Errot在将Sonarqube与LDAP集成时

时间:2017-03-15 20:02:30

标签: ldap continuous-integration sonarqube devops

sonar.security.realm=LDAP
ldap.url=ldap://ldap-company.com
ldap.bindDn=CN=xxxxx,OU=Restricted,OU=xxxx,DC=company,DC=com
ldap.bindPassword=none

# User Configuration
ldap.user.baseDn=ou=Users,dc=mycompany,dc=com
ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail


# Group Configuration
ldap.group.baseDn=OU=Groups,OU=companyname,DC=comapany,DC=com
ldap.group.request=(&(objectClass=posixGroup)(memberUid={uid}))

这些是我的配置---- sonarqube version-6.2 数据库嵌入式

你们有任何想法如何将LDAP与Sonarqube集成。我尝试了不同的方法,但无法成功。这是我对sonar.properties的配置

我收到了错误2017.03.15 15:57:25 ERROR web[AVrTij8L9uoXNT8qAAAK][o.s.s.a.RealmAuthenticator] Error during authentication org.sonar.plugins.ldap.LdapException: Unable to retrieve details for user xxx in <default>以及Caused by: javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090752, comment: In order to perform this operation a successful bind must be completed on the connection., dat

2017.03.15 15:55:05 INFO web[][o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000 2017.03.15 15:55:49 ERROR web[AVrTij8L9uoXNT8qAAAJ][o.s.s.a.RealmAuthenticator] Error during authentication org.sonar.plugins.ldap.LdapException: Unable to retrieve details for user xxxxx in <default> at org.sonar.plugins.ldap.LdapUsersProvider.getUserDetails(LdapUsersProvider.java:84) at org.sonar.plugins.ldap.LdapUsersProvider.doGetUserDetails(LdapUsersProvider.java:58) at org.sonar.server.authentication.RealmAuthenticator.doAuthenticate(RealmAuthenticator.java:89) at org.sonar.server.authentication.RealmAuthenticator.authenticate(RealmAuthenticator.java:83) at org.sonar.server.authentication.CredentialsAuthenticator.authenticate(CredentialsAuthenticator.java:56) at org.sonar.server.authentication.CredentialsAuthenticator.authenticate(CredentialsAuthenticator.java:45) at org.sonar.server.authentication.ws.LoginAction.authenticate(LoginAction.java:91)

这是我的web.log

2017.03.16 13:10:09 INFO  web[][o.s.s.p.UpdateCenterClient] Update center: https://update.sonarsource.org/update-center.properties (no proxy)
2017.03.16 13:10:09 INFO  web[][org.sonar.INFO] Security realm: LDAP
2017.03.16 13:10:09 INFO  web[][o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=DC=company,DC=com, request=(&(objectClass=inetOrgPerson)(uid={0})), realNameAttribute=cn, emailAttribut
e=mail}
2017.03.16 13:10:09 INFO  web[][o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=OU=Groups,OU=comapny,Dc=company,DC=com, idAttribute=cn, requiredUserAttributes=[uid], request=(&(objectC
lass=posixGroup)(memberUid={0}))}
2017.03.16 13:10:09 INFO  web[][o.s.p.l.LdapContextFactory] Test LDAP connection: FAIL
2017.03.16 13:10:09 INFO  web[][o.s.s.p.d.EmbeddedDatabase] Embedded database stopped
2017.03.16 13:10:09 ERROR web[][o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.web.PlatformServletContextListener
org.sonar.plugins.ldap.LdapException: Unable to open LDAP connection
        at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:206)
        at org.sonar.plugins.ldap.LdapRealm.init(LdapRealm.java:63)
        at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:84)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110)​

1 个答案:

答案 0 :(得分:1)

你的绑定失败了。您需要使用外部LDAP工具(如Apache Directory Studio工具或Softerra的LDAP浏览器)进行测试。

从服务器到LDAP服务器可能是防火墙问题。可能是密码不正确。看起来您的Sonar服务器能够与LDAP服务器(看起来像Active Directory)通信,因为您在搜索之前收到有关需要绑定的AD样式错误消息。

如果你可以在绑定失败时得到错误,它将返回一个错误代码49,其中包含一个感兴趣的子代码。 525,52e,777或类似的,指的是Active Directory不允许您连接的不同原因。

注意:您的密码为“无”,如果您试图隐藏密码或实际的文字密码,则很难判断。