Enable LDAP authentication on a dockerized SonarQube

Scenario:

We’ve got a SonarQube running inside a docker container. In order to enable LDAP authentication (https://docs.sonarqube.org/latest/instance-administration/delegated-auth/) I’ve created a sonar.properties file in $SONARQUBE-HOME$/conf/ path (to consider: docker volume … persistent data … choose the right path). Easy way? Copy & paste a default properties file, you can get one from here: https://github.com/SonarSource/sonarqube/blob/master/sonar-application/src/main/assembly/conf/sonar.properties, and edit with your own LDAP config:

After editing sonar.properties (LDAP part only), a best practice is restart SonarQube through command-line instead of application GUI (“Administration” > “Server” > “Restart Server”):

docker restart sonarqube-sec_sonarqube_1

First attempt … it’s not working (not a surprise). Checking sonarqube’s docker logs we only be able to see a 401 (NOT AUTHORIZED) message and not much more … OK. Let’s increase debug level, adding this to our sonar.properties file:

wrapper.console.loglevel=DEBUG

At the end, we can solve it (sincerely, after too many attempts) with “reverse thinking”. Going to our Active Directory, choosing one user (make some trial and error with him) and setting (in a right way) ldap.user.baseDn. And that’s all.

Seguir leyendo