This is an archived version of the documentation for SonarQube version 7.3.
See Documentation for current functionality
- Anonymous Used when only read-only access to non-protected entries and attributes is needed when binding to the LDAP server.
- Simple Simple authentication is not recommended for production deployments not using the ldaps secure protocol since it sends a cleartext password over the network.
- CRAM-MD5 The Challenge-Response Authentication Method (CRAM) based on the HMAC-MD5 MAC algorithm (RFC 2195).
- DIGEST-MD5 This is an improvement on the CRAM-MD5 authentication method (RFC 2831).
- GSSAPI GSS-API is Generic Security Service API (RFC 2744). One of the most popular security services available for GSS-API is the Kerberos v5, used in Microsoft's Windows 2000 platform.
To configure multiple servers:
Authentication will be tried on each server, in the order they are listed in the configurations, until one succeeds. User/Group mapping will be performed against the first server on which the user is found.
Note that all the LDAP servers must be available while (re)starting the SonarQube server.
Detailed connection logs (and potential error codes received from LDAP server) are printed within SonarQube logs, in DEBUG mode.
Time out when running SonarQube analysis using LDAP
Java parameters are documented here: http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html . Such parameters can be set in sonar.web.javaAdditionalOpts (sonar.properties).