maven插件在这里有问题.

推荐答案

感谢@agabrys提供提示.

Thanks to @agabrys for the tip.

运行此Maven命令:

Running this Maven command:

mvn clean verify help:evaluate -Dexpression="sonar.password" -Dsonar.login=438fd33be6d6e5c9146c674717fea4675f0eb

返回:

admin

为了接受令牌，密码必须为空.必须是设置该默认密码的Maven声纳插件！！通过以下方式将默认密码设置为空:

In order to accept the token, then password must be empty. It must be the Maven sonar plugin that is setting this default password!! Setting the default password to empty via this:

mvn clean verify sonar:sonar -Dsonar.password= -Dsonar.login=438fd33be6d6e5c9146c674717fea4675f0eb 

工作.

这篇关于启用LDAP时SonarQube令牌访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！