Wir versuchen, LDAP Plugin 2.0 mit SonarQube 6.0 zu konfigurieren und Probleme mit der Authentifizierung zu bekommen. Hier sind die Einträge in sonar.propertiessonarqube 6.0 ldap plugin 2.0 kann keine Details für externe Benutzer abrufen
# LDAP configuration
# General Configuration
sonar.security.realm=LDAP
sonar.security.savePassword=false
ldap.url=ldap://my-ldap:3268/
ldap.baseDn=cn=user,dc=is-bg,dc=net
ldap.bindPassword=my-pass
# User Configuration
ldap.user.baseDn=cn=user,dc=is-bg,dc=net
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
Datei Wenn Server startet Protokolldatei gut aussieht (hier ein paar Zeilen - nicht alle Protokollebene ist DEBUG)
2016.10.10 14:02:52 INFO web[o.s.s.p.ServerPluginRepository] Deploy plugin LDAP/2.0/2910f3981167a70a201ccfae01471dfd26c794b7
2016.10.10 14:02:52 INFO web[o.s.s.p.ServerPluginRepository] Deploy plugin SVN/1.3/aff503d48bc77b07c2b62abf93249d0a20bd355c
2016.10.10 14:02:52 DEBUG web[o.s.c.p.PluginLoader] API compatibility mode is enabled on plugin C# [csharp] (built with API lower than 5.2)
2016.10.10 14:02:52 DEBUG web[o.s.c.p.PluginLoader] API compatibility mode is enabled on plugin Git [scmgit] (built with API lower than 5.2)
2016.10.10 14:02:53 DEBUG web[o.s.c.p.PluginLoader] API compatibility mode is enabled on plugin SVN [scmsvn] (built with API lower than 5.2)
2016.10.10 14:02:53 INFO web[o.s.d.c.MysqlCharsetHandler] Verify that database collation is case-sensitive
2016.10.10 14:02:53 INFO web[o.s.s.p.RailsAppsDeployer] Deploying Ruby on Rails applications
2016.10.10 14:02:53 INFO web[o.s.s.p.RailsAppsDeployer] Deploying app: ldap
2016.10.10 14:02:53 DEBUG web[o.s.c.i.DefaultI18n] Loaded 2384 properties from l10n bundles
2016.10.10 14:02:53 DEBUG web[o.s.s.s.ServerMetadataPersister] Persisting server metadata
2016.10.10 14:02:54 INFO web[o.s.s.p.UpdateCenterClient] Update center: http://update.sonarsource.org/update-center.properties (no proxy)
2016.10.10 14:02:54 DEBUG web[o.s.a.r.Languages] Available languages:
2016.10.10 14:02:54 DEBUG web[o.s.a.r.Languages] * C# => "cs"
2016.10.10 14:02:54 DEBUG web[o.s.a.r.Languages] * Java => "java"
2016.10.10 14:02:54 DEBUG web[o.s.a.r.Languages] * JavaScript => "js"
2016.10.10 14:02:54 INFO web[org.sonar.INFO] Security realm: LDAP
2016.10.10 14:02:54 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=cn=USER,dc=domain,dc=net, request=(&(objectClass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2016.10.10 14:02:54 INFO web[o.s.p.l.LdapSettingsManager] Groups will not be synchronized, because property 'ldap.group.baseDn' is empty.
2016.10.10 14:02:54 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://my-ldap:3268/, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.referral=follow}
2016.10.10 14:02:54 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection on ldap://my-ldap:3268/: OK
2016.10.10 14:02:54 INFO web[org.sonar.INFO] Security realm started
Wenn ich versuche, mit zu authentifizieren einige Benutzer von LDAP bekomme ich diesen Fehler:
2016.10.10 14:03:12 INFO ce[o.s.ce.app.CeServer] Compute Engine is up
2016.10.10 14:03:12 INFO app[o.s.p.m.Monitor] Process[ce] is up
2016.10.10 14:06:16 DEBUG web[o.s.p.l.LdapUsersProvider] Requesting details for user MY-USER
2016.10.10 14:06:16 DEBUG web[o.s.p.l.LdapSearch] Search: LdapSearch{baseDn=cn=USER,dc=domain,dc=net, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[MY-USER], attributes=[mail, cn]}
2016.10.10 14:06:16 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://my-ldap:3268/, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.referral=follow}
2016.10.10 14:06:16 DEBUG web[o.s.p.l.LdapUsersProvider] [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090752, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 ]
javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090752, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 ]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source) ~[na:1.8.0_91]
at javax.naming.directory.InitialDirContext.search(Unknown Source) ~[na:1.8.0_91]
at org.sonar.plugins.ldap.LdapSearch.find(LdapSearch.java:130) ~[na:na]
at org.sonar.plugins.ldap.LdapSearch.findUnique(LdapSearch.java:143) ~[na:na]
at org.sonar.plugins.ldap.LdapUsersProvider.doGetUserDetails(LdapUsersProvider.java:77) ~[na:na]
at org.sonar.api.security.ExternalUsersProvider.doGetUserDetails(ExternalUsersProvider.java:54) [sonar-plugin-api-6.0.jar:na]
at org.sonar.server.authentication.RealmAuthenticator.doAuthenticate(RealmAuthenticator.java:89) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.RealmAuthenticator.authenticate(RealmAuthenticator.java:83) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.CredentialsAuthenticator.authenticate(CredentialsAuthenticator.java:56) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.CredentialsAuthenticator.authenticate(CredentialsAuthenticator.java:45) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.ws.LoginAction.authenticate(LoginAction.java:91) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.ws.LoginAction.doFilter(LoginAction.java:76) [sonar-server-6.0.jar:na]
at org.sonar.server.platform.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:125) [sonar-server-6.0.jar:na]
at org.sonar.server.platform.MasterServletFilter.doFilter(MasterServletFilter.java:94) [sonar-server-6.0.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:56) [sonar-server-6.0.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.sonar.server.platform.RoutesFilter.doFilter(RoutesFilter.java:55) [sonar-server-6.0.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.sonar.server.platform.ProfilingFilter.doFilter(ProfilingFilter.java:84) [sonar-server-6.0.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [tomcat-embed-core-8.0.32.jar:8.0.32]
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:191) [logback-access-1.1.3.jar:na]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.8.0_91]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.lang.Thread.run(Unknown Source) [na:1.8.0_91]
2016.10.10 14:06:16 DEBUG web[o.s.p.l.LdapUsersProvider] User MY-USER not found in <default>
2016.10.10 14:06:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication
org.sonar.api.utils.SonarException: Unable to retrieve details for user MY-USER in <default>
at org.sonar.plugins.ldap.LdapUsersProvider.doGetUserDetails(LdapUsersProvider.java:81) ~[na:na]
at org.sonar.api.security.ExternalUsersProvider.doGetUserDetails(ExternalUsersProvider.java:54) ~[sonar-plugin-api-6.0.jar:na]
at org.sonar.server.authentication.RealmAuthenticator.doAuthenticate(RealmAuthenticator.java:89) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.RealmAuthenticator.authenticate(RealmAuthenticator.java:83) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.CredentialsAuthenticator.authenticate(CredentialsAuthenticator.java:56) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.CredentialsAuthenticator.authenticate(CredentialsAuthenticator.java:45) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.ws.LoginAction.authenticate(LoginAction.java:91) [sonar-server-6.0.jar:na]
at org.sonar.server.authentication.ws.LoginAction.doFilter(LoginAction.java:76) [sonar-server-6.0.jar:na]
at org.sonar.server.platform.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:125) [sonar-server-6.0.jar:na]
at org.sonar.server.platform.MasterServletFilter.doFilter(MasterServletFilter.java:94) [sonar-server-6.0.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:56) [sonar-server-6.0.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.sonar.server.platform.RoutesFilter.doFilter(RoutesFilter.java:55) [sonar-server-6.0.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.sonar.server.platform.ProfilingFilter.doFilter(ProfilingFilter.java:84) [sonar-server-6.0.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [tomcat-embed-core-8.0.32.jar:8.0.32]
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:191) [logback-access-1.1.3.jar:na]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.8.0_91]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.lang.Thread.run(Unknown Source) [na:1.8.0_91]
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090752, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 ]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source) ~[na:1.8.0_91]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source) ~[na:1.8.0_91]
at javax.naming.directory.InitialDirContext.search(Unknown Source) ~[na:1.8.0_91]
at org.sonar.plugins.ldap.LdapSearch.find(LdapSearch.java:130) ~[na:na]
at org.sonar.plugins.ldap.LdapSearch.findUnique(LdapSearch.java:143) ~[na:na]
at org.sonar.plugins.ldap.LdapUsersProvider.doGetUserDetails(LdapUsersProvider.java:77) ~[na:na]
... 35 common frames omitted
Ich kann dieses Problem nicht lösen.