每次新登录到声纳时，LDAP 身份验证用户都会从声纳中创建的组中删除 [英] LDAP authenticated user gets deleted from the group created in sonar for every fresh login to sonar

问题描述

使用 LDAP 插件 (1.3-SNAPSHOT) 对声纳 (3.5.1) 进行身份验证工作正常.但是项目的授权不与团体合作.从管理员用户，我可以将 LDAP 用户映射到在 Sonar UI 中创建的组.但是每次用户尝试登录 Sonar 时，已经映射到某个组的用户都会从该组中删除.

Authentication for Sonar (3.5.1) with LDAP plugin (1.3-SNAPSHOT) is working fine. But the authorization for projects is not working with groups. From the Admin user i am able to map the LDAP user to a group created in Sonar UI. But everytime the user tries to login to Sonar, the users already mapped to a group gets deleted from the group.

有人遇到过同样的问题吗?这是ldap版本的问题吗?还是我需要进行配置更改?

Has anyone faced the same issue already? is that a problem with ldap version? or do i need to make configuration changes?

推荐答案

现在一切正常.感谢您的知识分享.我能够使用 LDAP 组中的用户名对 Sonar 3.5.1 进行身份验证和授权.脚步 :需要在 SONAR 3.5.1 中创建与 LDAP 中的组名或 DL 名称相同的组名.
例如 CHENNAI-GROUP 是 LDAP 中可用的 DL 名称/组名称.您也应该在 Sonar 中创建 CHENNAI-GROUP 作为组名，并将在 Sonar 中创建的组名映射到 Sonar 中可用的任何项目.因此，下次登录 Sonar 后，LDAP 中 CHENNAI-GROUP 下的任何用户名也将新添加到 Sonar 中创建的组中，并且该用户名可以访问映射的项目确保 LDAP CN 名称和 OU 名称的顺序正确.请添加以下行，如下所示.不要添加除此之外的任何内容.如果您已经添加，请删除任何内容.在 %SONAR_HOME%/conf/sonar.properties 中添加以下行

It is working fine now. Thanks for your Knowledge sharing. I am able to authenticate and authorize Sonar 3.5.1 using the username from the LDAP groups. Steps : Needed to create the group name in SONAR 3.5.1 which is the same group name or DL name in LDAP.
e.g CHENNAI-GROUP is the DL name/group name available in LDAP. You should create CHENNAI-GROUP as a group name in Sonar too and map the created group name in Sonar to any project available in Sonar. So after the next login to Sonar , any username under CHENNAI-GROUP in LDAP will be newly added to the group created in Sonar too and the mapped projects will be accessible to the username Make sure the LDAP CN names and OU names to be in correct order. Please add the following lines as below. Do not add anything more than this. Remove anything if you have added already. Append the following lines in %SONAR_HOME%/conf/sonar.properties

**

# LDAP configuration
sonar.security.realm: LDAP
#sonar.authenticator.createUsers: true
ldap.url: ldap://******:389
ldap.user.baseDn: OU=<USERS>,OU=<Users>,OU=chennai,DC=<orgDC>,DC=CORP,DC=<org>,DC=IN
ldap.bindDn: <username>@<orgDC>.CORP.<org>.IN
ldap.bindPassword: ******
ldap.user.request: (&(objectClass=User)(sAMAccountName={login}))
ldap.group.baseDn: OU=DL,OU=<GROUPNAME>,DC=<orgDC>,DC=CORP,DC=org,DC=IN
ldap.group.request: (&(objectClass=group)(member={dn}))
ldap.group.idAttribute=cn
################################

**

这篇关于每次新登录到声纳时，LDAP 身份验证用户都会从声纳中创建的组中删除的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！